Thread: JollaMobile : Jolla continues Nokia's excellent work on #MeeGo based smartphones
View Single Post
qwazix's Avatar
qwazix is offline qwazix
2012-07-10 , 11:37
Moderator | Posts: 2,622 | Thanked: 5,447 times | Joined on Jan 2010
#375
Originally Posted by lma View Post
Oh, the hatred was already there. See any number of equally broken and hated attempts like Symbian Signed, Trusted^W^W^W^W^Weacherous Computing, Tivo etc locked devices, and more recently UEFI boot.
No I meant in the maemo community (of course there were other failed security systems before


Originally Posted by lma View Post
That's not what it's for. It's designed to protect the "content" (and by extension the device and content vendors' business models) from you, the owner of the device, and in order to do that it puts your computer under the control of everyone in the foodchain except you.
That is what I am saying, It was made for the wrong reasons, but we can use it for good ones


Originally Posted by lma View Post
And if you believe Aegis can protect you from that I've got a nice bridge to sell you too ;-) Trivial proof: inception.
Aegis can't because it's poorly executed, and was made for the wrong reasons, but anyway, all fences have holes. But I would like if I it at least tried to protect my contacts and data from irrelevant applications. Or my cpu from malware. It's one thing to try and find exploits, and another to fry peoples phones for fun. In fact I would almost blindly trust any developer who did find an exploit to $SECURITY_SYSTEM, because he has nothing to prove. On the other hand a 14yo can brag that he fried peoples phones because he understands debian postinstall scripts.



Originally Posted by lma View Post
That, and an active community with decent skills, peer review and responsiveness is the only thing that can work IMHO. Cherry was a good example around these parts.
Indeed, but cherry was installed on all N900's. Somebody was bound to spot it. $RANDOM_APP_IN_EXTRAS may publish your personal data for months before somebody spots it.

Originally Posted by lma View Post
That doesn't work. You either end up with too coarse granularity (Android) or too fine (SELinux).
Tree-like structure?

Simple use-case, unrelated to security. I want to open my twitter app to check out an old tweet without it connecting to the net right now. I want to be able to revoke that right (symbian was good at that, but only for inet connection, not other perms)

Anyway, I would be happy even with too coarse granularity. At least I could sandbox-test an app.
__________________
Proud coding competition 2012 winner: ρcam
My other apps: speedcrunch N9 N900 Jolla –– contactlaunch –– timenow

Nemo UX blog: Grog
My website: qwazix.com
My job: oob