<br><br><div><span class="gmail_quote">On 2/20/07, <b class="gmail_sendername">Gavin O' Gorman</b> <<a href="mailto:gavin.ogorman@gmail.com">gavin.ogorman@gmail.com</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Out of curiosity, how many mobile phones have you encountered that run<br>firewalls ?<br><br></blockquote></div>How many mobile phones have you found that provide unfettered access to 3rd party applications?<br><br>Network providers are extremely fearful about what applications can run on phones--and thus access their network. Can you honestly tell me that there aren't mobile phones that run firewalls, or are you just speculating? Just because there's no user accessible gui doesn't mean there's no firewall integrated.
<br><br><span class="gmail_quote">On 2/20/07, <b class="gmail_sendername">Simon Budig</b> <<a href="mailto:simon@budig.de">simon@budig.de</a>> wrote:</span><br><blockquote style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;" class="gmail_quote">
*If* you install an internet service, then you know about it. Then you<br>can also judge on how to secure it. If you cannot do it then simply<br>don't install this service and you're fine.</blockquote><div><br>That's true. I accept the risk and would like to secure it. How the hell am I supposed to do that without a firewall?
<br><br>Nokia really doesn't have to do anything to "guarantee" that 3rd party apps are safe, but I would certainly trust the integrity an official iptables compiled by Nokia. They certainly have something to loose by somehow subverting it, so I would trust it. And as it really wouldn't take anything more than a checking the option in the kernel config before building, I really don't think this is any additional burden to them.
<br><br>Hell, for all I care they could leave iptables unconfigured. Power users, Linux users, and IT Staff should have no problem setting it up. There's no reason to include a gui or do anything beyond compiling it into the kernel and releasing it as part of an update/new OS image. Absolutely no customization should be needed.
<br><br>Can you give me ANY argument against including iptables beyond the argument that you don't feel it's necessary or that you somehow think Nokia would have to spend more than 5 minutes on this?[1] I'm sure this is why Zora didn't feel bothered to make an actual argument; there's no argument on the other side.
<br><br>[1] Ok, I'm in the software industry, so I realize it WOULD take more than 5 minutes. Test procedures would need to be updated and more time/money would need to be spent testing the update. This would be pretty marginal if it's released as part of a planned major update, however, and we know there's one in the works already.
<br></div><br>--Paul<br>