From mboxrd@z Thu Jan  1 00:00:00 1970
From: Leo Famulari <leo@famulari.name>
Subject: Re: GuixSD on librem phone?
Date: Thu, 6 Dec 2018 16:13:51 -0500
Message-ID: <20181206211351.GB909@jasmine.lan>
References: <d6a15acde9abdaceb66756b6d83c5676@riseup.net>
	<87ftvahip5.fsf@ponder.i-did-not-set--mail-host-address--so-tickle-me>
	<87d0qehhrl.fsf@ponder.i-did-not-set--mail-host-address--so-tickle-me>
	<87d0qek79l.fsf@roquette.mug.biscuolo.net>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
	protocol="application/pgp-signature"; boundary="IrhDeMKUP4DT/M7F"
Return-path: <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:53745)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <leo@famulari.name>) id 1gV0y8-000398-Dw
	for guix-devel@gnu.org; Thu, 06 Dec 2018 16:14:01 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <leo@famulari.name>) id 1gV0y4-0007yg-C5
	for guix-devel@gnu.org; Thu, 06 Dec 2018 16:14:00 -0500
Received: from out1-smtp.messagingengine.com ([66.111.4.25]:33681)
	by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
	(Exim 4.71) (envelope-from <leo@famulari.name>) id 1gV0y4-0007xR-37
	for guix-devel@gnu.org; Thu, 06 Dec 2018 16:13:56 -0500
Content-Disposition: inline
In-Reply-To: <87d0qek79l.fsf@roquette.mug.biscuolo.net>
List-Id: "Development of GNU Guix and the GNU System distribution."
	<guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-devel/>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
Sender: "Guix-devel" <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
To: Giovanni Biscuolo <g@xelera.eu>
Cc: Vagrant Cascadian <vagrant@debian.org>, guix-devel <guix-devel@gnu.org>


--IrhDeMKUP4DT/M7F
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

On Thu, Dec 06, 2018 at 04:24:38PM +0100, Giovanni Biscuolo wrote:
> callular (baseband) merits a dedicated chapter, since it seems
> practically impossible *forever* to trust that chips... and that chips
> are an important attack vector (Purism will use USB bus to separate
> baseband from CPU)

I agree, the situation is depressing...

> this also means we will _never_ be able to trust communications via
> baseband (2G, 3G... 5G), fortunately this can be fixed using a trusted
> _separated_ SoC and the very good work coming from the vast and smart
> FLOSS community [2] :-)

... but we can trust communications over cellular baseband. Already, we
have built many trustable communication systems over untrusted mediums
like the internet. This is the role of things like TLS, the Signal
double-ratchet, and PGP.

--IrhDeMKUP4DT/M7F
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAlwJkQ8ACgkQJkb6MLrK
fwj6qRAArcdF1kYbHlZWMYnH252S22h21QvYn75eIoTzubFjMOiiNCefFLCe50qK
yZZbBiF0blkR993t3KCYGHntLSPGRdchr5sfA/xTXforHD9G9frrYzs/QzbgTO8k
3OEBuS+sTAjNZB7WZRsISu8b7kGR9jgTcAPSHrsLkDolVQp0uRqq9phWiroEGpKU
bkxstl++Ey02Ktw6fFdMLrojfVg4duvYiimQOnUijV9yW9c2jj1pP6J6guaTfAbQ
QXgkrCuhP9kDVkH2VMeQ1srUyj/vAgdF6tSXn3QNfQu6/tki6HIcgqoRaQ6Mp2ql
3VUsDlHncpB/lusiXThXw8V3OKFqhA/YKUhenH8EQTY9wOmLSfF+q5leUinbp0BZ
nhw/y4RyWsSsmbOZWppfzZ6KE53JkE+HlPw5ST7qV9idMgdL87T/wvYk/1/b2/lh
IMytdyNjolJRZ7nOVlWhc/wHe4a+7Oxw6CQpNFw+jY5wAgdEHY4eHEesvOQChidr
pVDvR1KQGzfzsRhXhlxCN2AVtho1v0AgeGt/4JD3wDBJrKjSkLuMY8Ni712r7jn3
9fjZ4pLJ9fDrqDXuq42YeG5IxFya9sfR4hKAcqeabVMkAWD755ByqpW4QB4NXCEm
ypo1F6WXK1wqlHNabAx2/9tWb2gguVj6a6M0WB24EoGKZ5qW0hs=
=smO3
-----END PGP SIGNATURE-----

--IrhDeMKUP4DT/M7F--