Finalize article

1 files changed, 39 insertions, 33 deletions

diff --git a/content/0022-about-the-asn.1-vulnerability.html b/content/0022-about-the-asn.1-vulnerability.html
index b546344..f3ae90d 100644
--- a/content/0022-about-the-asn.1-vulnerability.html
+++ b/content/0022-about-the-asn.1-vulnerability.html
@@ -21,30 +21,35 @@
     <h1 id="asn1-vulnerability">ASN.1 Vulnerability</h1>
 
     <p>Following the decision of <abbr title="National Institute for
-      Standards and Technology">NIST</abbr> to deprecate usage of SMS in
-      two-factor authentication (we'll come back on this in an upcoming
-      installment), this vulnerability disclosure confirms the interest
-      of the unique design of Neo900 that isolates the baseband chip
-      from power supply, making it dependent on the <abbr title="Central
-      Processing Unit">CPU</abbr> (and the <abbr title="Operating
+      Standards and Technology">NIST</abbr> to deprecate usage of SMS
+      in two-factor authentication, this vulnerability disclosure
+      confirms the pertinence of the unique design of Neo900 that,
+      among other features, isolates the baseband chip (modem), making
+      it dependent on the <abbr title="Central Processing
+      Unit">CPU</abbr> (and the <abbr title="Operating
       System">OS</abbr>) to access anything else on the system, and
       preventing remote activation of the chip in the first place.</p>
 
     <p>Lucas Molas of <em>Programa STIC</em> discovered a <cite>Heap
-      memory corruption in ASN.1 parsing code generated by Objective
-      Systems Inc. ASN1C compiler for C/C++</cite> potentially affecting
-      billions of phone users worldwide.  The proprietary software
-      vendor received a bug report via <em>plain text email</em> on
-      June, 1<sup>st</sup>, 2016, according to
+      memory corruption in <abbr title="Abstract Syntax Notation
+      One">ASN.1</abbr> parsing code generated by Objective Systems
+      Inc. ASN1C compiler for C/C++</cite> potentially affecting
+      billions of phone users worldwide.
+      <q cite="http://www.itu.int/en/ITU-T/asn1/Pages/Application-fields-of-ASN-1.aspx">
+	<abbr>ASN.1</abbr> is used in many protocols and data formats,
+	including cellular telephony.</q>
+      The proprietary software vendor received a bug report
+      via <em>plain text email</em> on June, 1<sup>st</sup>, 2016,
+      according to
       the <a href="https://github.com/programa-stic/security-advisories/tree/master/ObjSys/CVE-2016-5080/">CVE-2016-5080</a>
       released on July, 18<sup>th</sup>, 2016 to the public in a
       coordinated release with the vendor.</p>
 
-     <blockquote>Abstract Syntax Notation One (<abbr title="Abstract
-       Syntax Notation One">ASN.1</abbr>) is a technical standard and
-       formal notation that describes rules and structures for
-       representing, encoding, transmitting, and decoding data in
-       telecommunications and computer networking.</blockquote>
+     <blockquote>Abstract Syntax Notation One (<abbr>ASN.1</abbr>) is
+       a technical standard and formal notation that describes rules
+       and structures for representing, encoding, transmitting, and
+       decoding data in telecommunications and computer
+       networking.</blockquote>
 
      <blockquote>A vulnerability found in the runtime support
        libraries of the ASN1C compiler for C/C++ from Objective
@@ -68,13 +73,16 @@
        that <q>memory corruption bugs in <abbr>ASN.1</abbr> related
        components of an <abbr title="Long Term Evolution">LTE</abbr>
        stack have been announced or hinted at in several infosec
-       conference presentations over the past few weeks and its likely
-       the same or similar bugs will become public soon.</q></p>
+       conference presentations over the past few weeks and its (sic)
+       likely the same or similar bugs will become public
+       soon.</q></p>
 
      <h2>How is Neo900 Affected?</h2>
 
-     <p>The short answer is: Neo900 is not affected.  Keep reading to
-       know why.</p>
+     <p>The short answer is: although the modem in Neo900 may or may
+       not be affected--we cannot know since <strong>all baseband
+       chips are proprietary black box designs</strong>--Neo900 is
+       designed to not trust this chip.</p>
 
     <p>In
        our <a href="https://neo900.org/news/paypal-resumes-neo900-sources-again">last
@@ -84,7 +92,7 @@
 
     <p id="anchor-gta0x">In fact, the
       <a href="#note-gta0x"><strong>GTA0x</strong> design</a> contains
-      two unique features:
+      two unique features to detect and/or prevent suspect activity:
       <ul>
         <li>the modem is detached from the power source, unlike other
           smartphones, so that the modem has to be authorized by
@@ -92,7 +100,7 @@
         <li>the modem and the <abbr>CPU</abbr> <strong>do not share
           <abbr title="Random Access Memory">RAM</abbr>, which
           prevents a whole range of attack vectors where a rogue
-          baseband chip, either by design, by "lawful" or illegal
+          baseband chip, either by design, by "lawful", or by illegal
           action, could take control of memory segments pertaining to
           other subsystems and inject malicious code.</li>
       </ul>
@@ -117,15 +125,14 @@
        such as the <abbr>ASN.1</abbr> bug will grant access to the
        whole system.</p>
 
-    <p>But with Neo900, only a rare combination of hardware
-       vulnerability in the <abbr title="Universal Serial
-       Bus">USB</abbr> connecting the modem to the <abbr>CPU</abbr>,
-       and a software vulnerability would have a remote chance to do
-       that. As long as there's no proprietary vulnerable binary blobs
-       in the Neo900 <abbr title="Application Processor
-       Environment">APE</abbr>, the chance of a modem bug bubbling up
-       to the rest of the system without a way to control it and fix
-       it in software remains null.</p>
+    <p>But with Neo900, the attack surface is much reduced, and a
+      compromised modem would only to subvert the <abbr>CPU</abbr> in
+      the presence of subsequent major vulnerabilities. As long as
+      there's no proprietary vulnerable binary blobs in the
+      Neo900 <abbr title="Application Processor
+      Environment">APE</abbr>, we consider the chance of a modem bug
+      bubbling up to the rest of the system without a way to control
+      it and fix it in software negligible.</p>
 
     <p>Our exclusive Neo900 design is more valuable than ever!</p>
 
@@ -135,8 +142,7 @@
 
     <p>P.S.: Feedback is welcome!  Did you enjoy reading this post?
       What else should it have covered?  What do you want to read in the
-      news?  You can tell me: hellekin at neo900 dot org, or in the
-      comments.</p>
+      news?  You can tell me: hellekin at neo900 dot org.</p>
 
     <p id="note-gta0x" class="footnote">Footnote: from Openmoko Neo
       1973 and FreeRunner, to Golden Delicious GTA04 and maybe the