Exploitation of baseband vulnerabilities has become significantly harder on average. With Qualcomm having grabbed 97% of the market share of shipped LTE chipsets in 1Q2013, you see their chipset in every single top-of-the-line smartphone, whether it is an Android, an iPhone, a Windows Phone or a Blackberry.
While almost all other current baseband CPUs are ARM-based, Qualcomm has transitioned their entire modem software stack to their own DSP-based architecture, the Hexagon architecture. The architecture switch together with recent hardening of the baseband stack introduces significant challenges for exploit development which we will explore in this talk.