12-08-2021, 08:19 AM
Hi, everyone!
I want to buy this phone https://pine64.com/product/pinephone-bet...e-package/ from another person. They say it's like new and has only been tested.
Where could they hide malware in the phone?
Of course I'll reinstall the operating system and wipe the internal memory, but what types of firmware are there where someone could hide malware?
Is it possible to flash official firmware images from the Pine64 website or at least inspect the current firmware installed and compare a hash with other users? I'll inspect the phone for physical tampering, but if some firmware can be flashed with USB or other ways without desoldering or breaking some sort of seal, how would I know about it?
So basically: what types of firmware is there where malware could hide and how to detect whether the firmware(s) has been tampered with?
Thanks!
I want to buy this phone https://pine64.com/product/pinephone-bet...e-package/ from another person. They say it's like new and has only been tested.
Where could they hide malware in the phone?
Of course I'll reinstall the operating system and wipe the internal memory, but what types of firmware are there where someone could hide malware?
Is it possible to flash official firmware images from the Pine64 website or at least inspect the current firmware installed and compare a hash with other users? I'll inspect the phone for physical tampering, but if some firmware can be flashed with USB or other ways without desoldering or breaking some sort of seal, how would I know about it?
So basically: what types of firmware is there where malware could hide and how to detect whether the firmware(s) has been tampered with?
Thanks!