On Mon, 2010-03-29 at 09:07 +0200, [email protected] wrote: > > -----Original Message----- > > From: [email protected] [mailto:[email protected]] > > On Behalf Of ext Samir Faci (Dev) > > I'm just wondering how the market will be sanitized. Is anything > > going to put in place to prevent rogue processes from bring down your > > phone? > > In the architecture picture [1] there is a yellow bar on the side called > SECURITY. > It will stop the application from doing things that it is not supposed to do, > like bring the device down. I think this is the most important answer. We've not seen the full details yet but there is information out there on the upcoming framework. http://wiki.maemo.org/Maemo_security
> > Most importantly, how is security going to be death with? I would > > think someone could easily develop and write an application that is > > malicious and call back home with personal information of the user > > that he shouldn't have. > > Where would someone share that malicious application? Honestly - Extras. It isn't hard to get malicious code into OSS software. It mainly isn't worthwhile :) > The core repositories are not taking in content from random people. The > community repositories will likewise have a process for checking incoming > code. And commercial software markets all have pretty tight QA in place. Sadly *from a security perspective only* I must disagree with all of those points :) The barrier to entry in the community is very low. A criminal (individual or organisation) who have identified Meego as worth targetting because they've heard the announcements about using the phone for 'money transactions' may already be amongst us and contributing good code. I don't think there is any expectation that the community process will do code reviews or ensure that a 'jpg logo' doesn't have bad code embedded. I do know that the installation process gives the app writer root by default in the current approach. The current extras-nonfree allows binary uploads anyway. As for the commercial ones... it's my understanding that most commercial app stores will host anything if you pay them. Of course you may need to buy a limited company first (£100 in the UK). They'll QA that the app runs - but they won't audit it to ensure it doesn't deploy a keylogging function after a time-delay. The only solution to this is to assume that there is (subtle) malware in some binaries uploaded from extras and ensure the privilege-granting mechanism in future OSes works. David _______________________________________________ MeeGo-dev mailing list [email protected] http://lists.meego.com/listinfo/meego-dev
