[maemo-developers] Security Guidance for N800 OS development
From: Zoran Kolic zkolic at sbb.co.yuDate: Tue Feb 20 16:51:53 EET 2007
- Previous message: N800 WLAN driver sources
- Next message: Security Guidance for N800 OS development
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> > I mention this because, as more Internet aware/dependent
> > applications are developed for the N800 (it is an Internet tablet
> > after all) the "attack surface" for the product will increase. I
> > have asked previously about whether or not the N800 has a stateful
> > firewall but so far the answer seems to be no.
> >
> ... because it would be pointless. Anyone opening passive sockets on
> such a device really needs so much more than mere firewalling. In
> general, I've found firewalling on Linux to be a waste of time if the
> idea is to protect the machine itself, even if you do have passive
> sockets open. In principle, the layer of software doing the stateful
> inspection is essentially the same software doing the processing -
> packets arriving which are in the wrong state get discarded *anyway*.
Just cannot say how much I disagree!
> Well, where's the input coming from? This is typically only a
> security problem with multiuser systems or open network services.
> Malicious payloads (like, say, email, web pages) can cause issues,
> but in general they're much less of a serious issue, and they're
> certainly no different to any other platform.
Disagreement again.
> I'm just really not clear that this is as much of a big deal as you
> seem to think, and I can't see anything specific to Maemo which needs
> addressing. If anything, the 770/N800 are a lot more secure than the
> average Linux box, let alone the average computer.
Kh-kh! Candid camera?
Zoran
- Previous message: N800 WLAN driver sources
- Next message: Security Guidance for N800 OS development
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]