FOSS Maemo for high security
 

I've just bought an old and very cheap N900 to play with. I'm not familiar with Maemo. Now I'm wondering what it can do that Android can't.

One of the things about Android is security and privacy. Even with projects such as:

- Cyanogenmod (open source, but it only goes so far)
- Replicant; an attempt to be very open source but failed with binary modem drivers
- the Guardian project; great idea but what about the permissions of other apps
- various permissions apps

It is very easy to slip into allowing an app carte blanche to the whole phone and if you do that then how secure is your privacy anyway? Now bear in mind how tempting it is to use Google Play for installs and that means Google Talk transmitting *something* to their servers randomly.

So one thing that the N900 could be useful for could be as a very secure 2nd phone. Store your Bitcoin wallet here. Make encrypted VoIP calls. Send secure SMS. All in the knowledge that it's much more open source and therefore has the potential to be more secure than Android.

Where can I find more info on this?
Would I be better off with a different O/S? But if so, what? What are the limitations of the hardware? Is it option with the greatest potential for FOSS and security?

Re: FOSS Maemo for high security
 

You are fooled, if you think in categories like one phone system is more secure than another!

Here are my top concerns as disillusioned user using a phone for security sensitive stuff:
1. The (mis)-use of sudo and root to give some applications the possibility to do their intended purpose without any passwords at all, is simply a big, big security hole in the linux system.
2. While real (as in: for the PC) linux distributions do a lot of work to fix bugs and security holes, the aging libs and kernel in maemo is not maintained by nokia, maemo devs, or kernel.org at all, it is simply an old kernel. In the beginning you could get packages from Debian installed, but even getting them from some repository archive for one release before Debian Oldstable, they do not install, because the libs in Debian Pre-Oldstable were at some time maintained, and they do not anymore play nice here in Maemo.
3. The real security concept seems to be: 'Well, nobody cares for us, we are a small, a very small, target, with no real appstore, but a number of repositories, where you have to really learn a new way of contributing, if you are an application developer and a widget set, nobody else uses in the phone market'.

There is no security awareness in smartphone business, well, RIM had it for some time. There is no real encryption, the GSM protocol for data and voice is hacked since a couple of years. There is no easy setup of, even, email encryption, not dreaming about Voip, SMS, chat or a wallett. Applications to monitor the users are common practice, be it from manufacturers, providers or application developers.

To take advantage of FOSS and the concept of 'providing security by openness', there are too few developers actively contributing security fixes. I like the fact, that from day to day people here have still new features in their applications and new ideas. But security is not on anyone's agenda.

Re: FOSS Maemo for high security
 

@michaaa62,

While I tend to agree with what you've written, we need to remind ourselves that the N900 (with Maemo5) is not a smartphone but a mobile Linux box.

All this "app permissions" stuff comes from the realm of smartphones (Symbian, Android, iOS, etc.) You (normally) don't have such systems under normal Linux.

Most user programs in Maemo run under the "user" credentials (like in any other linux).

The only way for a (user) program to become root without user intervention is when said program has been added to the sudoers list (either by the user or by postinstall) -- OK, or by setting the setuid bit, but this happens very rarely, and mostly manually --

Programs that are in the sudoers list are usually there for a reason, so there's not much we can do about that.

One could of course create new application-specific users/groups and configure applications to run as an application-specific user, but then you'd have to tweak a lot so that those applications also can display on the ("user"-owned) X session (or perhaps running a separate X session on a separate VT, don't know if this is possible with Maemo).

In short: your average Linux box behaviour.

Re: FOSS Maemo for high security
 

the problem with smartpone security is not root access. It is user data access, which are obviously not prevented in any way by running programms as user and not root.
This is also true for a linux box, because it only depends on the fact that critical informations are stored on the device unencrypted.
This is should be managed by a security framework, sandboxing applications and restricting API, and this is completely absent from the N900.
You may have to check, but it's fairly possible that recording the screen and the mic can be done with user privileges.
Also, because the kernel is unmaintained, sudoers list is most likely not the only way to get root level anymore (possible security breaches).

So it's more like youre average 2 years old system, without the security framework.

Re: FOSS Maemo for high security
 

thinking aloud here, but...
even though root maybe easily hacked (i'm not aware that i have to enter any password when typing root ?!?) doesn't the very fact that we have a very small user base protect us against "hackers"?
it's fun to hack on our beloved N900s, but what "crook" would be interested in it?

for the applications running in user space, in how far would putting our data under root:root (i think) protect it from casual app access?

final thought about spying apps... doesn't the limited mem & cpu resources protect us against the worst of those in that an app / deamon / whatever that would intercept kbd / sound / touch / display would practically bring the N900 to a standstill?

Re: FOSS Maemo for high security
 

<disclaimer: I'm no security nor OS programming expert>
When you consider that in the desktop you need a market share of more than 10-15% to be targeted by specific attacks, I'd say yes, there's no way someone would write one just for the N900 (or even for Harmattan).
Maybe you could fall generic attacks (like flash based, because we don't have official java :) ), that sometimes impact linux as well, but it shouldn't be worse than your average desktop.

But for a targeted attack, reporting ps regularly to a server, and then recording only when something interesting is happening (with DBUS), you should be able to record whatever you need without to much impact (screen recording is a bit more demanding, uses a noticeable part of CPU)

Re: FOSS Maemo for high security
 

Is there something like 'Whistling in the dark forest' saying in English? Anyway, you are luring yourself in wrong security:Basically flash on the N900 is ancient and insecure, the kernel is also unmaintained since ages, Java is a hack for the N900 and not fixed or maintained, openssh is version 5.1xxx, while the PC has 6.0 in Debian based Linux ( raising major version in linux is never done without a reason! )

Did you ever read the comment in /usr/bin/rootsh, nevertheless the command stays there!

Re: FOSS Maemo for high security
 

Why we do have openssl and gnupg everywhere and our email cleints don't do gnupg, IM does not do OTR and SIP does not do zRTP always made me wonder.

Re: FOSS Maemo for high security
 

Yeah, Jabber OTR would be nice. :) Anyone knows why it is not supported ? Old libs ?

Re: FOSS Maemo for high security
 

And some more to get paranoid:
http://yro.slashdot.org/story/12/08/...by-governments

I felt the need :eek: to specially quote this part: