[maemo-developers] Maemo security longterm roadmap?

[From: Jesse Guardiani]

Is it really an issue? Microsoft Windows has a "trust" system, but last I
checked not even their own security patches get signed. No one uses it.

On 11/6/07, François Cauwe <francois at cauwe.org> wrote:
>
> Hi all,
>
> I was reading the discussion about the "Repository mess" and installing
> new software. I have a security concern about the current approach of
> the "1 click install".
>
> If I'm a end user, I just want to install a certain software. In the
> current approach, this step is made really easy, which is _good_. It
> automatically adds the needed repositories, and install the software.
>
> BUT the current software installer assumes that the software can be
> trusted, that it won't delete my document or send my personal data to a
> central server. (Actually it warns me first, but I'm used to warnings,
> so I always click ok.)
>
> The community repositories could partly solve this problem, because the
> software is checked by developers, and therefore we can hope it save to
> install it. But for 'external' software and closed source software, we
> can never be sure.
>
> What is Maemo's long time approach to solve this problem? How do you
> assume that software is save? Of how do you treat 'untrusted' software?
>
> The OLPC project has similar problems, but they have a interesting
> approach to it: http://wiki.laptop.org/go/OLPC_Bitfrost
>
> François Cauwe
>
>
>
> _______________________________________________
> maemo-developers mailing list
> maemo-developers at maemo.org
> https://lists.maemo.org/mailman/listinfo/maemo-developers
>



-- 
Jesse Guardiani
Software Developer / Sys Admin
jesse at guardiani.us
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.maemo.org/pipermail/maemo-developers/attachments/20071106/0dd6cd80/attachment.htm