Re: Security on Nits?
 

Do you mean "taskbar"? Regardless, I expect many users wouldn't notice if one of the dozen or so little icons they don't understand disappeared from the system tray, especially in recent Windows versions that hide unchanging tray icons--like those for firewalls--anyway.

You'd have done better to argue that Security Center might notify the user that his or her firewall had vanished, but once malware has gained access enough to kill a firewall, it likely also has sufficient freedom to adjust the registry to prevent that warning.

Re: Security on Nits?
 

This discussion is somewhat silly. The Nokia Internet Tablets (NITs) are generally secure because they are not ran by many people as mentioned before. Additionally, while a device can be attacked, there has to be a motive to a degree.

The NIT is not by default very accessible from the internet making a firewall a moot point. Any services installed later (such as SSH) come with inherent issues that a person should know about before installing those applications. However, without installing those additional applications, I don't think the NIT can be accessed remotely.

So, the only attack avenues left are local and application. The local aspect is additionally silly because if a person has your NIT then... they have your NIT! While there exists a way to lock the screen with a password, it isn't the most friendly thing possible (it doesn't support key/screen locking as well). Still, any files on an SD card would be accessible even if the device wasn't.

However, for remote attack, the only thing left is applications. New users won't dabble much with this, advanced users would prefer applications they can see the code for (open source), and malicious attackers don't have much of a way to get their information inside a program. True, they can port an application to a newer OS release and put malware in there at the same time, but the attacker would have to know the new OS. Besides, if the port release isn't open source with the original being open source, many folks would be very suspicious. However, any issues with applications apply to anything that runs programs such as any operating system.

The NIT isn't any less secure than it has to be. Fortunately, the NIT is Linux at the core so security related programs can be ported over. The NIT, like Windows Mobile and Palm, doesn't have a firewall or really a way of protecting from an attack... simply because there is nothing there to attack.

If you are carrying national security secret information on your device then you are rather foolish. If somebody wanted to attack you specifically with no limits to time or money spent on their part then they can succeed. However, as an individual, I assume you would want to protect your information just as adamantly.

There is a TON of people out there, most do not use the NIT. An attacker wants a maximum return of information from as much people as possible. Because of that, they will steer clear of the NIT, Linux, and other niche areas. It simply isn't worth their time since an attacker would find more success elsewhere.

Still, it is sad that this thread is becoming the subject of a Wikipedia edit war. Even though I am speaking from my own experiences, I would think that the other side of this argument (that NITs are insecure) should be sourced with something more reliable than another person's experiences (especially since the insecure argument isn't believed by many).

Ah well... I thought I would provide my 2 cent rant...

Re: Security on Nits?
 

Assuming you're not just trolling, one would think that any mechanism that can subvert the system enough to install a keylogger can also subvert the firewall or anything else it needs to.

I've read the entire thread, and I have a feeling that you have about as much security sense as a typical auditor -- you're looking for tickboxes on a security checklist, without understanding the fundamentals. You don't always need the protections you are looking for, depending on the risk of a successful attack in the first place. If the risk was higher, there would be controls.

If you want to consider another platform for your security perusals, go check out all the Linux-based home routers out there. Gads! They aren't running Windows! I'm sure there are plenty of Linksys mailing lists looking for your wisdom.

Re: Security on Nits?
 

This is meanwhile's pet gremlin, and he's not going to let go of it, facts and logic be hanged. Best not to feed the thing nay further. ;)

Re: Security on Nits?
 

The thread/gremlin or meanwhile?

Re: Security on Nits?
 

Either. Both. ;)

Re: Security on Nits?
 

Au contraire, feed both!
Feed the thread, feed meanwhile; feed meanwhile the thread!

Re: Security on Nits?
 

Ah, Hansel... you've run out of bread crumbs, haven't you?

:p