Ok, aegis can be a PITA. For example right now I wonder why my app is not getting location access even though the manifest seems to be ok.

On the other hand however, I like the idea of controlling the privileges each app has and it seems that aegis has fine grained control. I would love it even more if I could deny some of the credentials at install time, or even more through a settings page. (Long tap an app, see all the requested permissions and turn off the ones you don't like - for example all apps on android ask pretty much for everything, why the heck would a flashlight app need access to contacts??)

Aegis also enables you to create secure dbus calls so that you can make sure no other app exploits your access to vital functions (e.g. calls)

That's a whole different story than disallowing the user (or root) to do things, I don't like THAT obviously.

Anyway is it opensource? Any chance we will see a similar permission system on our desktops soon?

I don't see the point of AEGIS on our devices, since we didn't needed that on the N900 too....

Keep in mind this was originally going to be a massed produced device for the everyday user...

There are comprehensive desktop/server security frameworks. For example RBAC (used in illumos).

I think it's opensource, at least it's MeeGo counterpart is.

Anyway, agree with your sentiments. Too bad on harmattan the system is implemented to cripple user, not to empower him to control apps.

Or SELlinux. Or AppArmor. Both should be a 'make config' away on Harmattan (though of course some other components would also need to be built with specific support for them).

we didn't need it on the N900 because most of the apps were built by the community and were open. Also the small uaer base makes it pointless dor someone to develop malware for tje N900. On the other hand, if the N900 was in the hands of tens of millions of ignorant hands, it would be trivial for someone to make a nicely named app that sends paid sms in the background.

I like just about every security system, as long as I, the owner am in full control. Things like Aegis, TPM, secure boot and whathaveyou are fine, as long as I can override them and/or provide the keys. This implies the option to disable it altogether, but that should never be the only option.

Problem is: these security options are far too complex for "mere user" to comprehend. Ergo, they will buy the devices regardless the amount of control, simply because they have no clue in what ways these features are limiting them or their devices. And thus manufactures can do just about everything they want. It's sad actually.

Was it not Nokia that used our devices to secretly send SMS?

- as mentionned, the meego implementation is open source (some doc here)
- it is definitely a good idea
- the very stu**d part is that you can't add your own certificate authority (like yourself, or some community repo)!! If you could, man that would be great.