And what's more - modem often has full access to the main RAM without CPU control. It has the ability to read or even manipulate every bit of any executable or data you run on CPU without you knowing anything about it. And even if someone doesn't care about NSA and stuff, modem firmwares are often ridiculously buggy and easy to exploit, so go figure...
While producing free radio chip is practically impossible due to both economical and legal reasons (the closest you can get to it is OsmocomBB running on old 2G TI Calypso modem, and the only reason it exists is that TI Calypso has mysteriously disabled checking of firmware signature even thought the functionality for it is present...), there are devices that mitigate the risks by connecting the modem as a "slave" (for instance via USB - this might impact the performance and battery life, as CPU is busy copying data from/to the modem, but it's way more safe than DMA access) or even implement "modem firewalls" that monitor any modem activity and alarm if it does something when it wasn't supposed to do it. Neo900 (http://neo900.org/) is such project and soon there should be a longer article about this modem firewall solution published.
While producing free radio chip is practically impossible due to both economical and legal reasons (the closest you can get to it is OsmocomBB running on old 2G TI Calypso modem, and the only reason it exists is that TI Calypso has mysteriously disabled checking of firmware signature even thought the functionality for it is present...), there are devices that mitigate the risks by connecting the modem as a "slave" (for instance via USB - this might impact the performance and battery life, as CPU is busy copying data from/to the modem, but it's way more safe than DMA access) or even implement "modem firewalls" that monitor any modem activity and alarm if it does something when it wasn't supposed to do it. Neo900 (http://neo900.org/) is such project and soon there should be a longer article about this modem firewall solution published.