[LEDE-DEV] Open and secure firmware for Quectel 4G modems [Was: Re: Quectel EC20 QMI autoconnect issues [Was: Re: [LEDE-DEV, 3/3, v3] uqmi: Prevent 'POLICY MISMATCH' error.]]

[Harald Welte]

Hi Bjorn,

On Sun, Jan 08, 2017 at 11:10:20PM +0100, Bjørn Mork wrote:
> Note that there is nothing Quectel here.  This is a standard Qualcomm
> platform.  The output above comes from the Sierra Wireless EM7455
> originally delivered as part of my Lenovo X1 Carbon, running bog
> standard firmare.

Would you mind sharing information how to access the shell?  It would be
great to add some wiki pages on the Sierra Wireless modems to our wiki
at https://osmocom.org/projects/quectel-modems/wiki (which despite the
URL contains a lot of information that's not quectel specific).

> And IMHO it's rather pointless unless you do something about the
> "baseband" image. Which is probably not feasible due to the complete
> lack of any source code or documentation from Qualcomm.

Side Note: There have been a surprising number of source code leaks for
qualcomm baseband processors during the last decade, but they of course
are only for one specific chipset / device at a time, often are
difficult to impossible to build - and most importantly nothing that you
can legally ever use or distribute.

Also, I don't think it is pointless.  Improving security and removing
attack surface is always useful, even if you cannot resolve all problems
at once.

-- 
- Harald Welte <laforge at gnumonks.org>           http://laforge.gnumonks.org/
============================================================================
"Privacy in residential applications is a desirable marketing option."
                                                  (ETSI EN 300 175-7 Ch. A6)