Le samedi 16 décembre 2017 à 11:44 +0100, Denis 'GNUtoo' Carikli a écrit :
Slightly modified, Acked-by: Paul Kocialkowski <[email protected]> and merged! > Signed-off-by: Denis 'GNUtoo' Carikli <[email protected]> > Signed-off-by: Paul Kocialkowski <[email protected]> > --- > freedom-privacy-security-issues.php | 9 ++++++--- > 1 file changed, 6 insertions(+), 3 deletions(-) > > diff --git a/freedom-privacy-security-issues.php > b/freedom-privacy-security-issues.php > index f3923d7..cf380d2 100644 > --- a/freedom-privacy-security-issues.php > +++ b/freedom-privacy-security-issues.php > @@ -20,11 +20,14 @@ > <p> > Regarding the software side of things on mobile > devices, the main CPU (inside the SoC) starts by executing hard-wired boot > instructions (that cannot be changed), known as the bootrom. > It will look up various places such as NAND, > eMMC or MMC (sd/micro sd card) storage, depending on the hardware > configuration, to load a bootloader. > - The bootloader, which is in fact often split in > different stages, is in charge of bringing up and configuring various aspects > of the hardware and eventually starting the operating system by loading and > running its kernel.<br /> > + The bootloader, which is in fact often split in > different stages, is in charge of bringing up and configuring various aspects > of the hardware and eventually starting the main operating system by loading > and running its kernel. > + On some hardware, it is also in charge of > loading code that is separate from the operating system. That code runs on > the same processor with the highest level of hardware privileges, can > interrupt the operating system and forbid it from accessing hardware > resources. On ARM processors, this privilege mode is called TrustZone. The > code running in TrustZone often keeps running in the background, aside of the > main operating system.<br /> <br /> > + > <a > href="images/freedom-privacy-security-issues/software.png" > data-lightbox="overview" data-title="Software-side overview"><img > src="images/freedom-privacy-security-issues/software.png" alt="Software-side > overview" style="width: 250px; float: right;"/></a> > The kernel itself, among other things, deals > with the hardware directly and provides ways for other programs (running in > user-space) to access it. > In user-space, hardware abstraction layers are > programs specific to each device that know how to properly drive the hardware. > They use the kernel to communicate back and > forth with the hardware and implement the proper protocols for it.<br /><br /> > + > The actual knowledge of how to drive the > hardware is split between the kernel and the hardware abstraction layer > libraries: both are needed to make it work properly. > Hardware abstraction layers provide a generic > interface for the framework to use. > The framework itself provides an interface for > applications that is independent of the device and the hardware. > @@ -89,7 +92,7 @@ > </p> > <p> > <a > href="images/freedom-privacy-security-issues/operating-system.png" > data-lightbox="current-situation" data-title="Mobile operating system"><img > src="images/freedom-privacy-security-issues/operating-system.png" alt="Mobile > operating system" style="width: 250px; float: left;"/></a> > - The biggest part of the software running on a > mobile device is the operating system, that runs on the main CPU. > + The biggest part of the software running on a > mobile device is the main operating system, that runs on the main CPU. > It has access to most integrated circuits (I/O, > camera, microphone, GPS, etc) as well as the user's data and communications. > It is the most critical part for > privacy/security and is also very important for free software as it interacts > with the user directly and holds knowledge about communication with the > hardware. > Many mobile operating systems are mostly free > software (e.g. > @@ -99,7 +102,7 @@ > None of these mostly-free systems have a clear > policy to reject proprietary software and not advocate its use, except for > Replicant. > </p> > <p> > - While the operating system is a very important > piece of software, it doesn't ship with applications that cover the wide > spectrum of activities that a mobile device is expected to provide. > + While the main operating system is a very > important piece of software, it doesn't ship with applications that cover the > wide spectrum of activities that a mobile device is expected to provide. > Thankfully, plenty of free software > applications exist for each kind of (mostly-)free operating system, sometimes > gathered in free software application stores (such as <a > href="//www.f-droid.org/">F-Droid</a>; for Android systems). > </p> > <h3>Mobile telephony operators and privacy</h3> -- Developer of free digital technology and hardware support. Website: https://www.paulk.fr/ Coding blog: https://code.paulk.fr/ Git repositories: https://git.paulk.fr/ https://git.code.paulk.fr/
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Replicant mailing list [email protected] https://lists.osuosl.org/mailman/listinfo/replicant
