Hallo there,

The German Ministry for Internet Security warns people to use smartphones. I read in a newspaper that the minstry has rejected almost all smartphones for internal use because of security reasons.

And the Ministry has published a security hole on iPhones . Which pleases me since some colleges of mine want to get me away from my beloved N900 to iPhone. I think I stay with my brick

Okay, so far so good. I mean insecurity will be always a topic on computerlike machines. I can post links but sadly they are all in german. So no use for most of you people I guess.

What I would like to ask is there a security monitoring for mameo?
I mean something like glsa the gentoo people publish. (my favourite Linux distro)

I looked into Bugzilla, but didnt find a simple to catch security topic. Maybe I am just blind.

Thanks the Intell

Regards
Legine

you dont need for linux any antivirus sofware because its the mother****ing safest os of the world!!!!

I will have to dissapoint you because you are very wrong my friend. The apps installed from repositories can have root access to everything on N900 without you even knowing it (you will not be asked to give the app any permission - it can transfer all your personal data at ease). This means that N900 has no security at all. And belive me it is very easy to upload something to extras-devel. I think many users have extras-devel enabled (are there any statistics?) because its the single place where most N900 software is available.

Also Maemo 5 will propably not get much updates. I hardly belive security issues would be addressed in update at all. That would need a huge redesign of whole OS.

Android and iPhone have some level of security built into them and once a security hole is discovered there are chances users will be provided with a fix. Thats totally opposite for N900.

There are no monitoring tools for Unix machines mainly because (and please don't feed the trolls) Linux and the like have centralized distribution of software. There is no point in having client-side protection when you can have server-side.

That is, if a program from Maemo repositories is found to be malicious, it's much easier to keep it back or remove it than to have walls on the phone.

On Windows, for example, each program is its own repository, so server-side is unavailable. Also, because many software systems implement their own fancy installer it's impossible to know what's inside. Kits can (and do) encrypted archives inside and are unscannable.

Also, Linux is less of a target because, by default, users aren't root. Root is reserved and you only get to be root if needed be. Older Windows (especially home OS editions) have a default-admin account system, meaning that the OS is directly accessible.

On later OS editions, as well as non-consumer editions, accounts are non-admins and a su system is used (RunAs). Also, on later editions, some features were removed due to user IQ, like autorun. Newer OS versions also feature self-healing.

Finally, the vast majority of Windows-based malware exploit the user, not the OS. Windows has a finer (arguable better) file system security implementation (beyond RWX), combined with file system file-level strong encryption and is more than capable of resisting infections. This, however, requires that a user stays non-administrator, just as a Linux system requires you to stay non-root.

This argument, however, doesn't keep people from screaming bloody murder. I'd like to see a Linux (or any other) system be "secure" if a user upgrades to root and manually downloads and executes arbitrary code received by mail.

No condom is effective if you take a pin and puncture it "for ventilation" as that chain email said.

Oh, and, to cap off the problem this far, people think anti-virus systems are really effective, which they aren't. First, only a select few products are actively researched and maintained (none free or cheap). Second, AV products recognize KNOWN threats. Meaning that, by definition, they will NOT detect the latest. As a result of this belief, they do risk compensation by clicking on stuff they would not otherwise click.

And heuristics are useless if the user keeps hammering "allow".

So, to close this long-winded response, no, there aren't any anti-virus products because Linux doesn't work like that. While it's not immune, as some flamboyant posters believe, it's more resistant out of the box and any infection (if the need arises) can be fixed via repositories.

Sound advice works on any decent platform: Don't be root/admin when running unknown software, have a backup handy and you're golden.