Reply
Thread Tools
Posts: 6 | Thanked: 7 times | Joined on Apr 2020 @ Nuuk
#1
Hoi,
just some thought provoking questions

since Meego is discontinued i was wondering how safe it is regarding privacy compared to android or microsoft phone os, which arguably have back doors in the system. Also regarding hardware, for example i read the privacy statements of HMD and Huawei, where they quite explicitely say they will log your every action on the phone etc.

Since google apps are not integrated into meego and basically all apps running now are by developpers (openrepos etc), is it likely the provacy is better on meego? only unfortunate thing is battery os non removable. it has been proven that android phones still send out gps data to google servers even if in flight mode - that is something that cant happen with N9 right,? assuming i use non google apps

or is meego much more "attackable" now since it may lack current security updates?
let me know what you think
 

The Following 2 Users Say Thank You to LisaFass For This Useful Post:
Community Council | Posts: 4,920 | Thanked: 12,867 times | Joined on May 2012 @ Southerrn Finland
#2
Originally Posted by LisaFass View Post
Hoi,
just some thought provoking questions

since Meego is discontinued i was wondering how safe it is regarding privacy compared to android or microsoft phone os, which arguably have back doors in the system. Also regarding hardware, for example i read the privacy statements of HMD and Huawei, where they quite explicitely say they will log your every action on the phone etc.

Since google apps are not integrated into meego and basically all apps running now are by developpers (openrepos etc), is it likely the provacy is better on meego? only unfortunate thing is battery os non removable. it has been proven that android phones still send out gps data to google servers even if in flight mode - that is something that cant happen with N9 right,? assuming i use non google apps

or is meego much more "attackable" now since it may lack current security updates?
let me know what you think
Both scenarios apply to some extent.

As long as you do not install google stuff you are safe from their eyes; however using openrepos means you need to trust the community developers. I would say it is fairly safe to do that, but the most paranoid people only install stuff they have compiled themselves.

The fact that the kernel and libraries are hopelessly obsolete does mean that there are gaping holes to be exploited. However the N9 devices are fairly rare so I guess that gives some safety; there is probably nobody actively trying to break into your device.
__________________
Dave999: Meateo balloons. What’s so special with em? Is it a ballon?
 

The Following 7 Users Say Thank You to juiceme For This Useful Post:
Posts: 253 | Thanked: 1,007 times | Joined on May 2010 @ Near Munich
#3
The software on the N9 is very good privacy wise, and with Nokia having shut down all services connected to it, you can be even more sure no data about your usage will be sent somewhere.

But we have to face, that there is the big flaw as mentioned by juiceme. The Operating system is old, very old by software standards.

As an example: If you have Bluetooth enabled a skilled hacker can get your data that way. But there exists no known exploit in the wild, so I agree with juiceme that somebody attacking your phone that way is no big risk.

Another aspect is missing protection against somebody reading your data if they acquire the device. Modern phones protect against this by encrypting the data. On the N9 anybody can load a rescueOS image and steal your data.

So you have privacy in your daily life, but don't trust your N9 as save data storage when you travel.
 

The Following 2 Users Say Thank You to Macros For This Useful Post:
Posts: 6 | Thanked: 7 times | Joined on Apr 2020 @ Nuuk
#4
Thanks guys, it is just as i thought

Edit: I was indeed mainly concerned about backdoors in Hardware and software from factory. I was a bit worried after i found out Intel was part of the Meego development team
 

The Following User Says Thank You to LisaFass For This Useful Post:
Community Council | Posts: 4,920 | Thanked: 12,867 times | Joined on May 2012 @ Southerrn Finland
#5
Originally Posted by Macros View Post
Another aspect is missing protection against somebody reading your data if they acquire the device. Modern phones protect against this by encrypting the data. On the N9 anybody can load a rescueOS image and steal your data.
Actually there's a fix for that; altough I never released it due to some performance problems (which could be mitigated by installing more recent version of fuse but I never got around to packaging it...)

So what I did is I hacked the boot using ubiboot and evtap to create a vkb running on preboot, and used that to input passphrase to ecryptfs. Not as neat as can nowdays be done with luks but fairly good security for /home and /MyDocs
__________________
Dave999: Meateo balloons. What’s so special with em? Is it a ballon?
 

The Following User Says Thank You to juiceme For This Useful Post:
Community Council | Posts: 4,920 | Thanked: 12,867 times | Joined on May 2012 @ Southerrn Finland
#6
Originally Posted by LisaFass View Post
Thanks guys, it is just as i thought

Edit: I was indeed mainly concerned about backdoors in Hardware and software from factory. I was a bit worried after i found out Intel was part of the Meego development team
Everything is of course possible but there are no known backdoors in the device. (And BTW the chipset is not Intel but an arm variant from TI...)
__________________
Dave999: Meateo balloons. What’s so special with em? Is it a ballon?
 

The Following User Says Thank You to juiceme For This Useful Post:
Reply

Thread Tools

 
Forum Jump


All times are GMT. The time now is 15:38.