one last cautionary tale: some time back i used the techniques discussed to harden some Android phones brought with me into a hostile environment. i had kernel level protections in place, hardened the system configuration and services, pared down apps to the minimum and constrained their access to the file system and network. this was months of effort. the first adversarial encounter went very well in my favor - all of the attempts to exploit my devices were thwarted at these various layers and via these protections, with the sole exception of a Google Voice Search hack that kept voice search active in an "open mic night" eavesdropping capability. this was quickly nullified via kill -STOP (Android won't re-spawn an app that is already running, and a stopped process proved quite effective at halting this repeated invocation of search used to capture audio.) fast forward to round two, and i doubled down on the kernel, system, and application level protections. even more scrutiny is applied to applications to avoid the misuse of legitimate functionality for malicious purpose. i am feeling confident! ... and then a baseband exploit easily walks under all of my protections at every layer, completely and fully 0wning my devices, with the only hint at anything amiss being the elevated thermal dissipation and power consumption from the radios performing data transmission, all while the Android OS believed the devices were silent in airplane mode. [informative interlude: software defined transceivers should be in every hacker toolbox; radio level attacks are otherwise invisible to you. they are also useful for many other purposes, perhaps one day even providing a solution to the untrustworthy proprietary firmware and baseband systems crammed into every mobile device these days.] --- incidentally, this also demonstrates why IOMMU / VT-d guest isolation of devices on the host bus is very useful, as a vulnerable NIC could otherwise provide complete access to privileged memory and interfaces just like the baseband exploit above... assuming your CPU itself is trustworthy! "trusting trust" continues to be a persistent and difficult problem, leaving us all vulnerable to some degree or another - it's just a function of cost and skill to compromise. turtles all the way down! ;P