Active Topics

 


Page 3 of 4 12 3 4
Reply
Thread Tools
CrashandDie is offline CrashandDie
2009-10-23 , 09:23
Posts: 336 | Thanked: 610 times | Joined on Apr 2008 @ France
#21
Originally Posted by pinsh View Post
Does maemo 5 support encrypted partitions using LUKS? I would like to have an AES encrypted partition for my home directory. This way if I loose the device (assuming the session is locked) the finder wont have access to my personal data on the device*. Has someone tried this? I'm wondering how the performance is.


*I assume the finder will reboot the device when trying to use/unlock it. I know that the encryption keys are in RAM when the partitions are mounted.. but I'm not paranoid enough to assume that the finder is sophisticated enough to somehow access them (i.e. gaining root access without rebooting or reading out the RAM via some kind of hardware adapter).
That's a lot of assumptions if you really care about security.

Other than that, no, the N900 doesn't support encrypted partitions (from what I can tell, correct me if I'm wrong, I haven't seen anything in the kernel that would do something like this). Also, at the moment there is no "session locking". This is not a full blown Gnome desktop.

Also, I have not tested this personally (and maybe the DSP could be used as a crypto processor?), but the performance would be absolutely horrible. Even on desktop computers, having software-encrypted partitions means you get a performance loss of around 30%. I always recommend my customers to go with hardware encryption where possible, as the extra load on the CPU and extra sluggishness of data access quickly becomes a drag for users.

I can only imagine that the CPU load on the N900 would make this solution highly unlikeable very, very quickly.

Edit: Full disclosure: I'm a security consultant and deal with these kind of implementations on a daily basis, well, not mobile.
 

The Following User Says Thank You to CrashandDie For This Useful Post:
matthewcc is offline matthewcc
2009-10-23 , 09:29
Posts: 267 | Thanked: 128 times | Joined on Sep 2009 @ Somerville MA - USA
#22
I agree on the locking app, I would also like to see some sort or tracking at the imei level so that it can be found independent of the network/sim
 
bocaJ is offline bocaJ
2009-10-23 , 09:56
Posts: 224 | Thanked: 107 times | Joined on Aug 2009
#23
Originally Posted by CrashandDie View Post
...maybe the DSP could be used as a crypto processor?...
I was thinking exactly that. It seems like the DSP is one of the few things that sets this phone apart from some of the HTCs and the 3GS, so we should really consider how to use that strength in software development.

Additionally, along with being able to lock the phone and start having it send it's GPS location every minute or so, there should be another command that makes it start "screaming" - whatever trick can be used to get the most dB out of the speakers and headphone jack, flash the screen, hell, even get the camera flash to start strobing. This would make it a lot easier to pick your phone out of a crowd, and make you a lot less suspicious in the eyes of people who might be around.
 

The Following User Says Thank You to bocaJ For This Useful Post:
lma is offline lma
2009-10-23 , 10:31
Posts: 2,802 | Thanked: 4,491 times | Joined on Nov 2007
#24
The OMAP3 chip has dedicated hardware crypto built-in, but I think at the moment only the random number generator is used in Fremantle.
 

The Following User Says Thank You to lma For This Useful Post:
Powerputer is offline Powerputer
2009-10-23 , 23:22
Posts: 5 | Thanked: 0 times | Joined on Oct 2009
#25
ok, i may be mega lame for being totally confused about whatever the hell u guys are talkin about up there but i jus want it simple...despite my name, im not a computer or programming beast...to me, powerputer just sounds cool (again, i say "to me"). im sure plenty of us in here arnt either, i just want to keep it simple as an average user. i just want remote lock and some other simple but strong security features.
 
Laughing Man is offline Laughing Man
2009-10-24 , 02:42
Posts: 4,556 | Thanked: 1,624 times | Joined on Dec 2007
#26
Originally Posted by bocaJ View Post
I was thinking exactly that. It seems like the DSP is one of the few things that sets this phone apart from some of the HTCs and the 3GS, so we should really consider how to use that strength in software development.

Additionally, along with being able to lock the phone and start having it send it's GPS location every minute or so, there should be another command that makes it start "screaming" - whatever trick can be used to get the most dB out of the speakers and headphone jack, flash the screen, hell, even get the camera flash to start strobing. This would make it a lot easier to pick your phone out of a crowd, and make you a lot less suspicious in the eyes of people who might be around.
That's a quick way to get the device seperated from its battery. =P

But ooh your camera flash thing gave me an idea. Since the n900 has a front video camera, any security app should have a way to remotely turn that on. Viola, picture to track down whoever stole your phone.
__________________
Originally Posted by ysss View Post
They're maemo and MeeGo...

"Meamo!" sounds like what Zorro would say to catherine zeta jones... after she slaps him for looking at her dirtily...
 

The Following User Says Thank You to Laughing Man For This Useful Post:
Nitchers's Avatar
Nitchers is offline Nitchers
2009-10-24 , 04:36
Posts: 262 | Thanked: 115 times | Joined on Sep 2009 @ Scotland
#27
Originally Posted by RevdKathy View Post
I'm not worried about security. Once I'm gone, you can steal my n900. But the only way you'e gonna get it is by prizing it out of my cold, dead paw. You think I'll let it out of my sight?

(Knifepoint challenge: n900 or dishonour?)
Far too much Charlton Heston speeches m'lady lol
__________________
Average Joe kinda guy.. but a person too.
 
Nathan is offline Nathan
2009-11-30 , 16:54
Posts: 452 | Thanked: 522 times | Joined on Nov 2007
#28
Just an aside for those who actually want to program using the secure portion of the chip --
http://www.arm.com/products/security/trustzone/api.html
has the Trust Zone Api.

Nathan
 
maemo.it is offline maemo.it
2010-01-21 , 01:31
Posts: 235 | Thanked: 89 times | Joined on Oct 2009 @ italy
#29
Originally Posted by Laughing Man View Post
... And any bash script that would output the GPS location every X minutes or whatever. It's the desktop/laptop end that you would have to figure out. There's nothing like MobileMe where it will show you and give you a nice GUI to use.
...
Originally Posted by texaslabrat View Post
You could add to that a openvpn client process which attempts to bring up a tunnel to your "mother ship" anytime it's on the internet so you always have a conduit back into it for the aforementioned openssh access.
Great ideas!!
I hope this app will be ready as soon as possible!
 
pavan.patale is offline pavan.patale
2010-01-25 , 11:46
Posts: 11 | Thanked: 6 times | Joined on Jan 2010
#30
You might be interested in this :
http://repository.maemo.org/extras-t....1-2_armel.deb

I have packaged few ideas to get remote locking working for N900.
 
Reply
Page 3 of 4 12 3 4

« Previous Thread | Next Thread »

 
Forum Jump


All times are GMT. The time now is 20:13.

Contact Us - Home - Archive - Top