Security when buying a second hand PinePhone
#1
Hi, everyone!

I want to buy this phone https://pine64.com/product/pinephone-bet...e-package/ from another person. They say it's like new and has only been tested.

Where could they hide malware in the phone?

Of course I'll reinstall the operating system and wipe the internal memory, but what types of firmware are there where someone could hide malware?

Is it possible to flash official firmware images from the Pine64 website or at least inspect the current firmware installed and compare a hash with other users? I'll inspect the phone for physical tampering, but if some firmware can be flashed with USB or other ways without desoldering or breaking some sort of seal, how would I know about it?

So basically: what types of firmware is there where malware could hide and how to detect whether the firmware(s) has been tampered with?


Thanks!
  Reply
#2
Did you already read and understand https://wiki.pine64.org/wiki/PinePhone#Introduction ?

Are you really aware what to actually expect when purchasing a Pinephone?

You can't have a device featuring a deceptively false sense of security that can't be "tampered with" and at the same time be able to do what you please with it.

The whole point for the existence of the Pinephone and related offerings is the possibility to "tamper with" the firmware.

This is a device destined for modifying its firmware as you wish (and are capable to), aimed in first place at *developers*.

This is  not a consumer device and not suitable to deliver some kind of "smartphone experience" for end users.

So, unless the seller hasn't bothered trying out firmware installations, this will definitely have been played around with.

If you are worrying about malware and security, then this is the wrong phone and you are not a member of its target group.

If you don't trust the buyer and don't know what the Pinephone stands for then better abstain from purchasing it.
Devices: Pinebook Pro & Pinephone (Braveheart)
  Reply
#3
it's likely not something you'll really need to worry about (that's a whole lot of hassle to muck around in the modem firmware just to get rid of the phone,) but if you feel inclined, you can build and install firmware yourself: https://github.com/Biktorgj/pinephone_modem_sdk
links and instructions to flash to stock can be found here: https://github.com/Biktorgj/pinephone_mo...ECOVERY.md and there is documentation for interacting with the modem firmware in the wiki.

i don't believe there's any other firmware that's OS-independent you really need to worry about. A fresh OS install should settle any fears, and void any need to wipe the internal storage, as writing the OS img will wipe out any existing data.
  Reply
#4
(12-08-2021, 09:02 AM)vajak Wrote: So, unless the seller hasn't bothered trying out firmware installations, this will definitely have been played around with.

I haven't opened a PinePhone myself so I don't know if there are chips whose firmware requires physical disassembly that will be somewhat tamper evident. Obviously some tamperings won't be evident and I know that's the point of the PinePhone.

That's why I asked if there is a way to reflash the various firmwares in the phone or at least compare hashes with other users or with official hashes on the website.


So my questions still stand.
  Reply
#5
(12-08-2021, 09:05 AM)tophneal Wrote: it's likely not something you'll really need to worry about (that's a whole lot of hassle to muck around in the modem firmware just to get rid of the phone,) but if you feel inclined, you can build and install firmware yourself: https://github.com/Biktorgj/pinephone_modem_sdk
links and instructions to flash to stock can be found here: https://github.com/Biktorgj/pinephone_mo...ECOVERY.md and there is documentation for interacting with the modem firmware in the wiki.

i don't believe there's any other firmware that's OS-independent you really need to worry about. A fresh OS install should settle any fears, and void any need to wipe the internal storage, as writing the OS img will wipe out any existing data.

Thank you so much for the links! It's good to know that the only firmware is the modem. I was assuming there would be something like the BIOS/UEFI in x86 that sits under the OS.

For the Quectel EG25 I found this thread https://forum.pine64.org/showthread.php?tid=14935 from a couple of months ago. I assume that reflashing the modem firmware will be enough to reset and already compromised firmware by this CVE, right? Or does the existing firmware have control over the reflashing process, i.e. can the firmware lie that it is being completely reflashed? Finally, is this CVE still unpatched?
  Reply
#6
FYI, unlike iPhone and most Android devices, a PinePhone is not a consumer toy pretending to be a desktop replacement.
There is no USB flashing (well, there kind of is, but I never got it working), you just install from SD card almost like how you'd install a Linux distro from a USB drive or live CD on a PC.
That alone will do all the wiping, "flashing", and everything you'd expect to get an entirely clean install.

Also, unless you're buying a phone from an FBI or some other government person, why would somebody knowingly hide malware on a phone they are selling in the first place?
母語は日本語ですが、英語も喋れます(ry
  Reply
#7
(12-08-2021, 08:19 AM)PineniP Wrote: Hi, everyone!

I want to buy this phone https://pine64.com/product/pinephone-bet...e-package/ from another person. They say it's like new and has only been tested.

Where could they hide malware in the phone?

Of course I'll reinstall the operating system and wipe the internal memory, but what types of firmware are there where someone could hide malware?

Is it possible to flash official firmware images from the Pine64 website or at least inspect the current firmware installed and compare a hash with other users? I'll inspect the phone for physical tampering, but if some firmware can be flashed with USB or other ways without desoldering or breaking some sort of seal, how would I know about it?

So basically: what types of firmware is there where malware could hide and how to detect whether the firmware(s) has been tampered with?


Thanks!
i have been playing with androids, finally found out that even fastboot is more or less controlled (by them). if i go on paranoid level, android could easily hide some nasty stuff. what i know about pinephone's booting process, it's almost impossible to put something unwanted there.

however, lte modem chip is an issue though, because it has its own firmware. lte modem could theoretically contain malware but modem resources are quite limited, and requires serious coder to put it there. you may or may not want to flash or reflash it. (mandatory disclaimer about possible BIO THERMO NUCLEAR IMPLOSION and bricking modem chip when flashing, it's flasher's fault).

if paranoid:
1: disable modem with dip switch
2: erase internal memory with random bytes e.g. dd if=/dev/urandom of=/dev/{targetdevice} bs=1M status=progress
3: install o.s. according to instructions.
4: enable modem with dip switch
5: reflash or flash modem chip
6: repeat 1-4, if more paranoid

stock firmware for modem chip:
https://github.com/Biktorgj/quectel_eg25_recovery

partially open source firmware for modem chip:
https://github.com/Biktorgj/pinephone_modem_sdk
  Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  PinePhone - boot from microSD laserpyramid 5 307 03-06-2024, 06:37 PM
Last Post: aular
  Are you using the Pinephone as your daily driver? jro 157 105,199 02-18-2024, 11:33 PM
Last Post: aular
  2020 PinePhone Manjaro CE EU for sale, name your price astrojuanlu 7 1,527 02-14-2024, 04:51 PM
Last Post: astrojuanlu
  pinephone is not bootble for the box. ijij 1 464 01-19-2024, 01:29 PM
Last Post: fxc
  Multiple issues with the Pinephone MTXP 12 1,945 12-28-2023, 07:55 AM
Last Post: MTXP
  pinephone repair shop shengchieh 0 385 12-26-2023, 02:42 PM
Last Post: shengchieh
  sudo nano file saving pinephone beta edition CharlesGnarley 4 1,483 12-22-2023, 03:44 PM
Last Post: Kevin Kofler
  Can't get Mobian on PinePhone to recognise USB-C docking bar duncan_bayne 9 6,611 12-04-2023, 02:14 AM
Last Post: Peter Gamma
  Pinephone not booting, always vibrating alexander12 7 4,674 11-22-2023, 06:46 PM
Last Post: Scary Guy
  Pinephone on Verizon chachi 3 995 10-09-2023, 11:26 AM
Last Post: alaraajavamma

Forum Jump:


Users browsing this thread: 1 Guest(s)