September 14, 2018
Securing the freedom of mobile, part 2
In this blog miniseries, we will explore current mobile technology threats and our solutions for making them better.
This week we visited our assembly line and things are running smoothly in schedule. More about our decisions and why did we select these components for our device, in the last chapter of this blog.
This is the second part of our Securing the Freedom of Mobile blog miniseries. You can read the one first here
Currently all the mobile hardware is manufactured by a few very large players. There is hardly any competition in the market and that limits the freedom of mobile devices greatly. All the big hardware manufacturers embed their own proprietary binary blobs in the hardware. This black code can run anything in the device virtually undetected. The capabilities are enormous and it is there for a reason. Nearly everyone carries a phone in their pockets all the time. Most people are completely fine with this idea of running known unknowns in their phones and it is not worth the hassle for them to change.
We have had, and still have, some minor players who are willing to contribute to the open source hardware but with limited success as seen with Texas Instruments. This ecosystem is extremely hard to change, since it is in the interest of third parties pressuring these manufacturers to keep their dominance on the market and embed their black code in everyone’s pockets.
We will be discussing our chip choices and connectivity options in greater detail in a later blog.
Without fully open hardware it is impossible to have fully open software and therefore impossible to have provably secure and open mobile device. Freescale and now NXP produces i.MX SoCs (System-On-Chips) that are fully open source. Their technical datasheets and board support packages (BSP) are free and open for everyone to see and download. This transparency in i.MX chips was the fact that made it the most viable options for us in order to build a fully open source mobile device. Our friends at Purism seem to agree since they went with the i.MX family aswell.
Another option could be to use existing phones and reverse engineer the binary blobs running in them like the great people at PostmarketOS have done with Nexus 5. However this was not a viable option for us since we still could not guarantee the openness and security of the whole device. By making the hardware ourselves and deciding the best components ourselves we can guarantee security, freedom and openness of the device we deliver.
To tackle the CPU problem we decided to go the i.MX6 route. As mentioned before, i.MX6 was chosen because of its ability to be free and open software without any binaries, public technical datasheets and possibility to use Etnaviv free software accelerated GPU driver. If we would have started our project today, i.MX8 would have been a great choice but as we have been working on this device more than a year, closer to two, there was not enough information about support and plans of i.MX8 CPU. Necuno Mobile will work amazingly with the i.MX6 CPU.
We have selected only the highest quality components for our mobile device, we didn’t base our decisions on cheap price. High resolution screen with aluminium case and various connectivity methods were selected with great care and community wishes in mind. Our components are top quality and so is our choice for factory. When delivering highly secure device we can’t just trust anybody in Asia or USA to manufacture it. That is why we have chosen Europe and more precisely Finland where we know the quality is high and no known unknowns are embedded. Exactly as it should be.
More about open software can be read in the next miniseries blog post.
Stay tuned for more.