
Critical Vulnerabilities in 3G/4G Modems or How to Build Big Brother - campuscodi
http://blog.ptsecurity.com/2015/12/critical-vulnerabilities-in-3g4g-modems.html
======
mschuster91
I don't see a problem with "2\. Integrity Attacks (six devices)".

While of course proper XSRF protections must be applied to the firmware update
script, I'd like to have a device where I can inspect and modify the firmware,
thank you very much.

(Or, at the very least, expose u-boot over some interface that's available
without destructive dismantling of the device)

~~~
raesene2
You don't think those protections should be in place for the 99% of users of
these devices who have no idea what a firmware is, let alone would want to
update them?

~~~
mschuster91
I believe so, yet the problem is that this is an excuse for manufacturers to
prevent the 1% of people interested in their freedoms to restrict these
freedoms for the gain of... what?

~~~
raesene4
protecting the other 99% of their users from an attacker loading malicious
firmware onto their device?

