|
FOSS Maemo for high security
I've just bought an old and very cheap N900 to play with. I'm not familiar with Maemo. Now I'm wondering what it can do that Android can't.
One of the things about Android is security and privacy. Even with projects such as: - Cyanogenmod (open source, but it only goes so far) - Replicant; an attempt to be very open source but failed with binary modem drivers - the Guardian project; great idea but what about the permissions of other apps - various permissions apps It is very easy to slip into allowing an app carte blanche to the whole phone and if you do that then how secure is your privacy anyway? Now bear in mind how tempting it is to use Google Play for installs and that means Google Talk transmitting *something* to their servers randomly. So one thing that the N900 could be useful for could be as a very secure 2nd phone. Store your Bitcoin wallet here. Make encrypted VoIP calls. Send secure SMS. All in the knowledge that it's much more open source and therefore has the potential to be more secure than Android. Where can I find more info on this? Would I be better off with a different O/S? But if so, what? What are the limitations of the hardware? Is it option with the greatest potential for FOSS and security? |
Re: FOSS Maemo for high security
You are fooled, if you think in categories like one phone system is more secure than another!
Here are my top concerns as disillusioned user using a phone for security sensitive stuff: 1. The (mis)-use of sudo and root to give some applications the possibility to do their intended purpose without any passwords at all, is simply a big, big security hole in the linux system. 2. While real (as in: for the PC) linux distributions do a lot of work to fix bugs and security holes, the aging libs and kernel in maemo is not maintained by nokia, maemo devs, or kernel.org at all, it is simply an old kernel. In the beginning you could get packages from Debian installed, but even getting them from some repository archive for one release before Debian Oldstable, they do not install, because the libs in Debian Pre-Oldstable were at some time maintained, and they do not anymore play nice here in Maemo. 3. The real security concept seems to be: 'Well, nobody cares for us, we are a small, a very small, target, with no real appstore, but a number of repositories, where you have to really learn a new way of contributing, if you are an application developer and a widget set, nobody else uses in the phone market'. There is no security awareness in smartphone business, well, RIM had it for some time. There is no real encryption, the GSM protocol for data and voice is hacked since a couple of years. There is no easy setup of, even, email encryption, not dreaming about Voip, SMS, chat or a wallett. Applications to monitor the users are common practice, be it from manufacturers, providers or application developers. To take advantage of FOSS and the concept of 'providing security by openness', there are too few developers actively contributing security fixes. I like the fact, that from day to day people here have still new features in their applications and new ideas. But security is not on anyone's agenda. |
Re: FOSS Maemo for high security
@michaaa62,
While I tend to agree with what you've written, we need to remind ourselves that the N900 (with Maemo5) is not a smartphone but a mobile Linux box. All this "app permissions" stuff comes from the realm of smartphones (Symbian, Android, iOS, etc.) You (normally) don't have such systems under normal Linux. Most user programs in Maemo run under the "user" credentials (like in any other linux). The only way for a (user) program to become root without user intervention is when said program has been added to the sudoers list (either by the user or by postinstall) -- OK, or by setting the setuid bit, but this happens very rarely, and mostly manually -- Programs that are in the sudoers list are usually there for a reason, so there's not much we can do about that. One could of course create new application-specific users/groups and configure applications to run as an application-specific user, but then you'd have to tweak a lot so that those applications also can display on the ("user"-owned) X session (or perhaps running a separate X session on a separate VT, don't know if this is possible with Maemo). In short: your average Linux box behaviour. |
Re: FOSS Maemo for high security
the problem with smartpone security is not root access. It is user data access, which are obviously not prevented in any way by running programms as user and not root.
This is also true for a linux box, because it only depends on the fact that critical informations are stored on the device unencrypted. This is should be managed by a security framework, sandboxing applications and restricting API, and this is completely absent from the N900. You may have to check, but it's fairly possible that recording the screen and the mic can be done with user privileges. Also, because the kernel is unmaintained, sudoers list is most likely not the only way to get root level anymore (possible security breaches). So it's more like youre average 2 years old system, without the security framework. |
Re: FOSS Maemo for high security
thinking aloud here, but...
even though root maybe easily hacked (i'm not aware that i have to enter any password when typing root ?!?) doesn't the very fact that we have a very small user base protect us against "hackers"? it's fun to hack on our beloved N900s, but what "crook" would be interested in it? for the applications running in user space, in how far would putting our data under root:root (i think) protect it from casual app access? final thought about spying apps... doesn't the limited mem & cpu resources protect us against the worst of those in that an app / deamon / whatever that would intercept kbd / sound / touch / display would practically bring the N900 to a standstill? |
Re: FOSS Maemo for high security
<disclaimer: I'm no security nor OS programming expert>
When you consider that in the desktop you need a market share of more than 10-15% to be targeted by specific attacks, I'd say yes, there's no way someone would write one just for the N900 (or even for Harmattan). Maybe you could fall generic attacks (like flash based, because we don't have official java :) ), that sometimes impact linux as well, but it shouldn't be worse than your average desktop. But for a targeted attack, reporting ps regularly to a server, and then recording only when something interesting is happening (with DBUS), you should be able to record whatever you need without to much impact (screen recording is a bit more demanding, uses a noticeable part of CPU) |
Re: FOSS Maemo for high security
Is there something like 'Whistling in the dark forest' saying in English? Anyway, you are luring yourself in wrong security:
Quote:
Did you ever read the comment Quote:
|
Re: FOSS Maemo for high security
Why we do have openssl and gnupg everywhere and our email cleints don't do gnupg, IM does not do OTR and SIP does not do zRTP always made me wonder.
|
Re: FOSS Maemo for high security
Quote:
|
Re: FOSS Maemo for high security
And some more to get paranoid:
http://yro.slashdot.org/story/12/08/...by-governments I felt the need :eek: to specially quote this part: Quote:
|
Re: FOSS Maemo for high security
What bothers me more than root access is the fact that any 3rd-party app can access all my data easily, as mentioned earlier by erendorn.
Like Angry Birds accessing my address book and sending it elsewhere, for example. That's where action is needed. |
Re: FOSS Maemo for high security
You may want to try SHR and Nemomobile for n900.
Maemo is much more usable, but contains more proprietary software. SHR and Nemomobile have proprietary software only in kernels - hardware adaptation part. Anyway, Maemo currently is much more useable, I think. What about security, I would say, it's not that bad. Default email client in Maemo supports encrypted connections, So I use it with TLS connections to my own mail server, which is hosted by me. There is a sylpheed port (Maemo is just another GNU/Linux based distrubution, and it's one of the major advantages of Maemo over Android - we can use Pidgin, Sylpheed, Frozen-Bubble, etc) and I believe Sylpheed supports gpg encryption. I also use IM accounts to connect to my own jabber server. I have got SSL certificate from startssl.com, and my server is able to connect securely to jabber.org, so I can chat with it's users. Actually it works with any server, except Google, talk.google.com connects with my server without encryption. This means that my chats with google users is possible to sniff by someone between us. Here it comes that if I want to safely chat with someone on google, I need to use gtalk account. Here we have another question - safety from who? Cause if you chat with someone on Google, Google knows what you talked. On the other way, sometimes it is more important that your country's "secret service" won't be able to dump your chat, rather than google, cause google is not interested in your activities, but they are. I have to add, that I do not use regular cellular provider account, I took internet only sim card, and according to the law in my country it must be registered with passport. That means they can always get your location if they know who you are. That is why it is better to get some tourist's old sim card, when he moves back home, then if nobody knows who is the owner of the sim card, they cannot track you. Yes, I am not able to do regular phone calls, however I do not need to. All my friends are online in jabber, when they want to be accessible, so I can make a voice call over xmpp if necessary. If they are not oline, that means I need to write an email. I actually have a SIP provider account, and configured my n900 to use it, so I can turn it on in case of emergency, and I hope I would never need to use this im account. So this are some points from my experience, about how to be more or less safe by using a mobile device, and that's device is of course n900 |
| All times are GMT. The time now is 01:13. |
vBulletin® Version 3.8.8