A big simplification indeed. Replacing the modem bit should actually be pretty easy, it's just the interface glue. Replacing the baseband is much harder as that implements all the wireless protocols needed for GSM/3G/LTE. Since the baseband tends to run on an independent processor capable of accessing all main memory it's kind of scary what could be there. Even if the hardware design is better and the baseband is behind some form of MMU it is still capable of sending your location and all your traffic to an attacker. That together with the fact that most Android phones don't get any meaningful upgrades makes Android a minefield when it comes to security.
> Even if the hardware design is better and the baseband is behind some form of MMU it is still capable of sending your location and all your traffic to an attacker.
We could just consider baseband to be on the untrusted side of the network. Without access to anything but the restricted communication channels the worst things it could do is perform some calculations to eat your battery.
Network operator already knows (or may discover) your rough location and has access to your traffic anyway. So, just make sure private traffic's well encrypted and authenticated, and develop the hardware to be capable of provably powering down the whole baseband module when you want it to be off (location privacy). Problem solved.
