[maemo-developers] What's the best attack? (Re: How to use extras-testing correctly?)`

From: David Greaves david at dgreaves.com
Date: Fri Sep 25 18:40:52 EEST 2009
tero.kojo at nokia.com wrote:
> ----- Original message -----
>>
>> I realise this is a slightly different question (hence the new subject)
>>
>> OK, say I have an evil twin who wants to attack ('own') a lot of Nokia
> N900
>> devices. How do I do this?
> 
> I hope that was retorical. Tell your evil twin to do something usefull.

Err, no it wasn't retorical; it was hypothetical though in case you were worried.

It's more about being responsible :)
Actually it is very late in the day to be asking... but hey, it sounds like a
topic worth raising.

>> Does extras-testing factor into this?
> 
> At least so that I would prefer maemo.org extras to be clean from
> malware. It is much easier to promote it in Nokia internally when extras
> contains good software.

I agree 100% ... all it takes is one example of malware introduced into an OSS
product and we (and Nokia) could lose a lot of credibility.

I wonder how much that could be worth to some people? Maybe worth a deliberate
attack? Maybe someone is playing a longer game?

I just hope we are not planning on taking the "cross your fingers and toes
*REALLY HARD* and hope everyone is nice to us" approach to security ;)

Discuss...

David

-- 
"Don't worry, you'll be fine; I saw it work in a cartoon once..."
More information about the maemo-developers mailing list