Back

Vulnerabilities in chips in 37% of smartphones

142 points16 hoursblog.checkpoint.com
1cvmask14 hours ago

There are so many attack vectors now on phones ranging from the SIM Card (which has an OS as well) to all the baseband chips to the actual OS and the different app privileges (like the old SMS listening port).

What's interesting to me about the Taiwanese tech industry is their nimbleness and how MediaTek pivoted from a primarily DVD chip maker to dumb phone chip provider running on Pluto OS to now a smartphone chipmaker. Surprised the folks at Intel never tried to acquire them.

https://en.wikipedia.org/wiki/MediaTek

danachow12 hours ago

There are quite a few “Mediateks” - Intel never had any interest in them - and they willingly sold off just about every embedded asset they had. Maybe look into the history of StrongARM and xscale to start.

chasil8 hours ago

Mediatek was also strongly tied to ADUPS FOTA.

This is not an ARM environment designed for high security.

https://www.blackhat.com/docs/us-17/wednesday/us-17-Johnson-...

melony13 hours ago

They are good and reliable, but they are not cutting age. The Toyota to M1's Ferrari. There is no point for Intel to acquire them when right now what Intel needs above all is tech and manufacturing advancements.

evolvevia9 hours ago

MediaTek's latest D9000 is pretty cutting edge.

https://www.phonearena.com/news/world-first-tsmc-4nm-chipset...

Should also be more affordable than the Qualcomm equivalent.

ginko11 hours ago

I’d much prefer Toyota’s sales to Ferrari’s.

jacquesm10 hours ago

And Toyota's reliability, pricing, parts availability, practicality and comfort.

+1
mdp20212 hours ago
Tagbert7 hours ago

The analogy does not stretch that far

mschuster9112 hours ago

> what Intel needs above all is tech and manufacturing advancements.

Intel needs a reliable door into the phone industry. Currently they don't have anything to offer and people will think twice before choosing Intel chipsets if it's not sure Intel will even stay in the market. Acquiring MediaTek would bypass that.

tuatoru9 hours ago

Could Intel acquire, and then leave them alone (not mess with success)?

Calamitous7 hours ago

Theoretically. But my experience with acquisitions is that "leave them alone" never ever happens.

baybal23 hours ago

> Intel needs a reliable door into the phone industry.

Intel had 100 reliable doors in the past, and they foregone all of them.

Even today, Intel would have no problem making something well sellable.

seniorivn9 hours ago

they are most certainly capable to license arm standart cores and make an soc themselves, they made a decision that they will not do that. why would they buy someone who does not so well?

mschuster919 hours ago

> why would they buy someone who does not so well?

IIRC, MediaTek is the largest SoC vendor by volume. Hardly the definition of "doing not so well".

Yes, the MediaTek quality is ... not exactly the greatest, I agree. But that is where Intel could shine... Intel would save the money to invest in starting in a green field, and provide MediaTek with a (desperately needed) injection of quality.

asianometry8 hours ago

MediaTek is the local industry's largest fabless chip designer. I am not quite sure the Taiwanese government would allow it to be acquired.

jeppesen-io5 hours ago

Do esims mitigate or eliminate an attack vector?

xaduha1 hour ago

SIM attacks target vulnerable/unnecessary applets that some clueless providers leave there, which can also affect esims according to some articles. And since no one bothers to setup actual SIM PINs anymore that too probably doesn't help.

kumarski12 hours ago

efani.com

throwawayboise5 hours ago

My approach with phones is to install apps only from very mainstream well known publishers (for Android, I limit apps mainly to those from Google). Other than the stock Google apps for web browser, email, maps, and phone/contacts/calendar I don't find I need many apps.

All computing devices have vulnerabilites. If you feel you need to use them regardless, you can avoid a lot of exploits by not installing random apps from publishers you've never heard of.

jmnicolas1 hour ago

If the vulnerability is in the chip it doesn't matter what apps you install. Even with a bare OS you're vulnerable.

jacquesm1 hour ago

Vulnerable from what though?

- leaking your location

- having your conversations intercepted

- having your messages intercepted

- having yourself impersonated

- having your contacts lifted

There are so many options.

xaduha1 hour ago

That's the same 'logic' that anti-maskers use. It's not about absolutes, just because something is theoretically vulnerable doesn't mean you need to throw caution to the wind.

Scoundreller14 hours ago

I guess they didn’t look hard enough at the other 63%

nicce9 hours ago

Somehow firmware updates should be enforced by consumers.

It doesn’t help, that there are so many different smartphone vendors, and the most of them are pursuiting only for sales. New chips are coming constantly, and old ones get forgotten, left unpatched.

Is the future of the smartphone market of secure phones only in the hands of big ones (Apple et al)?

AnthonyMouse5 hours ago

What's really needed here is for the tech press to make this a priority when reviewing devices, which they currently don't. Right now consumers aren't aware of how important it is for the device to have drivers in the mainline kernel tree to avoid getting pwned.

Not having that should be an absolute bar to a device making it onto anyone's "recommended" list.

At which point device makers would prioritize not getting panned by reviewers and losing many sales just because they couldn't be bothered to get their drivers into the kernel tree.

Gigachad6 hours ago

That would be the free market way. Apple has a track record of patching even low level issues for a very long time after sale. If that is something you care about, then you buy the product that supports that.

Perhaps we should also block malware infected devices from using the internet as well to stop there negative external effect on the rest of us.

smolder5 hours ago

I care about phone security but also about privacy from corporate entities and control of my own devices. Our sorta-free market does not serve this demand. Voting with money just doesn't do anything to counter supply-side solidarity. I.e. leveraging the indisputable utility of their products to force hostile spyware and dark patterns onto people and abuse them.

As for disconnecting malware hosts, we could only block what we could identify & verify as malicious.

fsflover1 hour ago

For voting with money, consider Librem 5: https://puri.sm/librem-5.

kumarski12 hours ago

The time for open source chips is now.

Efabless.com

sydthrowaway6 hours ago

Er, why do we think open source chips enhance security, when vendors spend $100mns trying to secure their devices?

JanisL4 hours ago

I worked at an electronics place a while back and I remember there were issues in an old chip in some older products. Not talking anything major here but a few known bugs that could have been fixed. But usually nobody had the time allowed to go fix up the old firmware on old products because there were always other things to deal with that were deemed to be a higher business priority. Unfortunately there's often more money to be made by the manufacturer by making the costs of these bugs externalities on the entire market than there is to be made by fixing them. Even when vendors have large budgets to work on security work done on end of life products ends up being typically abandoned because there's just more money to be made elsewhere at the moment. Open source chips could help deal with this end of life issue.

AnthonyMouse5 hours ago

The biggest problem we have right now is that someone finds a vulnerability in a chip which is at the same time in widespread use and no longer supported by the manufacturer. If everything is open source, anyone can patch the vulnerability even if the OEM won't, and then someone does.

reustle4 hours ago

Clickable link: https://Efabless.com

dlsa3 hours ago

Anyone familiar with ASICs? If I wanted a 8 x AND gate, what would that cost, ballpark figure? I'm just trying to get a handle on the costs and figure that might be a good measure.

jacquesm1 hour ago

If you wanted an 8xAND gate I would recommend the 74LS30. There, saved you a bunch of money.

tgv3 hours ago

I, too, consider it naive to think that a relatively unorganized bunch of people are going to make good chips, write good drivers and support the whole lot for free, and deliver a product that's competitive. There's so much stacked against it. Case in point: Linux on the desktop.

mdp20212 hours ago

> Linux on the desktop

You mean it's fully doable and going to become a standard in practice for our peers?

tgv2 hours ago

But unfortunately ignored by the masses...

jacquesm1 hour ago

That's fine. At least they have the choice.

jacquesm1 hour ago

The kernel group is extremely well organized, and lots of other groups are too.

baybal23 hours ago

> I, too, consider it naive to think that a relatively unorganized bunch of people are going to make good chips,

It's naive to thing that relatively unorganized bunch of people wrote the most popular OS in existence.

tgv2 hours ago

It's much less of a consumer choice, and it's backed by some pretty deep pockets.