moko running everything as root
subscribers at tinsputnik.com
Mon Jun 16 18:23:56 CEST 2008
Kevin Dean wrote:
> In the mobile world, there is NOTHING more important than the user's
> data. Nothing. And in the mobile world, you can impliment root priv
> seperations till the cows come home, but it doesn't eliminate the fact
> that the most vulnerable part of the system is being put at risk
This is nonsense.
Encrypt the data and have it backed up via policy/service/etc.
You cannot separate security from a device this powerful. Hell you
cannot separate security from even crappy devices. Hell we now live in
an age where frickin printers come with full webservers with
ssh/ftp/telnet and are now a security risk as much as any desktop.
Despite the common belief, PHYSICAL access to a device DOES NOT
GUARANTEE physical access to data.
A good enough key with a proper authentication scheme will keep the
frickin NSA busy for 10's of thousands of years.
Let's not kid our selves. Security is of the utmost importance
ESPECIALLY IN A WIRELESS WORLD.
If you think Bluejacking was nothing, just wait until you start owning
these puppies during a walk by - hell, I have plans for making a
carrying bag with a full spectrume of equipment and antennas that does
nothing BUT sniff out wireless devices in an attempt to own them just
How long do you think an root priviledged device like this would last
under such circumstances?
The world is getting MORE HAZARDOUS not less, with the full power of
laptops only 10 years old or less in our pockets how can anyone think
this is not a serious consideration?
More information about the community