View Single Post
Posts: 1,808 | Thanked: 4,272 times | Joined on Feb 2011 @ Germany
#5
Originally Posted by t-b View Post
Hopefully someone with more technical knowledge than me can provide some insight. How secure is an up-to-date N900 currently when you only use the standard applications and maybe occasionally the browsers in the repo?
The N900 hasn't received security updates for a long time now so I am wondering how safe we are and what we can do to protect ourselves.

I basically try to avoid browsing at all or browse for a short period of time and only to sites I trust.
I have easy debian installed, so for 'less trustworthy sites" I can always use a recent version of iceweasel. Easy debian makes use of a chroot so I assume that is intrinsically more secure than using standard maemo apps.
That is only browsing though.. other apps I should avoid or at least be aware of?
At the risk of oversimplying the situation, using your N900 is, in terms of security risks, similar to using any other up-to-date linux. There are basically no Linux-based exploits in the wild. And N900/Maemo being not quite a "standard" Linux some things will be missing which imply that e.g. an exploit requiring bash will fail (because we have busybox), etc.

Note also that chroot has nothing to do with (real) security.

Obviously there are many -- known and unknown -- unpatched bugs and security holes, but for most practical purposes you're safe -- safer than with a modern Windows with an up-to-date antivirus anyway
 

The Following 7 Users Say Thank You to reinob For This Useful Post: