Possible security hole for Dialers/troyan horses

Todd W trwww at sbcglobal.net
Fri Mar 2 20:34:31 CET 2007


From: Bartlomiej Zdanowski AutoGuard Ltd.

> Todd W napisał(a):
>
>> I don't understand why people think this. I haven't ran in to a phone yet
>> that I couldn't run my own apps on. A particular account may not
>> have the proper level of network access, but that has nothing to do with
>> the capabilities of the phone. Please stop spreading FUD.
>
> You're talking about running apps and I talk about accessing all phone
> peripherals and capabilities to very deep level. That's a security
> threat. You did not understand me, sorry. I don't spread FUD. I do think
> about important issues about developed product.

I've used the J2ME and Windows Moblile SDK's, and neither has prevented me 
from completing tasks. All the tools are there.

>> Every phone I have seen keeps a log of calls made and messages sent. Web
>> based account manager apps provide the same data. The monthly bill does
>> also. I'm not understanding what else you would need?
>
> I would need someone to remember about that while writing phone's
> software. Only pointing that it has been already discovered in other
> product doesn't guarantee that it will appear in OpenMoko. Maybe you
> should laugh at some developer that he thought about LCD display in
> Neo1973, because every phone you have seen has a display.

Granted. But I think you are considering things that are a given.

>>> What do you think?
>> I think you are making a mountain out of a molehill.
>
> I think you have nothing constructive to say. Be critic to show weak
> points and propose new solutions in exchange. Sole critic only kills
> invention. Remember that.

Thats my point... I think there already are standard solutions in place for 
the issues you bring up. I'm not saying your points are invalid, just that 
they are solved problems (for some definitions of solved).

Todd W.





More information about the community mailing list