Le samedi 16 décembre 2017 à 11:44 +0100, Denis 'GNUtoo' Carikli a écrit : > Signed-off-by: Denis 'GNUtoo' Carikli <[email protected]> > Signed-off-by: Paul Kocialkowski <[email protected]>
Acked-by: Paul Kocialkowski <[email protected]> > --- > freedom-privacy-security-issues.php | 9 ++++++--- > 1 file changed, 6 insertions(+), 3 deletions(-) > > diff --git a/freedom-privacy-security-issues.php b/freedom-privacy- > security-issues.php > index f3923d7..cf380d2 100644 > --- a/freedom-privacy-security-issues.php > +++ b/freedom-privacy-security-issues.php > @@ -20,11 +20,14 @@ > <p> > Regarding the software side of things > on mobile devices, the main CPU (inside the SoC) starts by executing > hard-wired boot instructions (that cannot be changed), known as the > bootrom. > It will look up various places such > as NAND, eMMC or MMC (sd/micro sd card) storage, depending on the > hardware configuration, to load a bootloader. > - The bootloader, which is in fact > often split in different stages, is in charge of bringing up and > configuring various aspects of the hardware and eventually starting > the operating system by loading and running its kernel.<br /> > + The bootloader, which is in fact > often split in different stages, is in charge of bringing up and > configuring various aspects of the hardware and eventually starting > the main operating system by loading and running its kernel. > + On some hardware, it is also in > charge of loading code that is separate from the operating system. > That code runs on the same processor with the highest level of > hardware privileges, can interrupt the operating system and forbid it > from accessing hardware resources. On ARM processors, this privilege > mode is called TrustZone. The code running in TrustZone often keeps > running in the background, aside of the main operating system.<br /> > <br /> > + > <a href="images/freedom-privacy- > security-issues/software.png" data-lightbox="overview" data- > title="Software-side overview"><img src="images/freedom-privacy- > security-issues/software.png" alt="Software-side overview" > style="width: 250px; float: right;"/></a> > The kernel itself, among other > things, deals with the hardware directly and provides ways for other > programs (running in user-space) to access it. > In user-space, hardware abstraction > layers are programs specific to each device that know how to properly > drive the hardware. > They use the kernel to communicate > back and forth with the hardware and implement the proper protocols > for it.<br /><br /> > + > The actual knowledge of how to drive > the hardware is split between the kernel and the hardware abstraction > layer libraries: both are needed to make it work properly. > Hardware abstraction layers provide a > generic interface for the framework to use. > The framework itself provides an > interface for applications that is independent of the device and the > hardware. > @@ -89,7 +92,7 @@ > </p> > <p> > <a href="images/freedom-privacy- > security-issues/operating-system.png" data-lightbox="current- > situation" data-title="Mobile operating system"><img > src="images/freedom-privacy-security-issues/operating-system.png" > alt="Mobile operating system" style="width: 250px; float: left;"/></a> > - The biggest part of the software > running on a mobile device is the operating system, that runs on the > main CPU. > + The biggest part of the software > running on a mobile device is the main operating system, that runs on > the main CPU. > It has access to most integrated > circuits (I/O, camera, microphone, GPS, etc) as well as the user's > data and communications. > It is the most critical part for > privacy/security and is also very important for free software as it > interacts with the user directly and holds knowledge about > communication with the hardware. > Many mobile operating systems are > mostly free software (e.g. > @@ -99,7 +102,7 @@ > None of these mostly-free systems > have a clear policy to reject proprietary software and not advocate > its use, except for Replicant. > </p> > <p> > - While the operating system is a very > important piece of software, it doesn't ship with applications that > cover the wide spectrum of activities that a mobile device is expected > to provide. > + While the main operating system is a > very important piece of software, it doesn't ship with applications > that cover the wide spectrum of activities that a mobile device is > expected to provide. > Thankfully, plenty of free software > applications exist for each kind of (mostly-)free operating system, > sometimes gathered in free software application stores (such as <a > href="//www.f-droid.org/">F-Droid</a>; for Android systems). > </p> > <h3>Mobile telephony operators and > privacy</h3> -- Paul Kocialkowski, developer of free digital technology and hardware support. Website: https://www.paulk.fr/ Coding blog: https://code.paulk.fr/ Git repositories: https://git.paulk.fr/ https://git.code.paulk.fr/
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Replicant mailing list [email protected] https://lists.osuosl.org/mailman/listinfo/replicant
