Does replicant support 3G/4G on any devices?
I have heard that the wifi requires proprietary firmware, however, I'm not aware if this same firmware is required for the 3G or 4G, or if support for that is different from support for wifi. Sorry for the dumb question. (Also, I tried posting this on the replicant forum like a week ago, hoping I'll have more luck here.)
The software is different, but it is still proprietary. So the answer to your question, sadly, is yes. Everything that runs on the phone's radio (the part that interacts with the cellular network and provides your 3G/4G connectivity and is essentially an entire second computer in your phone with its own operating system that you never see on the screen) is proprietary.
But it's worse than that: A common design shares the phone's main memory with the operating system you see on the screen and the one you don't. This design also gives it access to the microphone and GPS as well. And, cell phone carriers have the ability to remotely update this firmware. Read the contract with your carrier, buried in the fine print is probably something along the lines of: "Please be aware that we may change your wireless device's software, applications or programming remotely, without notice." What control does this give carriers? The power to push updated versions to your phone's radio - without your knowledge - that contain surveillance features to activate the microphone and report your location and to access main system memory and everything in it. You take this with you everywhere you go. Your carrier may say they'd never do this but policies can be easily changed, while the infrastructure for doing such stuff will persist for many years.
But Replicant still works on these devices, since it doesn't require anything proprietary inside Replicant itself. Just in your phone.
This feels like an area of hardware where the input/out of the networking chips should be sand boxed with only very limited functionality. Essentially, while it could ask for microphone/GPS information it should be up to the OS to determine what it does and does not send/receive. If there are some funny packets coming in the audio stream, it should at least flag as an issue to the OS.
At least then if you run a fully free phone OS it can be stopped at the source. Essentially how the finger print reader supposedly works on iPhones.
Just an idea but one that requires the hardware manufacturers to enable as it can't be solved with hardware alone.
Replicant suppports phones that are "not proven to have bad modem isolation". I don't know if that is enough to prevent some of the surveillance features jxself mentioned. BUt yes, we are always at risk when using a portable phone (for more reasons than one).
Just to be clear: in order to function, the 3G/4G does not require any _installation_ of proprietary firmware.
Unlike wifi, it will work out of the box when you install replicant.
I'm not sure, but i think this is what is normally referred to as "free userspace".
This userspace is 100% free software if you install replicant, and mobile internet will work out of the box.
What jxself says is true, however. But so far, a replicant phone is the best that we have.
A normal android smartphone is completely controlled by google and dozens of proprietary apps. You don't even have root access, can't even get rid of the bloatware.
Compared to that, a replicant phone is a huge step up.
What I don't know and would really love to, is: what is better in terms of "being remotely controllable", a smartphone or a regular old time cell-phone? Let's compare like Nokia 3310 and Samsung Galaxy S2 (two, with replicant and stock rom). Should the cell-phone be more "secure"? Or can Galaxy Replicant actually do things like "truly disable modem" or "truly cut off the micro" that would otherwise be less secure in a standard cell-phone?
Also, is there any free software that can be installed in old cell-phones?
Sorry for interfering.
Now you just made an interesting question that I'm also looking for the
answer. :D
I'm being forced to use a Nokia E5-00.2, which seems to use Symbian 9.3.
Oh my... Just now when I was so happy for losing the non-free software
on my pockets, and just now that I managed to buy a phone booth calling
card! I'm so unlucky!
Well, certainly you are less free in terms of software freedom, symbian is proprietary from Nokia and it only supports a handful of applications (most of which are proprietary anyway).
In terms of my question, I feel inclined that they are both the same, with the smarpthone being a little bit better... Depending on the internal build of each smartphone.
I remember a couple of articles about how easy the exploitation of GSM cards/networks is. So, I feel the older models (which were built back when people thought those things were secure) will be probably easy to exploit. Not only that, but the fact that several law enforcement agencies have long used phone spy to track criminals, makes it very apparent that phones are NOT secure. So, maybe the new smartphone thing has a few advantages, if the OS can indeed control the GPS and the micro, it might be able to interfere with the spy. But again it will depend on the internal build.
As for old models, maybe there are some that are hard to exploit, not on purpose by the maker but on "accident" they made it like that, but we are hardly in the know of which models to use. And even so, the fact that we can't flash the firmware running inside makes it hard to trust the device.
A good source would be Jacob Appelbaum, since he has dealt with that kind of stuff for a long time now. But in his talks usually he mentions how the spy occurs, it's rare to listen him giving solutions, I think it's because apart from the software part, we don't have many solutions.
Damn, I just want a phone that can be trusted not to be a listening device. I know they have geo-location of me, it's necessary for the phone to work, I accept that, but I want it NOT to listen to me. :(
"Damn, I just want a phone that can be trusted not to be a listening device. I know they have geo-location of me, it's necessary for the phone to work, I accept that, but I want it NOT to listen to me. :("
I think if you're not a whistleblower, your worries here are exaggerated.
There is no way for a spy agency to listen to EVERY guy with a smartphone. Just think about it, those are millions.
Maybe your voice gets checked by a machine for some sort of keywords, but even this scenario i think is unlikely.
So I think the huge number of users ensures that no human would listen to you unless your some enemy of the state.
You know, that's what they said about emails "there are millions of emails being sent everyday, no way they can read every one of them". And we now know they do.
Even if they were just recording for regular check-up... I don't like it! :(
What if a private company decides to buy recordings? The fact that it is possible to do so, is enough to worry me. It's an unjust possibility. If a person knows he might be being observed, he behaves differently. It's unjust power being exercised over me.
Maybe I'm being paranoid, but the principles apply just the same.
well said Gnuser. And you are not paranoid. +1
So, now it's time for me to shake my new old cellphone publicly and
scream "Yo-ho! Thief-Thief-Thiiief! Come get my cellphone!". :D
Let's see how far I, a not-so-experienced hacker, can hack this
cellphone (and disappoint myself with my failed attempts) or stay
looking at the non-free software on it until I get angry and trow it in
the freeway, along with the SIM card this time. :D
Or perhaps I could donate this hardware to someone more experienced, but
to do that I would have to keep the cellphone untouched, let alone pay
lots of fees to cover the transportation and government taxes, and have
to face my Big Mother (which is the one who gave me this "gift"). :D
I don't know, but i would also be interested in the answer.