On Mon, Mar 29, 2010 at 1:19 PM, Samir Faci (Dev) <[email protected]> wrote: > Most importantly, how is security going to be death with? I would > think someone could easily develop and write an application that is > malicious and call back home with personal information of the user > that he shouldn't have.
Open Source doesn't mean that everything is possible. You can have an Open Source system that still follows strict guidelines, which also limits the way processes are allowed to behave (privileges, etc). Elena Reshetova, part of the Nokia Maemo Security team has been working to expose the features of the security platform. I recommend reading the Maemo Security overview[1], which provides answers to quite a few of the most common questions. Please note that this is part of the Maemo project, so the implementation as part of MeeGo might be different. Also, there will be QA processes in place which will aim at ensuring that the most obvious "stealer" applications don't get through, however, nothing will prevent 100% security in a system that tolerates obfuscated code (delayed execution is one example of that, as you correctly pointed out). Again, pointing towards the Maemo project, a community-led Quality Assurance system is in place that prevents applications that could harm or drain the device to appear in the most public repositories. Only after the application has been "voted" up a few times is it allowed to migrate to the next level repository. It is not too difficult to imagine that a similar concept would be used in MeeGo. Everyone is aware of the conceptual fragility of such a system as it has already been proven in the past to be strongly fallible [2]. The main things we can do against malicious applications are non-repudiation and developer trust (or at least, have a framework in place that will make it harder for mal-intended individuals to get their application on the widespread user audience). One example of this would be that a developer who provides binary-only packages to at least be registered with bank details, etc. Another example could be that a developer (or company) that has a good track record could be allowed an easier path, based on the fact that their previous contributions have been positive (the same way that the slashdot karma system works). On the other hand, a new developer does not have any negative path, however will need to go through the full QA process. I haven't been following the mailing lists very closely for some time now, but I'm sure (or at least I hope) this has already been addressed in one way or another. [1]: http://wiki.maemo.org/Maemo_security [2]: http://talk.maemo.org/showthread.php?t=44928 -- question = ( to ) ? be : ! be; -- Wm. Shakespeare _______________________________________________ MeeGo-dev mailing list [email protected] http://lists.meego.com/listinfo/meego-dev
