Hi,

Something that hardly (if ever) comes up in reviews are the security features of the N900/Maemo. So maybe someone could help me out here:

1. Is is possible to encrypt the SD-filesystem, so that if your phone gets stolen nobody can view your photo's and other personal stuff located on the SD card? (e.g. does Maemo offer native encryption support or Truecrypt or someting)

2. Are apps running in some sort of sandbox that prohibits them from accessing your phone contacts, e-mails, sms message, gps location, and so forth without giving explicit approval? (e.g. like Windows UAC or pre-install security info like Android).

3. Is the webbrowser running in a sandbox or would hackers e.g. be able to exploit some bufferoverflow in the Flash engine and run remote code on the N900?

4. How can regular users be sure that the software they install won't cause mayhem (like having a backdoor) coz on Windows there's plenty of Antivirus/Spyware tools to keep lusers safe.. Is there a roll-back feature like WIndows/Mac has?

5 How safe is the personal info stored on the N900? I would rather like to believe that all personal info on the N900 would be in some kind of safe: so that only with approval third party software would have access to it..(or at least have an option to ask for access permissions first).

6. In case the N900 gets stolen, is it possible to remotely wipe the device and/or locate the device through SMS or Ovi? Like iPhone, Android, Blackberry etc offer as a service?

I thought I was paranoid... you take the cake wanting to run TrueCrypt on your N900 SD/filesystem...

Security is a tradeoff with convenience. And a phone is too easy to loose.

You can use the Linux command-line tools for encryption, such as GPG. i use that on the n800, and assume its on maemo-5.

1. yes
2. no, but you've got the advantage on linux of being able to run apps with users with low access rights (I think Windows UAT copied this approach?).
3. Yes, mostly.
4. Be sure what you install is safe first. If 'viri' start appearing for the N900 then you can sure that anti virus software won't be far behind.
5. As safe as you not loosing it or installing any dodgy programs.
6. Not at the moment but I'm sure 'they'll be an app for that'

Personally, my n900 is always connected to internet ... in case of i lost it i can remotely completely erase all information on it ...

This is a great question, has anyone tried running a TrueCrypt volume on their N900?

Been using one for a few weeks now without any problems.

Are you running some sort of dynamic DNS service on the phone to keep DNS entry up to date with an IP? If someone steals the device and connects to a cellular ISP(tmobile,etc), how do you plan on accessing the device? Every ISP connection through a cell provider I've ever encountered blocks things like SSH, or the device is NAT'd behind their routers and you have no way of initiating connections to the device.

hi fred,
im new to linux. could you tel me how to install truecrypt in n900?
and which package to download?

thanks in adv...

I am using openvpn. phone reconnect to my server.