(12.11.2013) The insecurity of baseband software is not by error; it‘s by design. The standards that govern how these baseband processors and radios work were designed in the ‘80s, ending up with a complicated codebase written in the ‘90s – complete with a ‘90s attitude towards security. For instance, there is barely any exploit mitigation, so exploits are free to run amok. What makes it even worse, is that every baseband processor inherently trusts whatever data it receives from a base station (e.g. in a cell tower).