Neo security: running everything as root, and lacking a root password (was: Re: root)

Mark markitect at gmail.com
Fri Jan 11 19:43:57 CET 2008 

It doesn't seem like separate restricted users for different phone
system parts would be that helpful.  The code still needs to be
secure.  Say for example gsm gets compromised, then even with separate
users they still have full gsm access and can make phone calls.  The
only advantage to isolating processes would be that you can deny them
access to change firewall rules to allow routing trough the wireless
or something, which in my opinion is the second most important part of
security (after applications that have no vulnerabilities).  On that
note I think especially once GTA02 is out iptables will be rather
important.

On Jan 11, 2008 6:44 AM, Joseph Reeves <iknowjoseph at gmail.com> wrote:
> Of course, F-Secure sell mobile anti-virus software, and he could have
> easily avoided infection by employing a more sensible use of
> Bluetooth, so I always take these sorts of comments with a pinch of
> salt. Having said that, the F-Secure blog is pretty good, and probably
> essential reading for anyone interested in this discussion.
>
> I've said it before, but is anyone thinking of bitfrost on the
> openmoko platform?
>
> http://wiki.laptop.org/go/Bitfrost
>
> Joseph
>
>
>
>
> On 11/01/2008, Christopher White <chris at grierwhite.com> wrote:
> > Regarding security and mobile phones..
> >
> > I recently read an interesting interview with Mikko Hypponen, chief
> > research officer of F-Secure in IIEE Security and Privacy (Nov/Dec 07).
> >
> > He touched on the topic of security and mobile phones, even mentioned
> > that he has received four worms on his mobile phone (they didn't infect,
> > as he had antivirus protection), all variations of the Cabor or the
> > CodeWarrior worms.  One was beamed to his phone from a passing car,
> > likely from an infected phone.
> >
> > The most interesting point he makes is that while infecting computers
> > can indirectly be costly (identity theft, time spent, loss of critical
> > data, etc.), infecting mobile phones can be *directly* costly.  This is
> > due to the built in billing system in mobile phones.
> >
> > I would imagine lack of a serious attention to security might be a
> > barrier to wider scale deployment, particularly in a business
> > environment.  As the device will potentially carry highly sensitive data
> > such as contacts, email, even documents, security will be key.
> >
> > ...cj
> >
> > On Thu, 2008-01-10 at 15:53 -0800, Michael Shiloh wrote:
> > > Hi Brandon,
> > >
> > > (I encourage everyone to use meaningful subject lines)
> > >
> > > I suspect the real reason was that it was the easiest and quickest thing
> > > to do at the time, and allowed the developers to focus on more pressing
> > > issues, like getting the rest of the system working.
> > >
> > > I'm sure this will change in the future to a more secure system, and I
> > > welcome all the ideas that have been suggested of what that might look
> > > like. I'm pretty sure there is a wiki page where that's been started
> > > already. If not, anyone is welcome to create one and to post these ideas
> > > there.
> > >
> > > Michael
> > >
> > > Brandon Kruse wrote:
> > > > I cannot speak for them, but look at your market place.
> > > >
> > > > Not secure servers but mobile telephony.
> > > >
> > > > The phone is as secure as you make it, and they have faith in the
> > > > programs that are on there.
> > > >
> > > > Heck you could even make a security package to lock it down a little for
> > > > those who want something extra.
> > > >
> > > > Anyone else?
> > > >
> > > > --------------------------------
> > > > Brandon
> > > >
> > > > On Jan 10, 2008, at 4:30 PM, Denis <shulyaka at gmail.com> wrote:
> > > >
> > > >> So why did OpenMoko developers decided to run everything as root?
> > > >>
> > > >> 2008/1/11, Brandon Kruse <admteamkruz at gmail.com>:
> > > >>> Good luck easily hacking over a GPRS connection. Make your password
> > > >>> longer than 6 characters, a ban after retry attempts, take it off port
> > > >>> 22 and that will save 95% of attacks from script kiddies. (everything
> > > >>> I listed is controllable on sshd_config, I believe)
> > > >>>
> > > >>> Just imho it helps, opinion and experience :)
> > > >>>
> > > >>> But overall, I agree, but your privileges are only as safe as your
> > > >>> software.
> > > >>> (eg when you run a socket based process as root, you trust it.)
> > > >>>
> > > >>> However, you make a good point :)
> > > >>>
> > > >>> Kde and gnome take that precaution with gtk based Sudo when you login
> > > >>> as a normal user (at least in debian/ubuntu) and I like that method.
> > > >>>
> > > >>> --------------------------------
> > > >>> Brandon
> > > >>>
> > > >>> On Jan 10, 2008, at 3:43 PM, Denis <shulyaka at gmail.com> wrote:
> > > >>>
> > > >>>> But as far as I understand it's not secure, esp. for a device with
> > > >>>> wi-fi, bluetooth, gprs and running ssh daemon! Linux gives us a great
> > > >>>> power of user privilegies management but we waste it. Woldn't it be
> > > >>>> better to run everything as an unprivileged user, or at least ask for
> > > >>>> password at first run time?
> > > >>>>
> > > >>>> _______________________________________________
> > > >>>> OpenMoko community mailing list
> > > >>>> community at lists.openmoko.org
> > > >>>> http://lists.openmoko.org/mailman/listinfo/community
> > > >>>
> > > >>> _______________________________________________
> > > >>> OpenMoko community mailing list
> > > >>> community at lists.openmoko.org
> > > >>> http://lists.openmoko.org/mailman/listinfo/community
> > > >>>
> > > >>
> > > >> _______________________________________________
> > > >> OpenMoko community mailing list
> > > >> community at lists.openmoko.org
> > > >> http://lists.openmoko.org/mailman/listinfo/community
> > > >
> > > > _______________________________________________
> > > > OpenMoko community mailing list
> > > > community at lists.openmoko.org
> > > > http://lists.openmoko.org/mailman/listinfo/community
> > >
> > > _______________________________________________
> > > OpenMoko community mailing list
> > > community at lists.openmoko.org
> > > http://lists.openmoko.org/mailman/listinfo/community
> >
> >
> > _______________________________________________
> > OpenMoko community mailing list
> > community at lists.openmoko.org
> > http://lists.openmoko.org/mailman/listinfo/community
> >
>
> _______________________________________________
> OpenMoko community mailing list
> community at lists.openmoko.org
> http://lists.openmoko.org/mailman/listinfo/community
>

More information about the community mailing list