We still have no idea what the Intel ME microcode is, present on almost every pc manufactured. I think it is very possible, plausable, or even likely.

And also the the software that runs embedded in the mobile phone chips (not the phone, but the chips for stuff like GSM/3G etc). And that's why the fight for 5g is important.

All the more reason it's not in the cheap TP-Link routers but in the mobile phone chips which can't be examined so easily.

Why is that?

Won't 5G also have dedicated hardware?

There are multiple usable open-source LTE handset software implementations. They work with a suitable SDR like e.g. a LimeSDR or similar. AFAIK not even a single open-source UMTS software implementation works well enough for practical, day-to-day use. More than one of the LTE implementations archived that reliability. They all guzzle power though, IIRC. But that's the easy part (offload ping detection and FEC (de-)coding to an FPGA).

Are there opensource impl for LTE baseband for smartphones? Which ones? I've heard of OsmocomBB and it is 2G only, IIRC. https://osmocom.org/projects

Thanks. I've heard of srs before but failed to notice their ENB project.

> srsENB has been tested and validated with the following handsets:

    LG Nexus 5 and 4

    Motorola Moto G4 plus and G5

    Huawei P9/P9lite, P10/P10lite, P20/P20lite

    Huawei dongles: E3276 and E398

That's a very limited set of handsets. I wonder what's stopping them from adding support for more devices: Is it lack of contributors (no traction, lack of interest), or the cost of development (insanely difficult to reverse engineer, potential IP infringement etc), or limited and buggy functionality (doesn't work with certain carriers etc)?

But non of the actual mobile phones will use software over dedicated hardware, so I fail to see the relevance of dalore's comment: "And that's why the fight for 5g is important"

You usually have cores doing what the specs requires and then a processor running your software gluing it all together.

Mainly because implementing LTE is much easier then UMTS.

5G isn't even considered critical infrastructure, same goes for the predecessors. So I don't know why the fight is important.

How is not critical one might ask - the amount of battery time when power goes down. It's in range of minutes, sometimes there isn't even a UPS.

> But if there is a kill switch in so many cheap devices then wouldn't someone would have found it by now? It's not like people aren't looking. It's not like these devices are super secure.

Meltdown was only discovered last year, despite being a vulnerability in virtually all Intel CPUs made since 1995. I suspect there are substantially more eyeballs on Intel, too.

Try building Meltdown on purpose! Who will know? How do they defend design choices to those who can't know?

Nobody can afford this in breadth. Granted, you can manufacture a rigged batch and keep it secret. But you can't have a broad capability and expect it to remain secret for long.