|
A big security flaw (mozilla, maybe more)
How do you reset the N900? I mean really reset everything? Seems simple? Maybe not.
I just bought a second-hand N900. Since it did not have the latest maemo release, I just flashed it. Then I installed some software, including firefox. Something a bit strange: firefox is full of bookmarks. Since it is not really obvious how to use firefox, I try a few things, click on some symbol... apparently it offers to "synchronize with my laptop". I think to myself, that this can't be true... another click and I am logged in the previous guy e-mail account. Apparently, the offender here was a firefox plugin called "weave sync". So what you would say, that person should have reset his N900. The problem is: how do you do that? You can reset firefox, it will not reset weave sync. You need to dig into the plug-in menu and explicitly reset that and uninstall it. But it's not only firefox: every installed application (and "application" is a broad word) saves some data, which apparently is never reset. For example, the cache of the flash plugin is full with sites I never visited... For more obvious applications, like firefox, you can uninstall them, but it will not erase the configuration files. I call this a serious security problem. Sure, it is solvable, one just has to format the discs... the problem: it would brick the machine. Or maybe use ls -a and delete each file one by one, just make sure you don't erase anything useful... Can you expect the average user to do that? Of course not, he or she is likely to try to "reset" the N900 before selling it second hand. Or is there an obvious way to completely reset the N900 which I have overlooked? |
Re: A big security flaw (mozilla, maybe more)
Read Wiki.
https://wiki.maemo.org/Updating_the_...MC_in_the_N900 There is TWO images that need to be flashed to N900 if you want COMPLETE factor default settings. |
Re: A big security flaw (mozilla, maybe more)
user flaw not device flaw ;)
|
Re: A big security flaw (mozilla, maybe more)
If I were a normal N900 user, I don't think searching the wiki for the terms of 'emmc flashing' would be the first in my mind.
Perhaps a simpler page titled 'Completely resetting your N900' would be more in line with the common (sense).. |
Re: A big security flaw (mozilla, maybe more)
I'm a normal user :D
|
Re: A big security flaw (mozilla, maybe more)
Quote:
Ok, anyway the common answer should be found in the user's manual. |
Re: A big security flaw (mozilla, maybe more)
I don't think the average user is likely to know about flashing two images. And, besides, I think that this particular user is a student in informatics and web design, so not exactly a complete noob either.
And it's not only the N900. All our gadgets tend to have permanent memories and store lots of confidential information, passwords, etc... Next time you will sell one of your old gadgets, how are you going to be really sure that some application that you tried and uninstalled did not leave a configuration file with passwords somewhere in the file system? For this particular N900, everything appeared to have been erased as long as firefox was not installed. The I installed firefox and... here, e-mail, ebay account, university access, etc... You name it, it was there (I just tried e-mail and erased the data). |
| All times are GMT. The time now is 06:45. |
vBulletin® Version 3.8.8