![]() |
Security on N900
My concern is that the N900 is designed to be always connected and it is a Linux system with all the standard security issues. It probably comes with a default root password with lots of open ports. Are users directed to change the root password? Or do users have to know that to do to protect their device?
Anyone reading this is not a typical user. The typical user takes the 'phone' out of the box, puts the SIM in, powers up, and uses it. Security hygiene is not on their radar. Since this device is different from the previous tablets from Nokia does anyone know what is provided to protect users from the nasties of the world? |
Re: Security on N900
Quote:
|
Re: Security on N900
Quote:
|
Re: Security on N900
There isn't any standard way in UI. But since all applications are installed as root, you'll Install an application and installation scripts enables sudo or something else.
|
Re: Security on N900
Quote:
|
Re: Security on N900
Quote:
What stops you installing a malicious application in Ubuntu? Or in Windows? |
Re: Security on N900
Quote:
Of course, preventing the user himself to do something with the device is against what Maemo is, so hopefully we're not going to see any of that ugly "nanny operating system" stuff. |
Re: Security on N900
Quote:
I did not intend for a flame here but there are always security issues with any operating system. Telling me to believe without proof just raises my concerns. Maemo is not Ubuntu so using that as a proof point is, by itself, not sufficient. Any pointers that will make your point about the security of Maemo? |
Re: Security on N900
Quote:
If you want to see what's listening, you can either log on and run "netstat -an | grep LISTEN", or you can run an nmap port scan against it from an external machine (which is probably more useful in a practical sense as it reveals what's actually reachable through the network after various firewalls and the like have been passed instead of what theoretically is running according to the kernel). |
Re: Security on N900
Quote:
You made your initial post sound like if someone was going to take the phone out of the packaging and get rooted remotely in seconds. To do that, the phone would need to e.g. have by default a ssh server running with a default root password. There is no such server in the phone. Without such server, they could even ship "rootme" as the default root password. Nothing would happen; you would need to get at the phone's keyboard to enter it*. Well, at least in the N810. Which you can buy and test everything we have said in this thread by yourself :) *Of course, nobody said e.g. 0 exploits in the browser. As you said, no operating system is safe. But between 100% and suicidal there is a big difference. It's not like your average Symbian phone is 100% safe. |
All times are GMT. The time now is 23:09. |
vBulletin® Version 3.8.8