The revelations about Nokia-Microsoft-NSA (see for example www.computerworld.com.au/article/539173/nokia_hot_water_over_finland_privacy _flap/) does make you wonder how often security/privacy is just a marketing pitch. Even if Tizen is hardened by design, which should protect against threats from ordinary hackers, I would be interested to know if there is any policy or other measures (existing/planned) to prevent that security/privacy is compromised by the companies involved or government agencies?
Sven -----Ursprungligt meddelande----- Från: [email protected] [mailto:[email protected]] För Sven Ruin Skickat: den 9 januari 2014 07:25 Till: 'Carsten Haitzler (The Rasterman)'; 'Jason Ross'; 'Schaufler, Casey' Kopia: [email protected]; [email protected] Ämne: Re: [Tizen General] Tizen security Thank you for the replies, which make me very hopeful about Tizen. I would like to add that it is very important that users can be sure that there is no backdoor, software updates that the user can't control, etc. Please don't repeat the mistakes others have done (see e.g. http://www.technobuffalo.com/2013/08/22/nsa-windows-8-exploit/). Sven -----Ursprungligt meddelande----- Från: Carsten Haitzler (The Rasterman) [mailto:[email protected]] Skickat: den 8 januari 2014 01:09 Till: Schaufler, Casey Kopia: Sven Ruin; [email protected]; [email protected] Ämne: Re: [Tizen General] Tizen security On Tue, 7 Jan 2014 16:45:30 +0000 "Schaufler, Casey" <[email protected]> said: i'd say there is an objective thing to tizen (at least for tizen 3 on)... smack allows us to have multiple users AND application containering (via smack) into their own "effective" uid. android re-used uid's for each app "container" so we lost multi-user... unless android goes using groups for users... but then you can have users and not groups... :) tizen has 1 EXTRA layer of containering for apps vs android. that allows more control and still a familiar user model for developers, system builders, etc. > Tizen is taking security very seriously. We are using the Smack Linux > Security Module to provide mandatory access control. We are taking a > very aggressive stance with regard to keeping system services > protected. There is > unlikely to be a hardened version of Tizen simply because we are > creating a > hard system by design. It is our intention that Tizen will be more > secure than the alternatives, even those that have been augmented to > meet special needs. There will always be debates about which security > scheme is best and > where the line between security and user experience should be drawn. > There isn't an objective security measure, so there will be a > component of personal > judgment in any comparison. By putting security into the initial architecture > we believe that Tizen will compare well with any other system in the > marketplace. > > > From: [email protected] > [mailto:[email protected]] On Behalf Of Sven Ruin Sent: Monday, > January 06, 2014 9:45 PM To: [email protected] > Cc: [email protected] > Subject: [Tizen General] Tizen security > > To the Tizen community, > > As you may know, some find it hard to see what Tizen has to recommend > over existing products. I'm not yet familiar with Tizen, but think one > of the most > important advantages that Tizen could hopefully bring is a higher > level of security. Therefore I wanted to ask if Tizen will really be > much more secure > than other alternatives, in particular Android, even if Tizen will one > day capture a large market share? > > For background information, see for example F-Secure's Mobile Threat Report > Q3 2013 on http://www.f-secure.com/en/web/labs_global/whitepapers/reports. > > Best regards, > > Sven Ruin -- Carsten Haitzler (The Rasterman) <[email protected]> _______________________________________________ General mailing list [email protected] https://lists.tizen.org/listinfo/general _______________________________________________ General mailing list [email protected] https://lists.tizen.org/listinfo/general
