Nexus S/Galaxy S privacy issues

We found out that on the Nexus S and the Galaxy S the modem could possibly spy the main CPU(where Replicant runs).
We are currently trying to see if that can be fixed(by loosing about 80M of ram) or not.

More details are available on our wiki


14 thoughts on “Nexus S/Galaxy S privacy issues

  1. We think the Galaxy S and Nexus S modems can spy on a part of the phone’s main memory (RAM, not NAND nor storage).

  2. I just came across replicant… very interesting. I’ve avoided android all along because I prefer privacy. I’m also increasingly skeptical about phone software/hardware invading my right to live in private… so replicant is giving me some hope. I would probably go for a galaxy s as it is a nice phone, but seems unclear about the modem/memory thing so far. Any news on that?

  3. Dear GNUtoo,

    i wanted to know what is the progress with the Nexus S/Galaxy S privacy issues at the moment? 80M missing should be no problem for the sake of security.
    I´m about to buy an Galaxy S but i want to run a secure replicant.

    Hope you post some news here soon.
    All the best, kasseng

  4. Maybe the best way to learn would be to try:
    Or you succeed,
    Or you learn the missing knowledge and come back with it and succeed….

    I think the only required knowledge for doing a port is knowing a bit the C programming language.


  5. I’m not a developper, so i couldn’t do it =/

    I’m just interested to buy an other kind of phone which is more hackable than others (like i want to learn hacking).

  6. About the ODROID, none of the replicant developers have one, but if you have one you could try to do the port…
    I can even give you pointers in the IRC channel.


  7. Pingback: В смартфонах Nexus S и Galaxy S выявлена потенциальная утечка данных через модуль телефонии | Интересное в сети

  8. But this patch changes nothing
    static struct resource mdmctl_res[] = {
    [2] = {
    .name = “onedram”,
    .start = (S5PV210_PA_SDRAM + 0x05000000),
    .end = (S5PV210_PA_SDRAM + 0x05000000 + SZ_16M – 1),
    .flags = IORESOURCE_MEM,

    -#define S5PV210_PA_SDRAM (0x30000000)
    +#define S5PV210_PA_SDRAM (0x40000000)

    it is probably necessary to add
    – .start = (S5PV210_PA_SDRAM + 0x05000000),
    – .end = (S5PV210_PA_SDRAM + 0x05000000 + SZ_16M – 1),
    + .start = (0x30000000 + 0x05000000),
    + .end = (0x30000000 + 0x05000000 + SZ_16M – 1),

  9. Pingback: В смартфонах Nexus S и Galaxy S выявлена потенциальная утечка данных через модуль телефонии : Записки начинающего линуксоида

  10. Hmm and AFAIK in Qualcomm modem is even more importaint than Linux CPU, modem boots UI CPU as secondary and haves access to all resources, running some unknown untrusted proprietary code which can, say, at least potentially access GPS without consent. And isn’t RRLP protocol all abot this crap? As for me I don’t need such a trojanized CPUs. Are there better ones?

  11. 1) The GTA04 modem is indeed USB, so there is no risk on this side, the freedom problem with the gta04 are the firmware(as usual). There is also a GPS in the modem but there is no antenna attached to that GPS so it shouldn’t be able to get a fix.
    3)for encryption it requires a data call between the 2 phones encrypting their traffic, so the easiest way would be SIP+encryption on top, the main issue is that carriers modify how voice is transmited(compression etc…).

  12. Hi,

    1) Will it be the same with the Open Moko GTA04 Phone?
    Will the modem could spy us on this phone?
    If so, what about OsmocomBB?

    2) Installing Replicant on Open Moko GTA04 can make a real 100% free/open source software/hardware phone, or will there be yet some things proprieritary?

    3) What do you think about “Forfone” which help to communicate without
    What about creating a sort of XMPP messenger for sending/receiving phonecalls/sms,mms, inside an encrypted VPN in a “all in one” package? ( or ).
    A sort of “forfone” but in free software and with encryption.
    It could help to make some phone calls and SMS/MMS outside the usually phone network by using internet network?

    Finally the more important is to have the same phone software (Android/Replicant) to escape to the mobile phone networks (AT&T in US, Orange in Europe, etc).

    “Jitsi” is working really well (even if it’s in JAVA…) for calls. It could be a good base to making a work like that.

    What do you think about that?

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.