dillo && security question

Matthias Apitz guru at unixarea.de
Wed Oct 22 09:54:01 CEST 2008


El día Tuesday, October 21, 2008 a las 10:35:23PM -0400, Yaroslav Halchenko escribió:

> > Who is the author of this port of dillo to arm4? There is no reference
> > and the only available download site is http://misc.andi.de1.cc/dillo/
> that page is pointed to from the original dillo's website
> http://www.dillo.org/download.html
> 
> thus it might be worth asking dillo's author(s)?
> 
> .dsc file lists
> Maintainer: Devid Filoni <d.filoni at techemail.com>
> so it might be the same person who did ipk?
> 
> 
> > So what? Who did this port and is it safe to install this on the FR?
> > I'm asking because I think it would be easy to write some maleware which
> > let your FR dial every second some expensive service number or send out
> > SMS as SPAM. Don't get me wrong, I'm only speaking about the possibility
> > and that we should know *what* we install on our FR. I'm wrong?
> nope
> 
> possibility of malware on FR exists, but they will have hard time to do
> anything 'useful' due to the variety of ports and inconsistent
> interfaces :-P
> 
> For those needing security assurance I would recommend to stick to
> Debian

In my original posting I have put Jorge Arellano Cid, the primary and
security contact developer of Dillo.org into Cc: (and I do it now
again); Jorge replied to me (thanks) in private mail that he knows who did the
package of the dillo team and that he will contact the developer to let
him 'sign' somehow this binary package; for reasons of netiquette I will
not put his name into this e-mail but Bcc:'ed him in this e-mail; we
must await his reaction; thanks in advance;

	matthias
-- 
Matthias Apitz
Manager Technical Support - OCLC GmbH
Gruenwalder Weg 28g - 82041 Oberhaching - Germany
t +49-89-61308 351 - f +49-89-61308 399 - m +49-170-4527211
e <matthias.apitz at oclc.org> - w http://www.oclc.org/ http://www.UnixArea.de/
b http://gurucubano.blogspot.com/
A computer is like an air conditioner, it stops working when you open Windows
Una computadora es como aire acondicionado, deja de funcionar si abres Windows




More information about the community mailing list