> "Your mobile should be one of the safest places to store a key."
I have to take issue with this. I think your mobile is probably one of the least secure places to store a key, due to the 'baseband problem'[0]. Your mobile in its normal (powered-on and connected to a network) state is probably less secure than using a fresh un-patched install of Windows XP today. I mean the original version of XP, pre-SP1 with the firewall disabled.
This is why people say to choose a device without a mobile radio chip at all for secure communication, such as an iPod Touch[1].
I'd really like to have PGP/GPG encrypted emails on my mobile and I had it tested and working for a little while before looking into the baseband issue. I've since revoked the keys I used for that test and I am resigned to the fact that I will not be able to securely use encrypted email on my mobile phone for the foreseeable future.
I keep my keys off the phone now, along with an unpublished email address at a different domain which is to be used for account recovery for those email accounts in use on the phone.
There are phones with separate application/baseband chips. I have a Samsung i9500 (one of the many models called "Galaxy S4"), which I believe is the most recent of such phones that can run Cyanogenmod. Also, I think most Apple devices are separated in such a manner as well?
Of course there's likely still a whole collection of closed software that takes constant network connectivity for granted, and does who-knows-what. The Android code is open, but it seems like there won't be enough eyes looking at vulnerabilities to the vendor with regards to say the GApps suite. And making the choice of utility between Google Maps and K-9 mail, I picked Maps.
It also doesn't help that phone models are so varied as to diffuse the interest in investigation/teardown/auditing.
The iPhone baseband processor speaks a point-to-point USB-like protocol to the AP, and does not have access to secrets stored in the AP or the secure enclave. Secure applications on the phone have to assume that the cellular network is insecure already, so the colocated baseband processor doesn't much impact the threat model.
Not a good argument for the tiny fraction of smartphone users who happen to use iPhones, or not a good argument at all?
The comment I replied to mentions the iPhone, but made the blanket statement "Your mobile..." plus the article I linked to addresses multiple mobile OSs.
It would be helpful to explicitly state which make and model smartphones you believe are not susceptible to baseband threats. I think Blackphone has also integrated countermeasures but information on this topic is pretty sparse.
Modern iPhones are generally significantly more secure than modern Android phones, but so long as we're talking about (a) modern mobile devices (b) provided by Apple or Google, then I'm comfortable saying that all these devices are more secure than your computer --- which, for what it's worth, is littered with all sorts of little embedded doohickeys with code you can't see.
Okay good to know. Not sure who's downvoting you because this is useful info.
Now if we can forget the comparison between smartphones and computers, it would be great to know exactly which smartphones are a good choice for users of encrypted email. I'm on Android now only because it easy enough to root and use without any Google services (I prefer to self-host and use F-Droid for apps). I don't particularly like Android but it is the 'lesser of two evils' for now.
If I can do the same with an iPhone and never have an account with Apple I would definitely be interested as the iPhone hardware seems pretty good.
Basebands have not had full hardware access for quite some time now, due to their habit of being full of exploits that can be used to unlock the device. It's not just an iPhone thing.
I have to take issue with this. I think your mobile is probably one of the least secure places to store a key, due to the 'baseband problem'[0]. Your mobile in its normal (powered-on and connected to a network) state is probably less secure than using a fresh un-patched install of Windows XP today. I mean the original version of XP, pre-SP1 with the firewall disabled.
This is why people say to choose a device without a mobile radio chip at all for secure communication, such as an iPod Touch[1].
I'd really like to have PGP/GPG encrypted emails on my mobile and I had it tested and working for a little while before looking into the baseband issue. I've since revoked the keys I used for that test and I am resigned to the fact that I will not be able to securely use encrypted email on my mobile phone for the foreseeable future.
I keep my keys off the phone now, along with an unpublished email address at a different domain which is to be used for account recovery for those email accounts in use on the phone.
[0]http://mobile.osnews.com/story.php/27416/The_second_operatin...
[1]https://twitter.com/csoghoian/status/686035633949818881