Nokia770 made into a penetration testing tool
|
Re: Nokia770 made into a penetration testing tool
did they replace the whole install, or just hide the hildon bits-
|
Re: Nokia770 made into a penetration testing tool
Link to company product page: http://www.immunitysec.com/products-silica.shtml
From the photos, it looks like it's using the maemo gui. They might have changed the kernel and added their own app. |
Re: Nokia770 made into a penetration testing tool
Crap, you beat me to it. Someone else reads /. here it seems ;)
|
Re: Nokia770 made into a penetration testing tool
ah I love duplicate threads.
|
Re: Nokia770 made into a penetration testing tool
Quote:
|
Re: Nokia770 made into a penetration testing tool
I doubt they replaced much of anything. One of their screenshots shows a link to gazpacho for crying out loud. Their interface is basically 3 buttons. I wouldn't be surprised if they have cobbled a Python frontend together on top of open source console tools. Hell, their one 'scanner' screenshot is the standard 770 wireless network locator dialog.
What amateur hour crap. This really annoys me. And the press cries out in their ignorance that this is a first of its kind pocket scanner. |
Re: Nokia770 made into a penetration testing tool
Quote:
But there's no rule against making money from Open Source, nor is there a rule that says you have to educate the stupid. May I suggest someone slashdots this? Those guys love this kind of ripping off the terminally dumb. |
Re: Nokia770 made into a penetration testing tool
Quote:
http://hardware.slashdot.org/hardwar.../1450252.shtml Looks like they upgraded to the N800 as well - maybe they'll be charding $3650 for the N800 version? :) http://content.zdnet.com/2346-12691_22-53766-7.html |
Re: Nokia770 made into a penetration testing tool
Karel: Correct me if I'm wrong, but doesn't the GPL prohibit businesses from reselling peoples' software? If this thing is just a py front end for a buncha commandline apps... ...
What disturbs me is there's three buttons and I haven't seen any output. "Scanning. Scan done. I found some stuff" wouldn't quite cut it... nor do they really get into whether nor not you can actually exploit vulnerabilities as opposed to just detect them. |
Re: Nokia770 made into a penetration testing tool
You can sell gpl software as long as you include the gpl license and the source code.
|
Re: Nokia770 made into a penetration testing tool
You can't really sell free (GPL) software but you can sell a support agreement for GPL software. The source code for any application that is based on GPL software must be, as I understand it, released however if this pen tester is merely a front end and isn't directly (compiler) linked with the GPL apps/libraries then it may be possible to circumvent the GPL and release the front end under a more restrictive licence.
|
Re: Nokia770 made into a penetration testing tool
For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights.
directly from th GPL my emphasys |
Re: Nokia770 made into a penetration testing tool
However, presumably their software isn't GPL (they wouldn't want people copying it).
"Not selling GPL software" is a utterly wrong meme which keeps getting repeated. Nokia are doing it. Red Hat do it. SuSE do it. |
Re: Nokia770 made into a penetration testing tool
Quote:
|
Re: Nokia770 made into a penetration testing tool
You also don't have to explain to anyone where the software came from. I used to work for a company that rebranded the AMPortal software for Asterisk and sold it as their own total product. GPL licences and source code all included.. but most users who would pay for stuff that they could get for free with 30 minutes of googling.. won't know or care what the gpl is.
|
Re: Nokia770 made into a penetration testing tool
Quote:
|
Re: Nokia770 made into a penetration testing tool
Author is usually mentioned somewhere in the source. If asked if they wrote the software they would say they made the interface, which was a half truth, but trust me.. no one asks that kinda stuff
|
Re: Nokia770 made into a penetration testing tool
There is no requirement under the GPL to reference the original author anywhere prominently (the so-called "advertising clause" of some BSD licences).
|
Re: Nokia770 made into a penetration testing tool
There are some wrong claims in this thread. IANAL, but I've actually read the license..
1) There is no advertising clause in GPL (see previous post) 2) You can sell the source or the binary for whatever amount of money you are able to get for it. It must, however, include the GPL (the actual license file). 3) If you sell or give binary code to someone you are also required to provide the source code, for a nominal fee if necessary (only to cover transport/packing) if, and only if, they ask for it, and only for a limited time (some years, mentioned in the GPL). NB: Only for this case is there a limitation on what you can charge: i.e. when you provide the source code _after_ you gave away or sold the original binary. 4) 'they' in the above means the ones you gave or sold the binaries to. 5) You are not required to give away any source to GPL code that you modified, unless you actually distribute binaries (programs, whatever). In other words, if you take some GPL code and make a special version for your own use, you're not required to give the source to anyone even if you tell (or brag) about it to someone. 6) Including a modified version as a part of some piece of hardware is of course equal to distribution. For the rest, better read the actual license.. it's not _that_ much text. |
| All times are GMT. The time now is 06:42. |
vBulletin® Version 3.8.8