Active Topics

 


Reply
Thread Tools
Posts: 131 | Thanked: 62 times | Joined on Feb 2010
#1
Heyup

http://www.zdnet.com/blog/security/a...y-attacks/6606

Does this mean the N900 is vulnerable and if so are Nokia going to work to resolve this security issue or leave N900 users at risk of being compromised?

Flash 10.1 appears to resolve the issue.

rgds
 
ysss's Avatar
Posts: 4,384 | Thanked: 5,524 times | Joined on Jul 2007 @ ˙ǝɹǝɥʍou
#2
Is this one reason flash is bad?
To relegate such an important component to a single controlling entity?
__________________
Class .. : Power User
Humor .. : [#####-----] | Alignment: Pragmatist
Patience : [###-------] | Weapon(s): Galaxy Note + BB Bold Touch 9900
Agro ... : [###-------] | Relic(s) : iPhone 4S, Atrix, Milestone, N900, N800, N95, HTC G1, Treos, Zauri, BB 9000, BB 9700, etc

Follow the MeeGo Coding Competition!
 

The Following User Says Thank You to ysss For This Useful Post:
Posts: 131 | Thanked: 62 times | Joined on Feb 2010
#3
Yes it is but that is another issue, the issue here, if correct, is whether or not Nokia will leave their customers vulnerable to compromise.

I can't imagine this would be good press for a company the size of Nokia.

rgds
 
SpeedEvil's Avatar
Posts: 70 | Thanked: 410 times | Joined on Sep 2009 @ Fife, Scotland.
#4
http://www.adobe.com/support/securit...apsa10-01.html claims that 9.x is not vulnerability free.

I do not know if this affects the ARM version.
At best, exploits would need to be specifically targetted for ARM processor as found in the n900.
 
Posts: 42 | Thanked: 7 times | Joined on Feb 2010
#5
Originally Posted by SpeedEvil View Post
http://secunia.com/advisories/40026 claims that 9.x is not vulnerability free.

I do not know if this affects the ARM version.
At best, exploits would need to be specifically targetted for ARM users.
it can affect tooo ... e.g. u can execute cd command on shell on nokia n900 and from i386 version too

code/script executes unless it calls something hardware related interrupts or API , then it would be issue of ARM .. but as it is exploit , i can mess with the files / data .
 
Posts: 317 | Thanked: 787 times | Joined on Oct 2009 @ Krakow, Poland
#6
SpeedEvil is most propably right. Altough details of this vulnerability are disclosed I highly doubt that it is something else than buffer overflow. Therefore an exploit has to be prepared for each architecture/OS separatedly. If anyone would like to hurt n900 users there are many other and much more efficient ways to achieve that. Think of all those unofficial debs all over this forum.
 
Posts: 1,341 | Thanked: 708 times | Joined on Feb 2010
#7
Maemo needs SELinux or apparmor.
(and rpm-package format with embedded GPG-signatures)
 
Posts: 303 | Thanked: 175 times | Joined on Oct 2009 @ London UK
#8
This is going to be a fairly good litmus test for Nokia's reaction to a live vulnerability.

Will they release an updated flash package via traditional Debian mechanisms and allow everyone to update via app manager, just as I'm sure all other part commercial Debian distributions might do (a suitably quick reaction)

Will they release remediation advice and tell everyone to turn off the flash plugin (N900 best mobile browser with flash!! - best left turned off)

Will they release a fix in the next major release in 4-6 months when Flash 9 will look as current as MPEG1

Or will they never actually get round to fixing this problem since Maemo development has been wound down in favor of MeeGo..

This is a good opportunity not to shaft existing customers, but I'm not optimistic this will end favorably for anyone..


Either way, if the flash player is vulnerable i386 attacks may not compromise the device but they are likely to cause severe stability problems..

The nature of an exploit is to craft code to carry a hostile payload.. Get the code wrong and the exploit just affects stability..crashes and memory leaks according to the vulnerability in the system.. Running an an x86 attack on an arm processor would classify a poorly written arm attack.. but it would still be very bad..
 

The Following 3 Users Say Thank You to cpitchford For This Useful Post:
ysss's Avatar
Posts: 4,384 | Thanked: 5,524 times | Joined on Jul 2007 @ ˙ǝɹǝɥʍou
#9
Is there a way to isolate the loophole from outside of flash and its dependencies? I'm betting that'd be Nokia's preferred way out for N900.
__________________
Class .. : Power User
Humor .. : [#####-----] | Alignment: Pragmatist
Patience : [###-------] | Weapon(s): Galaxy Note + BB Bold Touch 9900
Agro ... : [###-------] | Relic(s) : iPhone 4S, Atrix, Milestone, N900, N800, N95, HTC G1, Treos, Zauri, BB 9000, BB 9700, etc

Follow the MeeGo Coding Competition!
 
Posts: 303 | Thanked: 175 times | Joined on Oct 2009 @ London UK
#10
The solution is using the least change and the least testing..

Updating the source code for the flash plugin (code which Nokia has under license from Adobe) means the problem is fixed..

Creating a framework around microb to prevent malicious activity by the plugin would be tremendously complex.. and would introduce a massive change to the system..

The problem is two part.. how many resources are needed to fix the bug (which will come from adobe presumably under a support contract.. but it may be an additional charge) and how many resources are required to test the code change has not affected things like the camera, the chess game, the LED indicator driver.. and other stuff that on a stable system should never be affected but presumably will still need to be tested..
 
Reply


 
Forum Jump


All times are GMT. The time now is 06:17.