- definitions:
  - CPU = application processor (OMAP), the thing that runs
    Maemo, Android, ..., UI, middleware, apps, ...
  - modem = GSM/UMTS/LTE, and any integrated blocks (e.g., GPS/GNSS)
- main mainly distrust the modem, due to
  - lack of transparency (completely closed)
  - high degree of autonomy (complete system, directly on battery)
  - history of use as attack vector [silent SMS, more ?]
- defenses
  - constrain modem ability to infiltrate CPU
  - limit modem access to sensors
  - monitor RF use (e.g., [location update])
  - monitor activity, for multi-stage attacks for deferred action
    (e.g., record conversation now, send later [reference ?]
- protecting the "trusted" CPU
  - no peripherals share memory with CPU, especially not modem
    [typical modern design with modem sharing CPU hw resources]
  - Free and open operating system, UI, core applications
  - no binary drivers required
- monitoring
  - CPU monitors telephony antenna activity,
  - inbound and outbound
  - CPU monitors modem current consumption (for deferred action)
  - CPU monitors GPS amplifier activation
- interdiction
  - CPU can cut power to the modem
  - CPU can override GPS amplifier activation
- response
  - CPU decides what is suspicious and what not
    (note: we have done no such profiling yet, all is based on theory)
  - user decides how to response to perceived threats, especially
  - user decided whether to reveal detection of possible threat
- other RF
  - we trust that being able to deny firmware is enough to tame
    WLAN/BT. Is this really sufficient ?
  - we trust that not enabling / holding in reset is sufficient for
    FM RX/TX (with RDS). Is this enough ?