MokSec - The Security Framework
Kalle Happonen
kalle.happonen at iki.fi
Mon Jul 14 09:20:06 CEST 2008
Hello,
I've only had my freerunner for a week or so, so I'm not too into the
security aspects yet. One thing I did notice was of course passwordless
root login. Now over usb this can be acceptable, but if this is possible
over wifi (I haven't actually tested), it needs the firewall / make it
listen only to the usb.
In addition to that, a separate encrypted partition for /root (or /home
if the account will changed to a non-privileged user) could be nice, but
maybe too heavy and battery draining?
In addition to that, I'd say all linux security administration best
practices should be at least considered, including automatic security
updates.
After the basic security is in good shape, one could move on to fun
things like phone lock/unlock/shutdown with an sms, personal data
backups / remote removal... the possibilities! :)
Cheers,
Kalle
Yorick Moko wrote:
> This mail was posted on the devel list
> (http://lists.openmoko.org/pipermail/openmoko-devel/2008-July/003594.html).
> Thought it would interest a lot of people who are not subscribed to
> that list:
>
>
> Hi Guys,
>
> a few months ago we have planned to improve the security of our beloved
> Neo, after we have read about desires of the community regarding to the
> security issue.
>
> And here we are. Today I will present you our project MokSec.
>
> What is MokSec?
> ===============
>
> MokSec is framework which target is to improve the security of the mobile
> devices which are based on OpenMoko (and other frameworks which are running on
> Neos)
>
> What is our main focus at the moment?
> =====================================
>
> The main focus is the encryption over GSM. This is very complicated issue and
> for this we searching developer which are willing to work with us on this
> interesting project.
>
> What are the other components?
> ==============================
>
> At the moment we only working on a phone firewall, which will be
> blocking/accepting incoming calls. Later one we will add other projects or
> developer will be able to add their projects.
>
> Were you can find more informations?
> ====================================
>
> http://moksec.networld.to : The main page
> http://moko.networld.to : The git repositories
> http://networld.to/mailman/listinfo/moksec-public : The mailinglist
>
> We hope that a lot of people will work with us on the security issue.
>
> Happy programming
>
> Alex Oberhauser
>
> _______________________________________________
> Openmoko community mailing list
> community at lists.openmoko.org
> http://lists.openmoko.org/mailman/listinfo/community
>
More information about the community
mailing list