Re: Security on Nits?
Quote:
|
Re: Security on Nits?
Quote:
Imperfect != inherently insecure. |
Re: Security on Nits?
Quote:
And the programming would take a lot less time as well. The NiTs I would put as so far under the radar it wouldn't be worth the overhead of programming for them. |
Re: Security on Nits?
Quote:
Likely the most bang for the buck will come from organizing a central repository of software that is simple to submit code to, where the source code is actually audited and the apps are built with a trusted compiler so that your source -> binary -> distribution chain is trusted. For those who want to stay in the protective bubble, they can just have that repo enabled. I think Nokia has come part of the way but is not completely there yet. I am not sure if this goal is even on their radar. All other Linux distros do this is some way so that trojan programs don't slip in and their users have a safe harbour. For those who are more daring, third party repos abound. There is very little that can be done to secure those who don't care to be. The biggest weakness in computer security is generally between the keyboard (or the touch-screen in this case) and the chair. |
Re: Security on Nits?
Quote:
Anyway, leaving this aside, you're still wrong: the security tools on decently configured PC's will pickup a naughty application being naughty in the first few days. After which the app will be removed from download sites, before it has time to spread. You might say that the app could wait six months to build decent user numbers before doing naughty things, but a lot of people delete this things every couple of weeks or so. Which is why the world economy isn't collapsing because of $50M videogame thefts, in case you were wondering. In the real world, investing serious effort in a free game would probably only yield a few hundred successful attacks. Quote:
Quote:
|
Re: Security on Nits?
Quote:
Quote:
Sandbox execution, otoh, can make the engineering effort for an attacker very high to impossible: that's the way I'd go. It's what Google are doing with Android, and it seems pretty bloody obvious as a solution. Edit to add: Nokia seem to going for a form of sandboxing on Symbian: http://www.forum.nokia.com/main/plat.../security.html |
Re: Security on Nits?
Quote:
Quote:
The trouble is giving a (clueless) user root, even for the limited purpose of installing packages. There's nothing that can (or should) stop a determined sysadmin from hosing a system, or a careless one from doing it by accident. |
Re: Security on Nits?
Quote:
Quote:
Quote:
Quote:
Quote:
Quote:
Quote:
Firstly, installing OS's should be an usual procedure that can have all sorts of special warnings and affordances (eg turning off the machine and following a special reboot procedure) to cue the user that he is performing an usual task and get him to read and think about warnings. I doubt many users could be persuaded to load a non Noka OS even without security warnings, but with them - forget it. Not a practical method of attack. Secondly, ***most potential users would be willing to give non-Nokia OSes to get better security!*** Otoh, I can't count on Nokia for decent apps - not even an ebook reader or a PIM. Quote:
The current security model (ie none) is a fairly good explanation why the Nit hasn't been picked up for vertical applications and other corporate development. Anyway, I suspect that Nokia will be ditching Maemo/ITOS for Android (which does use a sandboxed virtual machine) if they continue updating firmware after the next release. It's hard to see why they'd carry on with Maemo after this point. |
Re: Security on Nits?
Quote:
Quote:
Quote:
Quote:
Maemo tools have come on leaps and bounds in the last year from what I can see. Quote:
Its like anything. Yes, I could get blown up in a tube train by terrorists (or in my case in the UK, shot by the police thinking I was a terrorist) but it really isn't worth putting any effort worrying about because I am thousands of times more likely to be hit by a truck driver on the motorway who fell asleep. When I connect to my bank I have a hardware encrypted password generator, supplied by my bank. They can log every detail of my bank transaction, but without that hardware dongle it won't do any good. The rest of it? It doesn't work like you seem to think. it works by a low hanging fruit idea. However clever and complicated your scheme making this nokia key logger, your profits will always be dwarfed by those who put their effort into getting people to enter their passwords on your website by offering them money for nothing, claiming to be their bank or a request from ebay/paypal. A large number of people are fairly clueless, and that isn't going to change. It is much easier, and it works. I am going to carry on using my nokia without a firewall and I am not going to lose any sleep over it! |
Re: Security on Nits?
Quote:
Quote:
Quote:
Quote:
Quote:
Quote:
Quote:
I didn't say new OSes, did I? I did mention the kernel rather than libraries, because it's possible to (at some cost) pack any library dependencies of an app into either an all-in-one sandbox, or an app-specific sandbox. (Major subversions are possible if I can replace shared libraries used by other apps with a modified version, but the latter means you might as well have everything statically linked.) But updating the kernel is not limited to "installing OSes". Xrandr, SDHC support on 770s, high-speed MMC, backlight control, DVB, various USB-OTG related modules... Lots of stuff here that requires root access. Quote:
Unless you suggest some sort of signing system or other lockdown for anything outside the sandbox (in which case Nokia can forget working with the F/OSS community to work through to step 5, as per their indicated plan), you still have that problem. Because it's "irrelevant to how a sandbox model works", a sandbox model can't fix it. Quote:
|
All times are GMT. The time now is 13:04. |
vBulletin® Version 3.8.8