Over the past months, we have been asked a lot whether Replicant is going to
be running on the Fairphone. The goal behind Fairphone, as its name
suggests, is to build a phone that is “fair”. This covers a lot of different
aspects that the Fairphone company took care of: such topics as using
fair and conflict-free resources, ensuring that all workers along the supply
chain get a fair wage, improving the handling of electronic waste, being
transparent about the cost of each part of the device, its technical
specifications and encouraging open and flexible designs.
We are really glad to see a company producing electronic devices taking care
of such many important aspects as social conditions of workers, ecology and
handling of e-waste as well as transparency and being “technically open”.
What we are especially interested in, at the Replicant project, is how good the device will be when it comes to software freedom. Hence, we have spent some time investigating the device, even though it is not out yet. Thanks to the cooperation of Fairphone, we were able to draw a quite complete picture of it.
The Fairphone will ship with a modified Android 4.2 version. An overlay
interface was developed for the device and should be released as free
software, but what we are really interested in is the parts that deal with the
hardware. First, the Linux kernel source code for the device will be released
(it is copyleft software so this is an obligation). It will also be possible
to build the kernel from source and install it on the device without the need
to sign the kernel with the manufacturer's key. Actually, there should be no
signature check on the Fairphone for the kernel or the bootloaders. Some
of the bootloaders (maybe all of them; we cannot tell for sure at this point)
are free software and it should be able to replace them with a free build. We
are a bit worried that the tools to flash the Fairphone may be
proprietary, but if the bootloaders are free and/or there is root access out
of the box, there will be ways to work around this problem. On the system
side, some of the libraries that deal with the hardware have been released as
free software for devices that use the same platform (Mediatek 6589), so the
basic required features such as audio will likely work. We are also confident
we will be able to handle the modem with free software (that means telephony
and such will work).
Fairphone is really trying hard to get Mediatek to release as many
components as free software as possible, but they don't have the source in
their own hands and nor can they decide to make it free software themselves,
so it may take some time to arrive or eventually not succeed.
However, things are not looking so good when it comes to evaluating the platform that was chosen for the Fairphone: the modem is embedded in the System on a Chip (SoC) which leads us to believe that it is poorly isolated from the rest of the platform and could access critical components such as storage, RAM, GPS and audio (microphone) of the device. If this was to be the case (we can only speculate about what the truth actually is), it would mean that the Fairphone is fatally flawed for security as it makes it possible for the phone to be converted to a remote spying device.
In conclusion, we think it will be possible to have Replicant working on the
Fairphone and the bootloaders (that are not part of the operating system)
may even be free software, but we believe it is seriously compromised
security-wise because of the poor modem isolation.
However, Fairphone seems definitely interested in doing things right on
the software freedom side and helping us get Replicant running on the device!