The Second Operating System Hiding In Every Mobile Phone

Jah-Wren Ryel writes "Every smartphone or other device with mobile communications capability (e.g. 3G or LTE) actually runs not one, but two operating systems. Aside from the operating system that we as end-users see (Android, iOS, PalmOS), it also runs a small operating system that manages everything related to radio. So, we have a complete operating system, running on an ARM processor, without any exploit mitigation (or only very little of it), which automatically trusts every instruction, piece of code, or data it receives from the base station you're connected to. What could possibly go wrong?"

Firmware

In the real world, this is called Firmware.

Re:Firmware

[emj]

Yeah kind of makes all of those hand waving sci-fi hacking tools look plausible.

A secure computer is a computer without power, network and Qualcomm baseband chips.

Conspiracy

[BreakBad]

Every thinks a virus will cause the Zombie Apocalypse, when in truth it will be a broadcast of "Never gonna let you down" on infinite loop. Rick is Chinese...didn't you know? The same people who make these 'Cell' phones. Cell.....terrorist cells! OMG it all makes sense now.

All the other OS, too.

[DrYak]

The situation isn't that much different as a desktop user connecting to the internet over a xDSL/Cable/whatever modem without first overwriting its firmware with a secure one (at least, with a modem, the user is the one uploading the firmware, and as most are Linux based, its easy to have a more or less secure firmware. Unlike the GSM/GPRS/LTE chip which is handled by the service provider, thought there exist ISP-remote-administered modems).

And with TFA's phone example, there's the OS running inside all the verious relay (different machine inside the cell tower, router, service provider's main router/server, tons of other routers along the optical fiber road [including a few NSA listening stations, the moment this road crosses the north American continent], a group of mail server receiving, storing and retrieving mail, then again a long chain of server and router [and another NSA listening station and/or FSB's or MSS's or ONYX's or ...] up to the recipient's servire provider, the the users' home routeur [with the xDSL and the Wifi firmware as additional steps inside, not necessarily opensource, although some chip makers are helping a lot], and finally the recipient's tablet [+/- an additional closed firmware on that chip too).

All this step could corrupt (unintentionally) or tamper (on purprose) or listen [hello NSA], on anything that is sent it the clear.

Sending things on the internet is as secure as sending a post card, especially back when much more of the processing was handled manually. Except that the current equivalent of my exemple's post-offices employee are much less moral. And except that the post office happens to have a weirdguy who's obessive-compulsive about xeroxing every single post-card he handle and store it into a binder "just in case he needs to embarass publicly someone in the future, and also to unmask communist conspiracies" whose name is either Ned S. Andale, or Feodor Stefanov Bakunine. Also except that there are at least 3 such guys in 99 out of 100 post offices.

Again the only way to trust your data is to practice end-to-end encryption. Encrypt it on you phone before sending it away. Decrypt then only on the receiving tablet.

An untrusted phone firmware is nothing new, and isn't much different than the trust into the OS running into another server along the transmission chain.
With one small difference: when you remove the battery of a phone everything is shut off your android running on your big octa-core big.little ARM CPU, but also the proprietary real-time system running inside the small ARM core inside the radio chip (that in practice functions as if owned by the phone company whose SIM is inserted).
Whereas, you can't just walk out and pull the cable of the NSA/FSB/whatever listening station in the middle of somewhere in the USA.

Re:All the other OS, too.

[georgeb]

I think you misread what the author is saying. The problem is not the fact that communications originating from your phone are potentially insecure (the situation you're trying to compare with the DSL modem and the myriad routers). The problem is that, the author alleges, the smartphones are primarily controlled by the baseband processor firmware; according to the author this piece of code is the governor of everything that happens on your phone. That means, with the appropriate base station changes, anyone can access your phone while sitting in your pocket, can activate the cam, the microphone, can access the contents of it's memory card, etc.

I do not fully trust the author because as far as I understand the baseband processor is supposed to control only the radio and nothing else. That means wifi, gsm and bluetooth. I don't understand why the baseband would have to deal with anything else, and why it would be the master processor and not just a blackbox "device" that the main OS sees and communicates with, in a properly isolated fashion. But then again I'm not knowledgeable enough to be certain about any of this.

If the article is correct then this is one of the scariest things I've read in a long time.

Re:All the other OS, too.

That means, with the appropriate base station changes, anyone can access your phone while sitting in your pocket

My pockets are not large enough for anybody to sit in there. Not much of a danger here.

can activate the cam

That's a good idea. That way he'll see where I'm carrying him in my pocket.

Re:All the other OS, too.

[YoopDaDum]

I believe the article has some gross exaggerations, and I'm in the baseband business. Of course I can't speak for all implementations, so this is my opinion only.

When the baseband is in a separate die, connected with some interface like SDIO for QCOM, HSI, USB HSIC, ... there is no way that the baseband will control any host resources (unless it can exploit a bug in the host software of course). When the baseband is in the same die as the application processor (AP) and its resources, it becomes at least possible in theory for the BB to access AP resources. But think about it: why do we have process memory isolation and MMUs in the first place? And a kernel sitting between hardware and user space? For security and fault isolation. Do you really want to be the poor engineer having to debug a complex system on chip (SoC) where a bug in the BB part can create weird bugs in completely unrelated parts of the system handled by different teams? That looks like a recipe for disaster. In the systems I work on you have hardware isolation between subsystems to prevent just this. And then a compromised BB can't do a lot of damage (same as for a separate die BB).

I believe the article is a bit sensationalistic and miss the real danger: a compromised base station. That's what the source articles quoted talk about. If you can compromise a cell you can spy traffic without any attack on the UE (encryption is only between device and cell). A fake cell is an issue with 2G but since then authentication is mutual: in LTE a device do authenticate the cell too, and won't work with a fake one. But that doesn't protect against a compromised cell. This is a risk with small and femto cells mostly, as macro cells are easier to protect. The only interest as see in compromising the BB is to use it as a vector to attack the host processor (which has been done), where you have access to much more interesting stuff. This requires a security exploit on the host side too. On its own the BB isn't really very interesting as an attack target.

While I'm at it, there are others not very serious claims here. The fact that one can redirect calls to voice mail with an AT command has nothing to do with baseband security. An baseband support a control interface, and even usually two: 1) a modern but proprietary interface and 2) the standard but old fashioned AT interface. You can do a lot with these commands, no need to compromise the BB. But normally such access is limited to trusted applications, so if anyone can access this it's a host security issue, not a baseband issue.
The baseband doesn't contain one RTOS but usually several instances. There's at least one RISC core (typically ARM), possibly more. At least one DSP, possibly more. With likely more than one OS: having an instance running linux is common, with other(s) on RTOS or even bare bone schedulers (depending on the complexity of the task at hand and timing constraints). That can vary a lot depending on each BB design, but as a rule of thumb for a modern LTE capable BB expect two RISC cores and two DSPs (YMMV).
The mutual authentication I've talked about already. Here the practical issue is that when the next gen is out there's not much interest in doing big upgrades to previous generations. So the lack of network authentication in 2G will stay with us until 2G is phased out, which is still a few years away in most places (big Japan networks have already killed 2G however).

Exploits for baseband processors

[benjfowler]

Baseband hacking article: "Baseband Hacking: A New Frontier for Smartphone Break-Ins"

http://readwrite.com/2011/01/18/baseband_hacking_a_new_frontier_for_smartphone_break_ins#awesm=~on54yB5zHMVt93

Apparently, the firmware in baseband processors don't get updated a lot because of certification requirements, vendor laziness, etc, and certain well-funded attackers have swags of exploits for phones that can crack phones from over-the-air through the baseband processor itself.

Everything has software

[saider]

By this logic, even your computer has multiple operating systems. The chipset on your motherboard is not pure hardware - there are small cores in there running embedded software that you never see. I am not talking about BIOS, which is another type of firmware, that is visible to the user.

EVERYTHING these days has software. Shipping a software patch is cheaper than a recall. This goes back to the old joke - the mechanical engineer thinks it is an electrical problem, the electrical engineer thinks it is a mechanical problem, but they both agree that it should be fixed in software.

This story reminds me of the Simpsons episode where Kent Brockman breaks a story about the government training people to kill on an industrial scale. "They call it the 'Army', but I have a better name - Killbot Factory".

Doesn't match the architecture.

[DrYak]

I do not fully trust the author because as far as I understand the baseband processor is supposed to control only the radio and nothing else. That means wifi, gsm and bluetooth.

Usually, wifi is handled by another chip, with its own different firmware. This might have started changing now with more consolidation sought by system integrators.
Frequently GPS is also handled by the radio sub-system.
(That's why you have feature phone with GSM + Bluetooth but no Wifi, that's also why Wifi only tablets also lack GPS [early iPads, for exemple]. )
In some rare occurrences, this chip can also communicate with SD cards (it has a SPI interconnect).
(That's very frequent in USB 3G/4G modems. It's basically a standard radio chip, with the bluetooth and GPS function turned off and packaged inside an USB stick, with a SD card reader as a bonus. But instead of talking to a main system ARM runing Android, it talks over an USB chip to a whole computer/laptop running Linux or Windows. Note that recent exploit mentioned on /. found way around the firmware limitation, and forcefully turned the Bluetooth on, creating a possible extra entry point and thus extending the attack surface)

I don't understand why the baseband would have to deal with anything else, and why it would be the master processor and not just a blackbox "device" that the main OS sees and communicates with, in a properly isolated fashion.

Yup. For all the designs I've seen (and some smart phones have 100% fully open designs, such as the various OpenMoko boards), the radio chip is just a blackbox device talking over some limited channel to the main SoC (in OpenMoko GTA02/03 it's something imitating a serial interface. There's not much difference between an old PC talking to an anolog modem over serial and a openmoko talking to the radio chip).

Then usually the main SoC talks to the other peripherals: RAM is directly soldered to the CPU in a Package-over-Package fashion, so it's completely innaccessible. Camera, sound chip, memory card, charger controller are also connected to the SoC on other channels (SPI, I2C, etc.)

But then again I'm not knowledgeable enough to be certain about any of this.

When thinking hard there would be a few broken design were this could happen.
Note that such designs are to be considered broken. Having so little isolation toward the chip that is constantly talking to the outside and downloading updates is a serious security and stability issue.

And stability *IS* an issue: I've had problems with old phone (not supported anymore by constructor) having bad updates on their modem and having problems.
(Once I need to call my service provider and then, after a long debuging session and several tentative upgrade [over the air], I ended-up changing SIM).

Possible such bat design:

- Fully integrated chips: where one single chip is repsonsible for everything on the phone.
That's the situation with QualComm's Snapdragon. Okay, the phone maker will spare an extra chip and room on the PCB.
But that's pure nightmare fuel regarding security and stability.
(When a HP Pre 3's modem crashes, the whole phone freezes and crashes. There are entire forum threads about this).

- Everything on the same bus: several common interconnect in smartphone (like SPI) can talk to several chips on the same bus.
If the SoC (of course), the Camera, audio codec AND the radio are all on the same bus, the radio chip could pull some shit and disturb the bus (to act as if it was a master and turn on the camera, then listen on the bus to eavesdrop audio and video packet which where destined to the main SoC).
That's an awful design, both from a security point of view (the modem should be considered untrusted) and quality (a crashed radio could crash other component, also they have all to share the very limited bandwith on the bus: SPI has only 100Mbit/s, for instance).
The modem should b

Re:Old silent SIM firmware

[YoopDaDum]

No. The SIM is powered from the baseband, and when the baseband is off the SIM has no power supply and can't do anything. Plus the SIM can only communicate with cell towers through the baseband, never on its own. The SIM cannot wake-up the baseband on its own, enabling the radio subsystem can only be done from the host processor. So what you described is not possible.

What is possible however is that when your device cellular radio is on and the baseband is enabled, then the SIM can directly use the baseband to communicate with the network using what is called the SIM Toolkit (STK). This can be done with or without the user being informed. The STK also many features like transforming the numbers you dialed (to seamlessly add a routing prefix, or redirect), filter calls (block or accept), get and report a location, etc. The specs are public, look for 3GPP TS 31.048 and ETSI 102.223 (using USAT and CAT instead of STK, but it's all the same under different names).