**** BEGIN LOGGING AT Mon Oct 09 03:00:00 2017 Oct 09 04:45:29 vitaminPaani: 1. yes, mostly used; 2. no, but there's a leaked sources baseband firmware, "freecalypso"; 3. nearly impossible Oct 09 04:45:40 vitaminPaani: I suggest you check the neo900 project Oct 09 04:46:18 hi PaulFertser Oct 09 04:46:47 PaulFertser: so just for the open source baseband adapter, I will need to pay $700 for neo900 or librem purism? Oct 09 04:46:51 this is bullshit Oct 09 04:47:16 vitaminPaani: is librem providing open source baseband? Oct 09 04:47:32 I think so Oct 09 04:47:36 I doubt so Oct 09 04:47:41 Android fans have ruined everything Oct 09 04:47:59 Or use freecalypso illegal fw on gta02. Oct 09 04:48:14 so openmoko phones can be remotely turned on? eg. famous FBI backdoor Oct 09 04:48:19 via baseband as im told Oct 09 04:48:40 gta02 boards are out of stock for long time and wont come back im guessing Oct 09 04:48:42 Check the schematics, calypso has no control over the PMU, so no. Oct 09 04:48:48 You can buy used gta02 Oct 09 04:49:21 I wanted to get many Oct 09 04:49:50 You might get some boards from gta04 guys I think. Oct 09 04:50:42 is it possible to just make a DIY phone with the phone parts, and put together the rest? Oct 09 04:50:57 phone parts, baseband adapter, modem or wahtever they are in order to have a secure phone Oct 09 04:50:59 But you say you need open source baseband... Oct 09 04:51:01 dont care about the size... Oct 09 04:51:45 freecalypso on gta02, but if gta02 is unavailable, can the board be remade in a DIY way ? Oct 09 04:51:58 eg. not spending 100's of thousands or millions for the pcb development Oct 09 04:52:19 There was gta02-core project. But the hardest problem is sourcing the components, not manufacturing itself. Oct 09 04:53:13 hmmm if gsm/cdma is out of the question, can you use a sim card and a phone w/o modem or break the modem and just be secure via wifi? eg. openvpn or soemthing Oct 09 04:53:35 You do not need a simcard then :) Oct 09 04:53:50 need sim card so I can have wifi access wherever I go Oct 09 04:53:58 But, wifi, hm. Have you read about the broadcom fullmac firmware vulns yet? Oct 09 04:54:00 i mean net access* Oct 09 04:54:08 lol no Oct 09 04:54:31 all wifi chipsets are backdoored im guessing Oct 09 04:54:47 broadcom has known to be an asshole Oct 09 04:54:59 vitaminPaani: https://googleprojectzero.blogspot.nl/2017/09/over-air-vol-2-pt-1-exploiting-wi-fi.html Oct 09 04:55:32 sheesh Oct 09 04:55:41 vitaminPaani: wifi can't use any simcard anyway. Oct 09 04:56:25 hmmm Oct 09 04:56:26 vitaminPaani: it's either you really need the connectivity "everywhere" and thus find a way to deal with gsm/umts/lte or you structure your activities in a way that doesn't require it... Oct 09 04:56:42 structure in way, meaning like meshnet? Oct 09 04:57:20 vitaminPaani: if you really care, I suggest using Qubes OS on laptop + USB UMTS/LTE modem. That would be close to reasonable, verifiable and controllable security measures. Oct 09 04:57:44 vitaminPaani: no, I mean rethinking your activities so they do not depend on cell network operators. Oct 09 04:58:42 usb lte modem with sim card? Oct 09 04:58:46 Yes Oct 09 04:59:06 But with Qubes OS you can sufficiently isolate it from the rest of the system. Oct 09 04:59:30 hmmmmmmmm so a rpi with qubes os with usb modem would be the DIY portable version im guessing? Oct 09 04:59:42 You clearly haven't read about Qubes OS yes ;) Oct 09 05:00:15 damn its got snowden recommneding it lol, to me thats a flag Oct 09 05:00:24 A flag of what? Oct 09 05:00:27 the matrix has no heroes Oct 09 05:00:33 honeypot or something Oct 09 05:00:44 to think people are fighting for you Oct 09 05:00:55 Just get more familiar with the devs. They're real security researches, lots of work published. Oct 09 05:01:03 Check commit log. Etc. Oct 09 05:02:25 vitaminPaani: snowden also recommends GPG and strong TLS, so are you ignoring https websites now? ; Oct 09 05:02:28 ) Oct 09 05:02:58 I dont ignore them, but I think its all brroken Oct 09 05:03:25 so qubes...im not familiar with XEN and all that stuff Oct 09 05:03:40 but im guessing it a VM? meaning it runs on top of whatever OS you want Oct 09 05:03:51 I mentioned rpi re: portable Oct 09 05:04:01 vs laptop (bigger) Oct 09 05:04:30 did you see taht psyop with openbsd and FBI Oct 09 05:06:21 linux community let openmoko die... Oct 09 05:06:25 vitaminPaani: rpi cpu doesn't support facilities that Qubes relies on to provide isolation. Oct 09 05:06:25 cant believe this shit Oct 09 05:06:36 vitaminPaani: what psyop, no? Oct 09 05:06:46 not die but how Android is supported...openmoko should have gotten it Oct 09 05:07:03 its just that Google uses open source and abuses it and spends money on marketing to make it seem they give a shit Oct 09 05:07:05 vitaminPaani: duh, those that need cell networks are happy enough with android and other shit. Oct 09 05:11:15 vitaminPaani: btw, interesting to note that despite all the research regarding firmwares, there's lots of signs that they're very low quality code, and zero signs of explicit backdoors. Oct 09 05:15:22 its all controlled Oct 09 05:15:57 Google sealed the deal with getting people not to demand open hardware Oct 09 05:16:01 via marketing Oct 09 05:16:39 I do not think it works like that. Oct 09 05:16:59 The hardware is sufficiently open for research. Oct 09 05:19:34 im not a one man army Oct 09 05:19:35 lol Oct 09 05:21:46 sneakernet like johnny nemoninc i guess Oct 09 05:37:58 vitaminPaani: you can get a smartphone where you can physically cut the power to avoid tracking. Oct 09 05:38:17 its not about tracking Oct 09 05:38:23 its about remotely being turne don Oct 09 05:39:16 vitaminPaani: and that too, as no power -> no chance to be turned on anyhow. Anyway, if you're into real security and not conspiracy theories, start with preparing a detailed sophisticated enough threat model. Then use it to evaluate the possible solutions. Oct 09 05:39:16 i bet sneakernets will take off Oct 09 05:40:14 its not conspiracy theory, its called not being fooled Oct 09 05:40:23 and naive Oct 09 05:40:49 However you call it. A phone can't work without a battery. Oct 09 05:41:24 true Oct 09 05:42:01 but need battery on Oct 09 05:42:04 to get calls Oct 09 05:42:10 but thats how they got the mafia dude Oct 09 05:42:13 turned his mic on Oct 09 05:42:25 https://www.cnet.com/g00/news/fbi-taps-cell-phone-mic-as-eavesdropping-tool/?i10c.encReferrer=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8%3D Oct 09 05:42:45 So do not count on getting calls, do not plug in the battery until you really need to make a call yourself. Oct 09 05:45:23 You won't be carrying a gun in the open where it's prohibited, right, so you make a policy for yourself to avoid that. Same can be done regarding IT security, i.e. establish good reliable policies when technical measures alone are not trustworthy enough. Oct 09 05:45:40 But you need a threat model first regardless. Oct 09 05:46:18 hmm true Oct 09 05:47:46 PaulFertser: thanks for talking to me Oct 09 05:52:38 vitaminPaani: good luck man Oct 09 05:53:03 thanks Oct 09 05:53:11 PaulFertser: have you seen the movies SNEAKERS and JOHNNY NMUMONIC?> Oct 09 05:57:13 vitaminPaani: probably yes for the latter, but I can't really remember. Guess I should watch then when I get bored. Oct 09 05:58:23 do you remeber cray computer Oct 09 05:58:26 vitaminPaani: have you seen Wag the Dog? ;) At least it has Knopfler's tunes in it. Oct 09 05:58:26 computers Oct 09 05:58:40 yes, i have seen wag the dog, and i believe they do they every month Oct 09 06:02:34 im going to go watch tv Oct 09 06:02:37 and get programmed Oct 09 06:02:39 goodnight Oct 09 23:24:41 PaulFertser: sup **** ENDING LOGGING AT Tue Oct 10 03:00:00 2017