[maemo-developers] Security Guidance for N800 OS development

From: Gavin O' Gorman gavin.ogorman at gmail.com
Date: Wed Feb 21 01:36:38 EET 2007 
On 2/20/07, Paul Klapperich <maemo.org at bobpaul.org> wrote:

> How many mobile phones have you found that provide unfettered access to 3rd
> party applications?

Symbian mobile phones. Windows mobile phones. Palm mobile phones. Any
phone with java. They don't provide 'unfettered access' but they
certainly allow one to install a tcp/ip server on them.

> On 2/20/07, Simon Budig <simon at budig.de> wrote:
> > *If* you install an internet service, then you know about it. Then you
> > can also judge on how to secure it. If you cannot do it then simply
> > don't install this service and you're fine.
>
> That's true. I accept the risk and would like to secure it. How the hell am
> I supposed to do that without a firewall?
>

A firewall will allow you to restrict access to the internet tablet
from specific IPs. That's all.

Any TCP/IP service that doesn't have a decent authentication mechanism
shouldn't be installed on the tablet in the first place. Relying on IP
based whitelists/blacklists is not a reliable technique
authentication.

If you install SSH, use ssh-keys. If you install canola, only allow
local access. You simply should not be installing an application that
does not allow for decent authentication !

> Nokia really doesn't have to do anything to "guarantee" that 3rd party apps
> are safe, but I would certainly trust the integrity an official iptables
> compiled by Nokia. They certainly have something to loose by somehow
> subverting it, so I would trust it. And as it really wouldn't take anything
> more than a checking the option in the kernel config before building, I
> really don't think this is any additional burden to them.
>
> Hell, for all I care they could leave iptables unconfigured. Power users,
> Linux users, and IT Staff should have no problem setting it up. There's no
> reason to include a gui or do anything beyond compiling it into the kernel
> and releasing it as part of an update/new OS image. Absolutely no
> customization should be needed.
>
> Can you give me ANY argument against including iptables beyond the argument
> that you don't feel it's necessary or that you somehow think Nokia would
> have to spend more than 5 minutes on this?[1]  I'm sure this is why Zora
> didn't feel bothered to make an actual argument; there's no argument on the
> other side.

I'm sure it would be reasonably straightforward, just rather pointless.

Gav
More information about the maemo-developers mailing list