Your phone has 2 (or more) processors in it. One that runs the kernel and the operating system that you think about as being Android. The other is another ARM processor that runs closed, proprietary code, and it controls the radio.
The concern is that the proprietary code has an API that can access the filesystem. If the MODEM receives a command from the cellular tower, or another device that looks like the cellular tower, it looks as though the radio's processor could be instructed to extract data from your phone and perhaps send it out over the radio to some other party. The reverse could be done as well, putting data on your device.
Since this happens low-level, it communicates with the kernel on your main processor and is outside the normal security measures placed on regular applications running on your device. If the radio firmware doesn't have an explicit way to perform this task, the other concern is that a vulnerability in the radio firmware might be exploited to do this anyway. Because the radio firmware itself is closed source and proprietary, the real implications of this are still not well understood.
The project that discovered this about the radio firmware is trying to create an open-source replacement firmware that runs on your radio's processor. In the course of trying to implement a compatible firmware, they discovered these questionable APIs.
The implication is that even if you completely replaced your ROM on device with a trusted and secure open-sourced one, the proprietary closed-source drivers that are needed to communicate with the hardware, may be able to do things without your permission or detection.
Hacker News is a marketing implement for a business development company, whose primary mission is taking inexperienced people and giving them a leg up.
The idea that you have to be an expert in everything before you ask anything runs counter to the point of the site.
