Hi. I just found this forum, and I apolgize if these questions are already answered someplace else but I really don't have a lot of time to be searching right now.

I am looking for an internet tablet for the sole purpose of being able to send/receive email and chat via Google Gmail. All of the other features of the 810 are nice, but all I really need is the email communication part. Since its primary use would be email (and lots of them) the keyboard feature of the 810 seemed very nice. It also needs to be small enough to fit into a purse, and the 810 seems to fit this criteria too.

My concern is about security. This tablet will be given to a woman who is trying to extract herself from an abusive relationship (which is a lot easier said than done). Keylogger and internet tracking software has already been installed on the home PC in order to track her activities, and she no longer has a secure way of communicating with friends and family.

Here are my questions:
- does the 810 have a password option on startup?

- if it has a password feature how secure is it? Does it trigger the password in the early stage of booting up so that you couldn't install malicious software without first getting through the password stage?

- is it possible to boot the 810 through any sort of USB connecttion and extract the content onto another PC?

- If the 810 won't meet my needs do you have any other suggestions?

These questions are complicated by the fact that the person trying to breach the security might have physical access to the 810, not just someone trying to intercept your communications in a wi-fi cafe or something.

I am more than willing to spend the $$ on the 810 but only if it is going to be secure. If she can't secure it then she can't use it and it will just become an expensive paperweight.

Thanks!

Yes, the n800 and n810 have lock codes you can set (it comes with a default lock code that you can Google) so be sure to change it. Once enabled it will ask for it every time at start up. Without it you cannot access the device even if you plug in the USB connection. I believe you cannot flash it either without the lock code (after enabling it).

Unsure of SD cards however, people could always eject them so don't put anything on the SD card that you want to keep private.

Good luck, I took a class on domestic violence, and in the second semester I worked in a domestic violence shelter. So I know a little about how hard it is.

These questions are complicated by the fact that the person trying to breach the security might have physical access to the 810, not just someone trying to intercept your communications in a wi-fi cafe or something.

Physical access trumps everything. I can extract almost anything from any system, including passwords, assuming I have physical access.

There's no 100% security against physical access. The data on the device is not encrypted and it can probably be read without knowing the code using the flasher utility, USB and some inside knowlege about how N810. However this or installing other nasty stuff such as software keyloggers is not trivial and cannot be googled. If he tries this it will take time and programming knowledge.

I think the tablet can serve as a secure communication device if passwords arent stored locally and all communication is encrypted.

The big advantage of chosing N810 over a regular computer is, that probably neither for its hardware nor for its software any malware is available. That is, if you want to install a keylogger (either hardware or software) on the N810 you have to do it manually.

Cheap alternative: Boot from a Linux Live CD like Knoppix. If the hardware cannot be manipulated, I'd consider this equally secure. (Of course, any computer can be compromised, but not by anyone. I think, it's difficult to install a hardware keylogger on modern notebook.)

Actually i think, given it is a linux device makes it a lot harder to install any spyware kind of thing anyway...

I suspect that the tablets will be secure enough for this use... IF the owner is diligent.

I suggest using a web based mail, and not store the password on the device. This way nothing is stored on the Nokia.

This being said, nothing is 100% sure. It is always possible to install a sniffer on the network.

I don't know how good the password protection is and where it is stored. It is, for example, possible, to boot an IT from a SD-Card. Is this blocked by a password?
Is the filesystem mountable without the password?

For the rest: I believe it is a huge advantage, that the ITs are linux based.

Some random thoughts:
Concerning the emails, that woman should choose a mail provider which allows ssl-encrypted connections for sending and receiving, so even *if* there was a sniffer on the network, it would be useless to sniff the traffic.

These emails should be fetched with a mail client that saves the ssl certificate (claws mail does that for example, and it is capable of imap4-mailboxes with ~20000 mails in it). After the ssl certificate is saved, man-in-the-middle attacks are useless (as they would offer a "changed" certificate. (man-in-the-middle attack is roughly: The intruder sits on your network and watches you wanting a ssl connection to mail.provider.net. He cuts your connection but offers you *his* ssl-certificate, boasting to be mail.provider.net. The victim believes it is the certificate of his provider, accepts it and has a secure connection... to the attacker, who decodes the traffic and re-encodes it for the *true* provider, so the victim won't notice anything... except that the certificate changed...))

I don't know how well GTalk is encrypted and whether you can access it per https, but it might be worth to consider data connections via cell phone instead of wlans (but you might get a trojan on the cell phone...)

Oh, the cell phone should be as simple as possible, no symbian os or windows mobile, no camera... the less "os" the less trojanizing opportunities ;-)


/EDIT: http://www.internettablettalk.com/forums/showthread.php?t=15742
discusses booting from a fully encrypted partition - so the whole file system can't be read with the IT off

My concern is about security. This tablet will be given to a woman who is trying to extract herself from an abusive relationship (which is a lot easier said than done). Keylogger and internet tracking software has already been installed on the home PC in order to track her activities, and she no longer has a secure way of communicating with friends and family.

My concern would be that if the abuser has gone this far already, why would he not take/destroy the n810?

Other options that might make sense...

Sidekick? A used one + a prepay plan
Cell phone/tracfone? Many shelters will give these to abuse victims
Linux LiveCD/Bootable USB? Reboot the computer and have a secure environment for using a webmail service

The n810 sounds like it *might* work, but it can be a little quirky.

Just as an aside, I once helped a woman in a similar situation try and protect some data with things like passwords, and when the abuser ran into them, she got beaten very badly.

Know what you're doing, I think the moral of that is.

I don't know how good the password protection is and where it is stored. It is, for example, possible, to boot an IT from a SD-Card. Is this blocked by a password?


You cannot boot from the SD card without having enough access to the device to modify the initfs (for someone not highly familiar with Linux, this would involve using fanoush's initfs_flasher, which must be run on a booted device). Either way, even if one were able to boot to something other than the rootfs, getting the rootfs mounted takes a bit of work from there.


Is the filesystem mountable without the password?


Not easily over USB (and definitely not while the device is booted), but do not store anything of importance on either the 2GB internal flash or the MiniSD card.

I think probably the most important thing here is security through obscurity. Does the guy have any background with Linux? If so, any background with embedded ARM devices? There are no easily installable monitoring solutions available from the internet, and getting one running on the device would be quite involved.

Obviously, as has been stated already, physical access trumps all, but even with it, one would need a strong knowledge of Linux (and in particular, ITOS/maemo) to accomplish anything with it.

Obviously, as has been stated already, physical access trumps all, but even with it, one would need a strong knowledge of Linux (and in particular, ITOS/maemo) to accomplish anything with it.

And time, too, unless it's a really strong knowledge.

A couple of thoughts:

GMail is httpsable; using http://mail.google.com redirects to a https login, which then goes http for mail access. But going to https://mail.google.com gives https clear through. Keeping the data off the device is probably better, even as secure as the N8X0s are.

VoIP or IM is good because conversations are not stored.

<rhetorical-question>Doesn't she have a father, brother, anyone who cares enough to up and tan the lousy punk's hide?
</rhetorical-question>

So i take it, she's single! Some lucky guy will take that 810 as payment for putting the beatdown on a woman beater..

<snip>
I am more than willing to spend the $$ on the 810 but only if it is going to be secure. If she can't secure it then she can't use it and it will just become an expensive paperweight.

Thanks!
I'm surprised no one has brought up the fact that because of it's size she could just keep it with her. If mine is not in my pocket then I'm not fully dressed, It charges on my nightstand when I do (sleep). If for some odd reason she is living with the abuser that should be remedied first, before you have to identify the body.

I'll briefly suggest a Palm TX. No keyboard, but built-in full file system encryption (AES) that auto-encrypts based on a timeout or power off. Set it to one minute, and with one minute of inactivity the device re-encrypts the entire file system. This would be a more than adequate level of security for this situation and does not require much in the way of diligence by the user aside from protection of the actual password.

Yes, I'd much prefer to use the Nokia for its better screen and keyboard, but hard to beat the automatic security on the Palm.