Active Topics
-
The N900 is now 15 years old! (7)
to Nokia N900 by Danct12 - 30 mins ago -
Sailfish OS for the Motorola Moto G7 Power (XT1955-5) - (ocean) (4)
to SailfishOS by Maemish - 19 hrs, 58 mins ago -
F(x)tec Pro1x (QWERTY) for sale (0)
to Buy & Sell by aln00000 - 3 days, 4 hrs ago - more...
| The Following User Says Thank You to jsa For This Useful Post: | ||
 |
|
2009-10-12
, 15:59
|
|
Posts: 2,535 |
Thanked: 6,681 times |
Joined on Mar 2008
@ UK
|
#72
|
Originally Posted by jsa
The question here is how DUN is added on in Maemo 5. If it's just BlueZ configuration then, depending on the restrictions about modifying (rather than adding) the BlueZ files on the signed rootfs, it might be more possible than if a recompiled BlueZ is required.
As I said earlier, I haven't seen the presentation and even if I had I probably couldn't answer my own questions so I hope you could based on what you know at the moment. This is a simple hypotethic example
"If Maemo 6 still doesn't support bluetooth DUN out of the box will I be able to use it as my laptop modem and play a DRM'd game at the same time?"
And also what you mean by "at the same time" :-)
Certainly, there'll have to be more openness between Nokia and the community in getting uinput and other kernel features into the signed kernel.
I'm mostly concerned that if I want to use paid software I'm stuck with out of the box functionality. If someone in the know could rephrase these concerns to relevant technical questions to the security team and the responses back to layman answers I'd be very grateful.
A question about changing configuration files for BlueZ and inserting unsigned kernel modules seems appropriate though.
__________________
Andrew Flegg -- mailto:andrew@bleb.org | http://www.bleb.org
Andrew Flegg -- mailto:andrew@bleb.org | http://www.bleb.org
| The Following User Says Thank You to Jaffa For This Useful Post: | ||
 |
|
2009-10-12
, 16:03
|
|
Posts: 117 |
Thanked: 32 times |
Joined on Oct 2009
@ USA
|
#73
|
qgil:
Magnatune has a similar all-you-can-download (as well as an all-you-can-stream) service without DRM. It sounds similar to Comes With Music; save that you'd then need to tie a device-specific ID (iirc, that's the wifi mac address on the n810 for the purposes of getting the flasher and updates) to a limtied-time subscription.
That's what came immediately to mind.
Magnatune has a similar all-you-can-download (as well as an all-you-can-stream) service without DRM. It sounds similar to Comes With Music; save that you'd then need to tie a device-specific ID (iirc, that's the wifi mac address on the n810 for the purposes of getting the flasher and updates) to a limtied-time subscription.
That's what came immediately to mind.
|
|
2009-10-12
, 17:32
|
|
Posts: 289 |
Thanked: 560 times |
Joined on May 2009
@ Tampere, Finland
|
#74
|
Originally Posted by Jaffa
Gotta multitask myself to oblivion.
The question here is how DUN is added on in Maemo 5. If it's just BlueZ configuration then, depending on the restrictions about modifying (rather than adding) the BlueZ files on the signed rootfs, it might be more possible than if a recompiled BlueZ is required.
And also what you mean by "at the same time" :-)
I mean having the DUN profile work in the trusted mode so that every time I want to tether, I don't have to reboot into the open mode.
Originally Posted by Jaffa
N900 examplesIt depends what you mean by "out-of-the-box functionality". If the functionality touches the low levels of the system, the chances increase that it might not work with a more locked down runtime. However, Quake 3 isn't available out-of-the-box, and that kind of additional application should still be trivial to ship through maemo.org Extras.
-receiving FM radio, possible but no support out of the box
-bluetooth profiles, missing DUN and PAN out of the box
-MMS, no hardware limitations afaik, only software
-USB host with the previous devices
And a USB host mode in a Maemo 6 device would bring even more potential awesomeness that would probably require some low-level meddling to get stuff work.
I mean this kind of added funtionality, not the Quake 3 kind. Nokia will probably fix these before Harmattan, but there will always be new ones.
Thanks for the clarifications, now I understand a bit better. So things like these end up to the signed kernel through Nokia?
| The Following User Says Thank You to jsa For This Useful Post: | ||
 |
|
2009-10-12
, 19:38
|
|
Posts: 1,338 |
Thanked: 1,055 times |
Joined on Oct 2009
@ California, USA / Jordan
|
#75
|
Btw, This is just a thought, can someone actually make a program that is basically a switch.. It will give the user to switch the DRM on and DRM off?? It might be too early to know.. but is something like that possible?? jw.
|
|
2009-10-13
, 11:18
|
|
Posts: 286 |
Thanked: 259 times |
Joined on Jan 2006
@ Cambridge, England
|
#76
|
Presentation slides are available, thanks Nokia,
http://www.slideshare.net/peterschne...tform-security
http://www.slideshare.net/peterschne...tform-security
 |
|
2009-10-15
, 00:19
|
|
Moderator |
Posts: 7,109 |
Thanked: 8,820 times |
Joined on Oct 2007
@ Vancouver, BC, Canada
|
#77
|
lbt's blog (thanks, qgil) raised a good point that has bothered me for a while now. With all of its new telephony features, the N900 can be seriously exploited by hackers, and we're going to have to work as a community to, as qgil said, encourage Extras apps and discourage the use of random, unknown repositories.
Having seen how easy it is to make a silly app for Facebook and get everyone to use it, it sends shivers down my spine to think of how hackers could post an .install file that points to a malicious repository full of nasty trojans and exploits disguised as fun little games.
Having seen how easy it is to make a silly app for Facebook and get everyone to use it, it sends shivers down my spine to think of how hackers could post an .install file that points to a malicious repository full of nasty trojans and exploits disguised as fun little games.
We certainly need more security. Right now when I download an application from Extras-Devel it can do anything to my device; on an N800 that's not so bad - on an N900 that can incur significant cost and could conceivably (and almost trivially) be used to perpetrate fraud. I'd like to be able to say "no, scrabble game, you can't access my contacts data or make phonecalls - what on earth do you need to do that for?" An open security infrastructure would make me feel a whole lot more comfortable.
__________________
qole.org --- twitter --- Easy Debian wiki page
Please don't send me a private message, post to the appropriate thread.
Thank you all for your donations!
qole.org --- twitter --- Easy Debian wiki page
Please don't send me a private message, post to the appropriate thread.
Thank you all for your donations!
 |
|
2009-10-15
, 16:38
|
|
Posts: 3,397 |
Thanked: 1,212 times |
Joined on Jul 2008
@ Netherlands
|
#78
|
Uh, yeah, that is the other part which goes hand in hand with signed binaries, the great capability-based security Symbian has. If you install an application in Symbian you can check the signature (and Symbian does itself too), and you can check the capabilities it requires. Actually, by default on E-Series, you will only be able to run executables signed by Symbian Foundation (this is a bit like an App Store jail) although one can enabled self signed binaries.
Linux (by default) lacks capability-based security although there are various ACL implementations (not same as capability-based security but tries to be) its being mentioned in the slide 6:
This is a feature Symbian has, and Linux not (by default), and getting something akin enabled and working well takes a lot of effort. Especially all those policies. This is also a reason why N900/Maemo 5 is not ready for the masses. Yet... also, capability-based security asks the user for interaction to decide. This shifts control and responsibility to the user.
Trojan repositories are just one vector btw. There are more. Intentional programming errors, for example. Or unpatched vulnerabilities in Flash, Gecko which are patched by upstream but not backported by Nokia ...
Linux (by default) lacks capability-based security although there are various ACL implementations (not same as capability-based security but tries to be) its being mentioned in the slide 6:
Principle of least privileges
Every application should be able to access only limited set of needed resources
Trojan repositories are just one vector btw. There are more. Intentional programming errors, for example. Or unpatched vulnerabilities in Flash, Gecko which are patched by upstream but not backported by Nokia ...
__________________
Goosfraba! All text written by allnameswereout is public domain unless stated otherwise. Thank you for sharing your output!
Goosfraba! All text written by allnameswereout is public domain unless stated otherwise. Thank you for sharing your output!
|
|
2009-10-15
, 16:42
|
|
Posts: 1,746 |
Thanked: 2,100 times |
Joined on Sep 2009
|
#79
|
Originally Posted by allnameswereout
As I understand it, even self-signed binaries had limited access to the system and full access was only ever provided to Symbian signed packages.
Actually, by default on E-Series, you will only be able to run executables signed by Symbian Foundation (this is a bit like an App Store jail) although one can enabled self signed binaries.
Were this to be implemented in Maemo, assurances would have to be made that self-signed (or even unsigned but manually installed) packages would have full rights to the system.
|
|
2009-10-15
, 16:50
|
|
Posts: 3,397 |
Thanked: 1,212 times |
Joined on Jul 2008
@ Netherlands
|
#80
|
For starters the packages can be signed with GPG. After that, the binaries. Nokia won't allow tampering with the DRM subsystem. Only authenticated resources can access the encrypted storage used for DRM. At least, that is what I understood from the slides.
I'm not sure about the Symbian subsystem being broken by 3rd parties. There are some guides floating around the net for that, but I haven't touched them. If they work these guides can be used by criminals, pirates, hackers (good type) alike...
I'm not sure about the Symbian subsystem being broken by 3rd parties. There are some guides floating around the net for that, but I haven't touched them. If they work these guides can be used by criminals, pirates, hackers (good type) alike...
__________________
Goosfraba! All text written by allnameswereout is public domain unless stated otherwise. Thank you for sharing your output!
Goosfraba! All text written by allnameswereout is public domain unless stated otherwise. Thank you for sharing your output!
"If Maemo 6 still doesn't support bluetooth DUN out of the box will I be able to use it as my laptop modem and play a DRM'd game at the same time?"
I'm mostly concerned that if I want to use paid software I'm stuck with out of the box functionality. If someone in the know could rephrase these concerns to relevant technical questions to the security team and the responses back to layman answers I'd be very grateful.
Last edited by jsa; 2009-10-12 at 15:43. Reason: typo