Philippe,
I have to disagree with your assertion of where Nokia's responsibility
ends.
Since Nokia is actively encouraging the development of 3rd party
applications including ones which are TCP/IP Stack/Internet enabled,
Nokia (or any other similar device manufacturer for that matter that
creates an extensible platform like this) has a responsibility to do as
much as it can, within the constraints of the device capabilities
itself, to make the device safe from attack even at the application
level. In today's world,doing so for a product developer like Nokia is
simply good corporate citizenship. By analogy, there was a time when
cars did not have air bags or for that matter safety belts and the
manufacturers considered driver safety to be an "application layer" problem.
Maybe the target market for 770 and N800 does not include the business
market, but If Nokia is at all interested in penetrating that market for
a device like the N800 Nokia will surely have to come up with a very
strong offering with respect to device security. Otherwise the CIO's of
the world will not let this device into their network perimeter, at
least not knowingly.
Best Regards,
John Holmblad
Philippe De Swert wrote:
Hi,
On Tue, 2007-02-20 at 10:12 -0600, Paul Klapperich wrote:
The internet tablet runs an Xserver for one. Use nmap on your PC to
scan your Nokia. It has open ports. Marius had specifics earlier.
Which is a fixed bug, and will be closed in the next release. It's not
rocket science to fix this yourself now if it worries you, which will
make it zero open sockets on a N800.
Yes, someone should make an iptables package for the people who are
running services on their N800. However the stock image has no services
so doesn't really need a firewall.
I second Ross here. Nokia only has a responsability towards its own releases.
You can hardly expect that they can secure every possible deamon or service
they are NOT running or delivering themseleves. It is the security of the
STOCK image that counts.
OTOH for somebody who is concerned about getting a firewall, it should not be
too hard to port iptables. It has been done very often for other platforms.
Cheers,
Philippe
---
Scarlet One Unlimited
Free national calls, surf up to 6 Mbit/s, 50 GB download volume
For only EUR 49,95 per month. No Belgacom subscription needed. All in!
http://www.scarlet.be
_______________________________________________
maemo-developers mailing list
maemo-developers@maemo.org
https://maemo.org/mailman/listinfo/maemo-developers
_______________________________________________
maemo-developers mailing list
maemo-developers@maemo.org
https://maemo.org/mailman/listinfo/maemo-developers
