Hello, I've only had my freerunner for a week or so, so I'm not too into the security aspects yet. One thing I did notice was of course passwordless root login. Now over usb this can be acceptable, but if this is possible over wifi (I haven't actually tested), it needs the firewall / make it listen only to the usb.
In addition to that, a separate encrypted partition for /root (or /home if the account will changed to a non-privileged user) could be nice, but maybe too heavy and battery draining? In addition to that, I'd say all linux security administration best practices should be at least considered, including automatic security updates. After the basic security is in good shape, one could move on to fun things like phone lock/unlock/shutdown with an sms, personal data backups / remote removal... the possibilities! :) Cheers, Kalle Yorick Moko wrote: > This mail was posted on the devel list > (http://lists.openmoko.org/pipermail/openmoko-devel/2008-July/003594.html). > Thought it would interest a lot of people who are not subscribed to > that list: > > > Hi Guys, > > a few months ago we have planned to improve the security of our beloved > Neo, after we have read about desires of the community regarding to the > security issue. > > And here we are. Today I will present you our project MokSec. > > What is MokSec? > =============== > > MokSec is framework which target is to improve the security of the mobile > devices which are based on OpenMoko (and other frameworks which are running on > Neos) > > What is our main focus at the moment? > ===================================== > > The main focus is the encryption over GSM. This is very complicated issue and > for this we searching developer which are willing to work with us on this > interesting project. > > What are the other components? > ============================== > > At the moment we only working on a phone firewall, which will be > blocking/accepting incoming calls. Later one we will add other projects or > developer will be able to add their projects. > > Were you can find more informations? > ==================================== > > http://moksec.networld.to : The main page > http://moko.networld.to : The git repositories > http://networld.to/mailman/listinfo/moksec-public : The mailinglist > > We hope that a lot of people will work with us on the security issue. > > Happy programming > > Alex Oberhauser > > _______________________________________________ > Openmoko community mailing list > community@lists.openmoko.org > http://lists.openmoko.org/mailman/listinfo/community > _______________________________________________ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
