This shouldn't come as a surprise to anyone for a number of reasons. First
off the encryption used in GSM phones was broken long ago. Now that in and of
itself doesn't mean they have access to the phone itself.
Here is one article from 2009 on it:
http://www.pcworld.com/article/185552/GSM_Encryption_Cracked_Showing_Its_Age.html
The next issue is that we don't know what is in the modem firmware. It's
proprietary. We can assume it does more although already know that by design
it makes your phone a tracking device.
RMS is always talking about it, in part, because he is a rarity today in that
he does not carry a cell phone:
http://stallman.org/rms-lifestyle.html
Next we have people from the Replicant (whom have created a free software
version of Android) project stating that modems (in many cases at least) can
access your data:
http://replicant.us/2012/04/nexus-sgalaxy-s-privacy-issues/
It is pretty apparent how remote access to these devices can be achieved. A
remote firmware or modem firmware update can be sent with the help of a phone
company or possibly by becoming a fake phone company. Even if you can prevent
the firmware from being updated normally a modem firmware update is likely
going to be able to do anything it wants as far as spying on you goes (that
is your data, as it already spys on you as far as your location, etc is
concerned, and possibly as a listening device too).
