Active Topics
-
Sailfish OS for the Motorola Moto G7 Power (XT1955-5) - (ocean) (3)
to SailfishOS by edp17 - 12 mins ago -
The N900 is now 15 years old! (6)
to Nokia N900 by Macros - 1 day, 4 hrs ago -
F(x)tec Pro1x (QWERTY) for sale (0)
to Buy & Sell by aln00000 - 1 day, 16 hrs ago -
n770 youtube video (0)
to General by nmdv - 5 days, 16 hrs ago - more...
|
2020-04-27
, 18:05
|
|
Community Council |
Posts: 4,920 |
Thanked: 12,867 times |
Joined on May 2012
@ Southerrn Finland
|
#2
|
Originally Posted by LisaFass
Both scenarios apply to some extent.
Hoi,
just some thought provoking questions
since Meego is discontinued i was wondering how safe it is regarding privacy compared to android or microsoft phone os, which arguably have back doors in the system. Also regarding hardware, for example i read the privacy statements of HMD and Huawei, where they quite explicitely say they will log your every action on the phone etc.
Since google apps are not integrated into meego and basically all apps running now are by developpers (openrepos etc), is it likely the provacy is better on meego? only unfortunate thing is battery os non removable. it has been proven that android phones still send out gps data to google servers even if in flight mode - that is something that cant happen with N9 right,? assuming i use non google apps
or is meego much more "attackable" now since it may lack current security updates?
let me know what you think
As long as you do not install google stuff you are safe from their eyes; however using openrepos means you need to trust the community developers. I would say it is fairly safe to do that, but the most paranoid people only install stuff they have compiled themselves.
The fact that the kernel and libraries are hopelessly obsolete does mean that there are gaping holes to be exploited. However the N9 devices are fairly rare so I guess that gives some safety; there is probably nobody actively trying to break into your device.
__________________
Dave999: Meateo balloons. What’s so special with em? Is it a ballon?
Dave999: Meateo balloons. What’s so special with em? Is it a ballon?
| The Following 7 Users Say Thank You to juiceme For This Useful Post: | ||
|
|
2020-04-28
, 10:12
|
|
Posts: 258 |
Thanked: 1,012 times |
Joined on May 2010
@ Near Munich
|
#3
|
The software on the N9 is very good privacy wise, and with Nokia having shut down all services connected to it, you can be even more sure no data about your usage will be sent somewhere.
But we have to face, that there is the big flaw as mentioned by juiceme. The Operating system is old, very old by software standards.
As an example: If you have Bluetooth enabled a skilled hacker can get your data that way. But there exists no known exploit in the wild, so I agree with juiceme that somebody attacking your phone that way is no big risk.
Another aspect is missing protection against somebody reading your data if they acquire the device. Modern phones protect against this by encrypting the data. On the N9 anybody can load a rescueOS image and steal your data.
So you have privacy in your daily life, but don't trust your N9 as save data storage when you travel.
But we have to face, that there is the big flaw as mentioned by juiceme. The Operating system is old, very old by software standards.
As an example: If you have Bluetooth enabled a skilled hacker can get your data that way. But there exists no known exploit in the wild, so I agree with juiceme that somebody attacking your phone that way is no big risk.
Another aspect is missing protection against somebody reading your data if they acquire the device. Modern phones protect against this by encrypting the data. On the N9 anybody can load a rescueOS image and steal your data.
So you have privacy in your daily life, but don't trust your N9 as save data storage when you travel.
|
|
2020-04-28
, 12:50
|
|
Posts: 6 |
Thanked: 7 times |
Joined on Apr 2020
@ Nuuk
|
#4
|
Thanks guys, it is just as i thought
Edit: I was indeed mainly concerned about backdoors in Hardware and software from factory. I was a bit worried after i found out Intel was part of the Meego development team
Edit: I was indeed mainly concerned about backdoors in Hardware and software from factory. I was a bit worried after i found out Intel was part of the Meego development team
| The Following User Says Thank You to LisaFass For This Useful Post: | ||
|
|
2020-04-28
, 15:38
|
|
Community Council |
Posts: 4,920 |
Thanked: 12,867 times |
Joined on May 2012
@ Southerrn Finland
|
#5
|
Originally Posted by Macros
Actually there's a fix for that; altough I never released it due to some performance problems (which could be mitigated by installing more recent version of fuse but I never got around to packaging it...)
Another aspect is missing protection against somebody reading your data if they acquire the device. Modern phones protect against this by encrypting the data. On the N9 anybody can load a rescueOS image and steal your data.
So what I did is I hacked the boot using ubiboot and evtap to create a vkb running on preboot, and used that to input passphrase to ecryptfs. Not as neat as can nowdays be done with luks but fairly good security for /home and /MyDocs
__________________
Dave999: Meateo balloons. What’s so special with em? Is it a ballon?
Dave999: Meateo balloons. What’s so special with em? Is it a ballon?
| The Following User Says Thank You to juiceme For This Useful Post: | ||
|
|
2020-04-28
, 15:42
|
|
Community Council |
Posts: 4,920 |
Thanked: 12,867 times |
Joined on May 2012
@ Southerrn Finland
|
#6
|
Originally Posted by LisaFass
Everything is of course possible but there are no known backdoors in the device. (And BTW the chipset is not Intel but an arm variant from TI...)
Thanks guys, it is just as i thought
Edit: I was indeed mainly concerned about backdoors in Hardware and software from factory. I was a bit worried after i found out Intel was part of the Meego development team
__________________
Dave999: Meateo balloons. What’s so special with em? Is it a ballon?
Dave999: Meateo balloons. What’s so special with em? Is it a ballon?
| The Following User Says Thank You to juiceme For This Useful Post: | ||
just some thought provoking questions
since Meego is discontinued i was wondering how safe it is regarding privacy compared to android or microsoft phone os, which arguably have back doors in the system. Also regarding hardware, for example i read the privacy statements of HMD and Huawei, where they quite explicitely say they will log your every action on the phone etc.
Since google apps are not integrated into meego and basically all apps running now are by developpers (openrepos etc), is it likely the provacy is better on meego? only unfortunate thing is battery os non removable. it has been proven that android phones still send out gps data to google servers even if in flight mode - that is something that cant happen with N9 right,? assuming i use non google apps
or is meego much more "attackable" now since it may lack current security updates?
let me know what you think