You do understand why baseband processors exist?

They manage the RF functions of the device. In cellular communications they ensure the device operates within limits specified by the appropriate regulators. In some countries this processor runs a secure binary blob that has to be certified by the regulator of that country; USA is that way.

If your tin-hat paranoia is so strong that you would gladly give up this device, then perhaps you are also willing to give up the cellular communications, and possibly the WiFi communications (if the two functions are handled by the same chip), of your device.

Of course your actual unspoken intent might be nefarious... to operate your RF functions in illegal manners not allowed in whatever country you might be in right now.

Or perhaps you have no criminal intent here and simply want to write FOSS for all parts of the device? In that case I refer you back to my comment above about government regulators.

Perhaps you dislike government & government regulators? Then I guess you see no reason for orderly & organized usage of RF spectrum since without an ultimate authority over such a limited resource only chaos could ensue with people doing as they please with it.

Additionally, there might be actual technical reasons to separate out the baseband processor from other functions in the device.

what do you think modem processor is?

Is there anything stopping that blob from communicating with the NSA etc. even when you have not explicitly connected to wifi or a cellular network?

I'm not fine with having a chip that runs proprietary code that can be pushed to it OTA by my carrier. In smartphones, it often has access to system memory, so you could have a carrier that pushes a payload that dumps your crypto keys, for instance. There's also a possibility that a letter soup agency could get your carrier to push a payload to track you even more than it's normally possible with your average baseband software.

I only use Wi-Fi in cases where there's no way to get a wired connection, as it's always inferior to a wired connection, so it makes little sense to use it even for pragmatic reasons.

Where I can read more about this? Could this work in case of Lenovo Yoga C630 WOS - how carries can push firmware to modem in case of ARM laptop?

In theory, "No", but you did say, "NSA" and that group is known for all sorts of tricks.

FYI - "Airplane Mode" is supposed to stop all RF emissions from the cellular modem function, but it allows the Wi-Fi & Bluetooth functions to work if enabled by the user.

Like I said, "tin-hat paranoia".

In some countries you have no choice regarding the binary that operates in the baseband processor; that's the deal the cell phone manufacturer and the cell carriers make with the regulators in order to operate in that country.

USA would definitely fall into that category. It's called "certified code" and the FCC does the certifying. If you are not fine with that then don't use a cell phone.

As for those alphabet soup agencies, if you worry about them then you probably have issues we don't want to hear about in this public forum.

Wired connection with a cell phone? I never heard of anyone doing that, and I used to work in "the heart of the cell phone & carrier industry"... before I found other things to do.

Last note:
As long as (1) your cell phone is turned on and (2) not in "Airplane Mode" (presumably, which means the cellular function is turned on) and (3) you are in a coverage area, then your cell carrier always knows where your phone is within a few hundred meters. The cell carrier NEEDS that info so it can notify your phone via the nearest cell tower when you have an incoming call, system notification (voicemail message, child abduction alert, severe weather warning, and so on) or text message; that's how cellular phone technology works.

Some carriers even determine if a phone is "activated" (permitted, allowed) on their network based on system messages between the phone and the carrier, BUT the phone has to be (1) on, and (2) cellular mode enabled, and (3) in a coverage area. Ever wonder how prepaid phones work? I just told you how it works. That's why prepaid phone services tell you to turn them on after paying up, so the carrier can verify the phone details recorded in the account record against the phone in the field.

While you might wish for your location data to be kept secret it generally is not. Most governments seem to have easy access to it, regardless of what the laws might say. T-Mobile was recently cited in an online article for selling location data to 3rd parties, and other carriers might also be guilty of it. Sometimes employees at cell carriers "sell out" and provide such info to people willing to pay for it. Many of those apps you use on your phone are notorious for leaking your location.

It's enough so say, once you start carrying a cell phone, half the work of a government tail (law enforcement, spy agency, and so on) on you has already been done... by you.

The baseband firmware is not part of the certification process in any country I know of, including the US. You hand in the technical documentation of the radio part of your device plus a bunch of RF measurements captured during normal operation. If the documentation follows the guidelines and the RF emitted by your device doesn't seem to interfere with other devices, you get approval for the whole device and can ship as many baseband firmware updates as you like. Neither the companies nor the regulatory authorities out there have the resources to get each and every firmware release certified.

What you probably mean is that some regulatory authorities, including the FCC in the US, force the manufacturer to "to prevent third-party firmware from changing radio frequency parameters that could cause interference with other devices". That has the same effect (locked-down baseband firmware), but has nothing to do with certification.

Everyone has the right to use the devices they own as they see fit, but the NSA has little interest in 99.9999% of the worlds population.

If you were identified as someone who contained information vital to some government organization, there are much more effective ways to get the data without using a backdoor in some blob.

I enjoy privacy just as much as anyone else, but individuals who place themselves in some elevated form of importance by placing draconian boundaries on their use of electronics is reaching for a new form of narcissism.

Nothing wrong with being educated about how products are used (or abused), but when one goes out of their way to publicly announce their exceptional view of exclusion, you begin to wonder what the motivation was all about to begin with.

tbh, I think a bit of the paranoia about integrated modem stuff is a bit overblown. I mean, if you for some reason have some fairly serious adversaries (ie. think people who can somehow send in a team to steal signing keys for both the system and modem firmware), sure I get the desire to not trust what can't be audited by yourself or someone(s) you can trust. But otoh for the remaining 99.99% of folks out there, how much of the code that is sitting between you and the firmware has been *thoroughly* audited? Judging by CVE's I've seen, there are less exotic attacks to worry about.

But as a practical matter, these days some signed system fw configures hw to firewall off memory access from modem to cpu and visa versa.. because things crash. And you don't want the modem taking down the hlos or visa versa.