> Baseband vulnerabilities are overhyped, imo. On proper phones (eg. pixels), their access to memory is restricted by IOMMU, which protects the rest of the phone from being compromised if there's some sort of an exploit.

Doesn't Google require all new Android-branded devices to isolate the baseband from the Android OS and applications?

I swear I read this somewhere in the last few years, though I can't seem to find any clear reference to it now. Hmmm.

> For instance if you can hack the baseband to steal traffic, you should probably be more worried about your carrier being hacked or getting a lawful intercept order.

Everything should use TLS/DTLS/QUIC, and an up-to-date PKI for obligatory certificate validation, otherwise I assume it's already being MITM'd by the NSA, every other three letter agency on the planet, corporate firewalls, and my ISP.