[maemo-developers] Security Guidance for N800 OS development

[From: Acadia Secure Networks]

Dave,

if you think of the N800 simply as an entertainment device then security 
is not a significant issue.

However, if and when users start to use this device to store important 
and sensitive info whether related to business or personal use then OS 
and application security, and especially the latter has to be properly 
addressed. It does not matter that the LInux kernel is very secure 
because once applications/add-ons  (or whatever you want to call them ) 
which use a protocol stack to get access to the Internet, then there is 
a risk that misbehavior of such apps can result in a vulnerability, 
especially if the app inadvertently breaks code.

Best Regards,

 

John Holmblad


 



dave at cridland.net wrote:
> On Mon Feb 19 15:59:25 2007, Acadia Secure Networks wrote:
>> Has Nokia published any documentation on the subject of how to secure 
>> the N800 OS from attack from both a software developer perspective as 
>> well as an end user perspective?
>>
>>
> Not that I know of, but I'm not clear what the point would be.
>
>
>> I mention this because, as more Internet aware/dependent applications 
>> are developed for the N800 (it is an Internet tablet after all) the 
>> "attack surface" for the product will increase. I have asked 
>> previously about whether or not the N800 has a stateful firewall but 
>> so far the answer seems to be no.
>>
>>
> ... because it would be pointless. Anyone opening passive sockets on 
> such a device really needs so much more than mere firewalling. In 
> general, I've found firewalling on Linux to be a waste of time if the 
> idea is to protect the machine itself, even if you do have passive 
> sockets open. In principle, the layer of software doing the stateful 
> inspection is essentially the same software doing the processing - 
> packets arriving which are in the wrong state get discarded *anyway*.
>
>
>> And this does not even consider vulnerabilities introduced by latent 
>> software defects (e.g. not safely/properly dealing with malformed 
>> input), which as this community knows only too well, can lead to 
>> openings for attack.
>>
>>
> Well, where's the input coming from? This is typically only a security 
> problem with multiuser systems or open network services. Malicious 
> payloads (like, say, email, web pages) can cause issues, but in 
> general they're much less of a serious issue, and they're certainly no 
> different to any other platform.
>
>
>> It would be interesting to know what, if anything, the Nokia 
>> development team has in its OS software product plan regarding 
>> further OS/TCP/IP stack/Application hardening. As more end users come 
>> to depend upon this device to perform sensitive tasks (e.g. online 
>> banking) then this issue will move to the forefront of concern for 
>> those users.
>
> I'm just really not clear that this is as much of a big deal as you 
> seem to think, and I can't see anything specific to Maemo which needs 
> addressing. If anything, the 770/N800 are a lot more secure than the 
> average Linux box, let alone the average computer.
>
> Dave.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.maemo.org/pipermail/maemo-developers/attachments/20070219/0d77620d/attachment.htm