• matlag@sh.itjust.works
      link
      fedilink
      arrow-up
      2
      ·
      10 months ago

      In theory, yes, you could make a mess, and any firmware is supposed to be certified to allow the device to be used.

      In practice, this has been a convenient excuse to keep a whole chip with a separate OS in every smartphone, and it is very difficult to isolate from the rest of the system (see Graphene OS efforts).

      I say all firmware should be opensource. Whether you’re allowed to change them or not is a separate question… for now.

      • grue@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        10 months ago

        Different countries regulate the radio spectrum differently, so transmitting on a certain frequency might be legal in country A but illegal in country B. They don’t bother making different radios for different countries, though; instead, they just build hardware capable of transmitting on all the frequencies and then restrict what it can do via the firmware. The argument goes, if they allow device owners to modify the firmware, then they might modify the radio to transmit illegally. Never mind that there are myriad other ways an attacker could do that, that are almost as cheap and easy…

        • vexikron@lemmy.zip
          link
          fedilink
          arrow-up
          2
          ·
          edit-2
          10 months ago

          There are easier ways to cause chaos:

          Get a cheap phone.

          Write some code to have it play, at the loudest possible volume, a pure sine wave at 18000hz to 19000hz, just outside of the range nearly all humans can consciously be aware of hearing a sound, but within the range that prolonged exposure to this sound can cause humans to become panicked, irritable, delusional, sometimes even hallucinatory, and have immense difficulty sleeping.

          Leave the phone somewhere.

          Obviously, do not actually do this.

          Probably this would be considered terrorism, and get you in about as much trouble as fucking about with your conception of what could be used as a sort of crap tier EM jammer.

          • acockworkorange@mander.xyz
            link
            fedilink
            arrow-up
            2
            ·
            edit-2
            10 months ago

            You don’t need a phone at all to do this. Or code. Or silicon. Just a cheap RC oscillator circuit tuned to that frequency and connected to a battery and a tweeter speaker.

            Edit: where’s RadioShack when you need it?

            • vexikron@lemmy.zip
              link
              fedilink
              arrow-up
              1
              ·
              10 months ago

              Driven out of business by the CIA and FBI to prevent this from being easily doable no doubt!

              (kidding, obviously lol)

            • Meowoem@sh.itjust.works
              link
              fedilink
              arrow-up
              1
              ·
              10 months ago

              AliExpress bots have probably already read this comment and put together a ‘panic inducer top quality rechargeable usb frequency tweeter for wedding, birthday, sonic warfare, corporate and special event’ which you can buy for five dollars

            • vexikron@lemmy.zip
              link
              fedilink
              arrow-up
              2
              ·
              edit-2
              10 months ago

              To the best of my knowledge,

              no, which is why I said write some code,

              And,

              it technically depends but probably most speakers for most consumer grade hardware can do this, though I do not know about optimal decibel levels at such decibel ranges to be necessary to induce the effect, relative to time, battery life, energy cost, etc.

              I will again repeat DO NOT DO THIS.

              It legitimately could be considered terrorism.

      • jpeps@lemmy.world
        link
        fedilink
        arrow-up
        0
        ·
        10 months ago

        In additional to the other comment, I think there’s also a traditional fear of corruption in open source. If the code is public then malicious parties are free to read and take advantage of holes in the security. Secondly it would be possible to contribute code with secret functionality that goes unnoticed. These are fairly easily debunked but seem to remain in people’s heads.

        • blackbelt352@lemmy.world
          link
          fedilink
          arrow-up
          2
          ·
          10 months ago

          Ugh I hate these arguments about giving bad actors easier access. Bad actors are going to figure out flaws and security holes whether it’s open source or not. Security through obfuscation is a temporary measure and having more eyes on the source means more chances for good actors to find flaws and publicize them for fixes.