Well, that seems to be the appropriate time for a pro-active steps. Reminds me of a co-worker responding to my suggestion of some coding books: “Oh, I never like to read anything until I need to know it.” AFAIK, he’s still doing Crystal Reports.
The sea-lion is not the person who has posted in 10 different threads in the past 3 hours. The sea-lion is the person has posted in only 1 thread in the last 6 months.
Um, you may need to read this: http://wondermark.com/1k62/
It may (or may not) be a bit too late then. The firmware upgrades may make it difficult by then. Remember that the rooting methods are usually based on some local exploit. If I remember correctly, at least one of the iPhone jailbreaks leverages a baseband processor’s vulnerability (which, coincidentally, is a rife and virtually unauditable landscape for network-based exploits that I have few doubts various secret services are actively using against the highest-value targets, based on a tearoom conversation with my local specialist, and the jailbreak in question works only because of insufficient separation between the baseband processor and the main one, here for the famous Apple “security”).
What I keep proposing and you apparently do not understand that well is that I do not insist on Apple not doing so, but on providing an alternative by design; if things go my way, nothing changes for you - UNTIL you change opinion, then you won’t run into a wall.
And what I keep not understanding is why asking for (or, on the side of the vendor, providing) this option is not a good thing.
I am pragmatic as well, hence I want to hedge towards the unexpected. All I have that can be rooted is rooted (or cheap secondhand where the price was too low or even free to offset the concern), but even only having rootable things would satisfy this. Opting for a nonrootable thing, especially in the case of so important comm device as a phone is, would be a bad move from the unpredictable-future angle of view.
I am writing occasional articles for local semi-obscure magazines about these problematics. Usually I talk with an echo chamber that does not disagree with me. A worthy-seeming opponent who seems to know at least a bit about the problematics and is not just a blind fruit-worshipping fanboy is a rare thing to find. Annoying I was, yes, because I need the information for my work/writing and the time is running out for this thread.
The best time to get armed to the teeth is the peacetime. You have all the time and all the choices. Double so it is true for electronic warfare (and the corresponding ELINT/SIGINT fields), under which the cellphones fall.
Edit: Another thing that’d be important for secure-able phones is a JTAG (or JTAG-like) interface for reading the onboard flash without having to boot the phone and go through the (rootkitable) kernel. Any sort of malware then could be detectable from the ROM images. The mere threat of this option (image the phone before traveling through hostile area, whether USA or China, image after return, compare images) could dampen the spooks’ appetite for permanent exploits. Runtime images of RAM need even more forensics skills, but would catch even nonpersistent malware, injected e.g. through the baseband-processor vulnerability at the time the phone is online (which may have to be done every time after a phone’s reboot, as such exploit would be by design not written to flash and unavailable for offline forensics, but that is doable if the local cellular provider is cooperating, and even an occasional access can be enough when the objective is pilfering the contact list and stored messages and call logs).
This topic was automatically closed after 5 days. New replies are no longer allowed.
