![]() |
Once again N900 apps win!
Take a look at this article
http://online.wsj.com/article/SB1000....html?mod=e2fb In short it says how a lot of apps misuse data and share personal details about smartphone users without their consent. Only incident that we had was My Nokia introduced in PR 1.2 but that not very serious since info went to Nokia only and it didnt even work in some countries. Hence, OPEN source RULEZ and N900 is still the best :D |
Re: Once again N900 apps win!
Only incident... as far as you know. That's kind of the whole POINT of surreptitiousness. Considering the plethora of closed-source portions (despite all the puffery about being open), how do you know there isn't more going on?
|
Re: Once again N900 apps win!
It's a conspiracy...
|
Re: Once again N900 apps win!
Quote:
|
Re: Once again N900 apps win!
what about the anti-theft app that was sending data to a russian email address? and the maintainer was nowhere to be seen when people found out and wanted to ask a few questions about that...
|
Re: Once again N900 apps win!
Quote:
|
Re: Once again N900 apps win!
Quote:
|
Re: Once again N900 apps win!
Since we are going with the "not mentioned so it wins" -approach, and I didn't see WebOS mentioned in the article either, I'm going to say WebOS rules.
WSJ didn't say anything about Windows Mobile either so maybe this is a Maemo/WebOS/Windows threesome? End sarcasm. |
Re: Once again N900 apps win!
Practical use of this would be to conceptualize a framework for detecting eavesdropping/spying by applications and incorporating it into an application to run on the N900 to monitor for the behavior.
The story states: Quote:
|
Re: Once again N900 apps win!
Quote:
|
Re: Once again N900 apps win!
Quote:
|
Re: Once again N900 apps win!
Quote:
|
Re: Once again N900 apps win!
Quote:
Nobody confirmed ever a misuse of the data. The developer disappeared leaving a broken and closed source version in devel that many had problem unistalling. |
Re: Once again N900 apps win!
Since N900 uses deb-packages and not GPG-signed rpm-packages, and people, even and because even developers install software just by wget'ing it and 'dpkg -i'ing it without any way checking the authenticity of the package
and because there is tools like DNS-spoof and Mallory, I think almost all N900 users are backdoored long ago. Sadly, I think, all Linux-users also. There is an interest, it is cost-effective for the 3 letter agencies and there is examples. It would be quite huge job to check there is no well hidden Thompson Trojan's in Linux (and Maemo) -code. Anyway, after these "few" beers :-), I think everything Google knows, knows also these infamous three letter agencies. Information is power and it is never deleted. It is hard to find services or people who wouldn't be connected to Google somehow nowadays and it is practically impossible to stay anonymous in Internet. |
Re: Once again N900 apps win!
Quote:
edit: zimon beat me to it by like 12 minutes. There are other backdoors supposedly out there, I've always wondered about one that was surrounding the Unix BIND libraries - there seemed to be something around that area that was once questioned, then disappeared back in the early 2000's. |
Re: Once again N900 apps win!
|
Re: Once again N900 apps win!
I would think if enough demand is there we could do what the others won't or can't ... make a firewall app. Then of course you can be as closed off as you want and would know when the snitch runs for another company with your personal information.
That's the true beauty of the N900 |
Re: Once again N900 apps win!
Quote:
<Rather than pointlessly b1tch, moan and complain that the n900 is compromised and not worth the effort> An app could be created to address the issue. I would guess that this could never be done completely on an iPhone or an Android because backdoor comms are probably invisible to apps inside their prisoncells. The n900 could have just such an app to blockade or at least inform the owner of any nasties being broadcast. I thought wireshark would be able to show anything being sent, perhaps there would be an easier way though, since you would not necessarily need to listen to anything other than outgoing messages. For the truly paranoid it might be necessary to do some kind of traffic monitoring on the inputs to the GSM hardware to make sure there is nothing extra being generated beyond what the system network actually generates. Wish my broken unit was healed so I could check on this..:( |
Re: Once again N900 apps win!
The start would be if developers would start to GPG-sign their packages with debsig.
Then at least there would be some traces where the backdoor or other type of Trojan horse came from. It is a fact, people has and will be installing deb-packages also out of apt-repositories. And we could have something else in /etc/dpkg/dpkg.cfg Quote:
|
All times are GMT. The time now is 01:08. |
vBulletin® Version 3.8.8