[maemo-developers] Security Guidance for N800 OS development

From: Daniel Stone daniel.stone at nokia.com
Date: Wed Feb 21 01:26:43 EET 2007
On Tue, Feb 20, 2007 at 04:22:37PM -0500, ext Acadia Secure Networks wrote:
> Since Nokia is actively encouraging the development of 3rd party 
> applications including ones which are TCP/IP Stack/Internet enabled, 
> Nokia (or any other similar device manufacturer for that matter that 
> creates an extensible platform like this)  has a responsibility to do as 
> much as it can, within the constraints of the device capabilities 
> itself, to make the device safe from attack even at the  application 
> level. In today's world,doing so for a product developer like Nokia  is 
> simply good corporate citizenship. By analogy, there was a time when 
> cars did not have air bags or for that matter safety belts and the 
> manufacturers considered driver safety to be an "application layer" problem.

I've always wondered why you want to have firewalls for things like
this.  If you want to deny all access to listening sockets -- don't
listen.  It's that simple.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.maemo.org/pipermail/maemo-developers/attachments/20070221/44cae364/attachment.pgp 
More information about the maemo-developers mailing list