Heyup

http://www.zdnet.com/blog/security/a...y-attacks/6606

Does this mean the N900 is vulnerable and if so are Nokia going to work to resolve this security issue or leave N900 users at risk of being compromised?

Flash 10.1 appears to resolve the issue.

rgds

Is this one reason flash is bad?
To relegate such an important component to a single controlling entity?

Yes it is but that is another issue, the issue here, if correct, is whether or not Nokia will leave their customers vulnerable to compromise.

I can't imagine this would be good press for a company the size of Nokia.

rgds

http://www.adobe.com/support/securit...apsa10-01.html claims that 9.x is not vulnerability free.

I do not know if this affects the ARM version.
At best, exploits would need to be specifically targetted for ARM processor as found in the n900.

it can affect tooo ... e.g. u can execute cd command on shell on nokia n900 and from i386 version too

code/script executes unless it calls something hardware related interrupts or API , then it would be issue of ARM .. but as it is exploit , i can mess with the files / data .

SpeedEvil is most propably right. Altough details of this vulnerability are disclosed I highly doubt that it is something else than buffer overflow. Therefore an exploit has to be prepared for each architecture/OS separatedly. If anyone would like to hurt n900 users there are many other and much more efficient ways to achieve that. Think of all those unofficial debs all over this forum.

Maemo needs SELinux or apparmor.
(and rpm-package format with embedded GPG-signatures)

This is going to be a fairly good litmus test for Nokia's reaction to a live vulnerability.

Will they release an updated flash package via traditional Debian mechanisms and allow everyone to update via app manager, just as I'm sure all other part commercial Debian distributions might do (a suitably quick reaction)

Will they release remediation advice and tell everyone to turn off the flash plugin (N900 best mobile browser with flash!! - best left turned off)

Will they release a fix in the next major release in 4-6 months when Flash 9 will look as current as MPEG1

Or will they never actually get round to fixing this problem since Maemo development has been wound down in favor of MeeGo..

This is a good opportunity not to shaft existing customers, but I'm not optimistic this will end favorably for anyone..


Either way, if the flash player is vulnerable i386 attacks may not compromise the device but they are likely to cause severe stability problems..

The nature of an exploit is to craft code to carry a hostile payload.. Get the code wrong and the exploit just affects stability..crashes and memory leaks according to the vulnerability in the system.. Running an an x86 attack on an arm processor would classify a poorly written arm attack.. but it would still be very bad..

Is there a way to isolate the loophole from outside of flash and its dependencies? I'm betting that'd be Nokia's preferred way out for N900.

The solution is using the least change and the least testing..

Updating the source code for the flash plugin (code which Nokia has under license from Adobe) means the problem is fixed..

Creating a framework around microb to prevent malicious activity by the plugin would be tremendously complex.. and would introduce a massive change to the system..

The problem is two part.. how many resources are needed to fix the bug (which will come from adobe presumably under a support contract.. but it may be an additional charge) and how many resources are required to test the code change has not affected things like the camera, the chess game, the LED indicator driver.. and other stuff that on a stable system should never be affected but presumably will still need to be tested..