Re: Security on Nits?
 

The viruses that do exist can't do any real damage unless executed by the user as root, and the keyloggers that are available on the net are extremely hard to get working.

I'm most worried about packet sniffers on an open network.

Re: Security on Nits?
 

Security is about layering. To say that something is absolutely insecure because it is missing a single layer is simplifying the topic to meaninglessness.

There are many layers of security that still exist on the tabletOS:

1) It is built on a Linux foundation. Linux developers (especially kernel developers) do think a lot more about security than the average.

2) The libraries and infrastructure sticks pretty close to upstream. The more you deviate from the common core code, the more you have to rely on your local security experts; the less eyes you have auditing your code; the more chance you will have security problems.

3) It is an obscure platform to write an exploit for. Malicious attackers will look to get the most bang for their buck and the tablet is not it. Not exactly a feature that Nokia marketing wants to use but it does help with security somewhat.

4) Linux generally does not run applications as a superuser. After they are installed, apps on the tablet generally run as the user "user" and that gives them much less leverage on the system. They can affect files in /user/home and /media/mmc*, maybe communicate via the various communication interfaces but that is about it. Certainly they have the leash to create a great deal of havok but it is limited havok should a security hole get exploited that way. This is in stark contrast to a Windows world where you are actively encouraged to run as an Administrator (and cutting the leash on anything you run) since so many things just don't quite work right if you don't.

5) The tablet is not always on and always connected to the network. Being mobile, it is jumping from network to network and spending a lot of the time sitting off and not talking to anyone. Most of the other part of the time, it is connected to an wireless access point that masquerades the network connection and often has a firewall built in. This greatly reduces the opportunity for network-based remote attackers to even try to exploit servers running on your tablet. The addition of the Wimax line of tablets sheds this significant layer though. Another axiom that goes along with "security is layering"; "Security is also always a trade-off".

So that is a (by no means exhaustive) list layers that provide a security patchwork that attempts to have 100% coverage of all possible exploits. Never can any anything ever achieve this goal. The security of the available application trust system is certainly a problem that throwing out buzz-phrases like "sandbox" is not going to solve ... sandboxes can be breached too. Nor does it mean that what you have currently is a pile of crap.

Hopefully people continue to think about security and making things more secure but I am not laying awake at night worried that someone is going to pwnz0r my l33t b0xx0r.

Nokia made a wise choice to go with Linux in that respect since it has a inherent security infrastructure and culture.

Re: Security on Nits?
 

Oops! I said that Android is likely to replace maemo, when I should have written qtopia - which does have a safe execution environment, and is the reason most analysts believe that Nokia bought Trolltech. As I said, typos happen!

Here's the page at Trolltech that probably represents the future of security on Nokia Linux devices:

http://troll.no/support/consulting/q...archterm=patch

- Very much the sandboxing virtual machine approach I would have expected for a modern mobile OS, as opposed to the cruder approach used by Nokia on their current flagship consumer platform:

https://www.symbiansigned.com/app/page

Re: Security on Nits?
 

"most analysts"? Could you produce your sources for that huge leap of logic?

From the page. "SXE is not an anti-virus application or a firewall." - I guess we're screwed.

Re: Security on Nits?
 

SXE is SELinux rebadged. It provides the exact same thing. I am curious why they reinvented the wheel or whether they are just starting with SELinux and culling some flexibility to make it more streamlined.

Re: Security on Nits?
 

That's a strawman argument. I never claimed that there weren't alternative methods of security. I discussed the Windows approach of firewall and other defensive software, virtual machines, and OS enforced certification and privileges: maemo isn't insecure because it fails to implement any particular one of these but because it implements *none* of them. It has no security strategy at all, and Nokia doesn't claim otherwise - the only thing they on the subject is that you're screwed if you install an app with hostile intent. (P42 of the N800 User Guide, which possibly shows someone has a sense of humour.) By comparison they have entire whitepapers showing why the qtopia and the version of Symbian they use on smartphones are safe.

Expressing concern is NOT a security measure!

Yes. As I've noted. This doesn't promise well for maemo's future, especially now that nokia have spent 100ME to buy Trolltech and qtopia, with its safe execution environment.

So a rogue app could steal passwords and creditcard numbers and stage a dos attack, but not do any *serious* damage?

Btw, given the openess to attack, does anyone expect to see maemo run on a phone, wiith the the potential for telecommunications dos attacks?


i. Normal people buy nits to use with public access points.

ii. One of the previous posters already thought of a way around the above, even on the occasions that your logic is correct...

iii. Which will probably be quite rare. Most people will use their nit at home and won't have nearly so paranoid an environment.

Wrong again. Better security doesn't always come with compensating drawbacks - there is such a thing as simply being more competent and making more of an effort. In fact, this is a general rule in programming and life. Trade offs do exist, but so do variations in quality in an absolute sense. For example, can anyone think of any reason why they would implement an e-commerce site without using encryption for transferring credit card information?

You actually haven't named a single genuine method of security. Honestly; try the above arguments on a real security mailing list - I encourage you.

Once again, do you have and use locks on your doors? I suspect the answer is yes, even though a skilled locksmith could defeat them. A decent sandbox can provide a much higher levels of security again, so you will understand if I conclude you don't really accept the logic behind your own argument. You do lock your house, your car, your hotel room and bicycle, yes?

Re: Security on Nits?
 

You seem to be under the impression that SE Linux is a Linux distribution. It isn't; ***it's a set of standards for one***. I'm unsure as to how you can state that it is exactly the same thing as SXE ("SXE is SELinux rebadged") given that you then go on to say that you don't know what the differences between the two are...

Anyway, SEL (I think like AppArmor) is about providing native Unix processes with security protocols. This has very little to do with the SXE approach, which is about implementing a safe virtual machine (which makes more sense in a heterogeneous hardware environment because if it is implemented correctly, as for some versions of Smalltalk and Lisp rather than Java, gets you cross platform capability without re-compilation.)

Unlike SEL, SXE *is* a specific implementation - which includes, but isn't limited to, a Linux OS.

So in summary, SXE and SEL are about as unlike as two computer security initiatives can be. Standard vs implementation; native code vs virtual machine.

Re: Security on Nits?
 

As a rule, if I'm in a public place, unless I can verify that an access point is "safe" I generally don't connect to it and start logging onto my online banking or webmail/instant messaging accounts.

I've been in too many places where SSID's come up as "FREE INTERNET" or "PUBLIC ACCESS POINT" and then don't connect to anything. That leads me to wonder about what it really is.

If I can verify the device (for example, I've used the one at my public library simply because the AP was sitting on the floor between two lounge chairs...not good security per se either but at least I knew where it was) then I'll connect to it. Same with places like Staples that have well-known hot-spots and subscription services like T-Mobile where you're required to authenticate.

I mean, think about it. You could configure your N8x0 as an adhoc AP with a nice innocuous SSID like "Public Cafe Internet", set up Apache and trap everyone with a fake website, a DHCP server, and a hosts file redirecting well-known sites to a packet sniffer in the background. Then wander around an airport, hotel or train station, or loiter around a Starbucks grabbing everyone's login info.

Heck if you really wanted to play a gag, have Apache serve up porn to everyone who connects to it :)

But like I said, Internet Tablets are tiny and mobile. Like laptops, the biggest security issue is that they're more likely to get stolen than hacked.

Re: Security on Nits?
 

It's one of the more benign Windows viruses.

I rather like the idea of redirecting traffic through a transparent squid proxy.

Re: Security on Nits?
 

<COUGH> Not that I'd actually do something like that </COUGH>