Hi. I just found this forum, and I apolgize if these questions are already answered someplace else but I really don't have a lot of time to be searching right now.

I am looking for an internet tablet for the sole purpose of being able to send/receive email and chat via Google Gmail. All of the other features of the 810 are nice, but all I really need is the email communication part. Since its primary use would be email (and lots of them) the keyboard feature of the 810 seemed very nice. It also needs to be small enough to fit into a purse, and the 810 seems to fit this criteria too.

My concern is about security. This tablet will be given to a woman who is trying to extract herself from an abusive relationship (which is a lot easier said than done). Keylogger and internet tracking software has already been installed on the home PC in order to track her activities, and she no longer has a secure way of communicating with friends and family.

Here are my questions:
- does the 810 have a password option on startup?

- if it has a password feature how secure is it? Does it trigger the password in the early stage of booting up so that you couldn't install malicious software without first getting through the password stage?

- is it possible to boot the 810 through any sort of USB connecttion and extract the content onto another PC?

- If the 810 won't meet my needs do you have any other suggestions?

These questions are complicated by the fact that the person trying to breach the security might have physical access to the 810, not just someone trying to intercept your communications in a wi-fi cafe or something.

I am more than willing to spend the $$ on the 810 but only if it is going to be secure. If she can't secure it then she can't use it and it will just become an expensive paperweight.

Thanks!

Yes, the n800 and n810 have lock codes you can set (it comes with a default lock code that you can Google) so be sure to change it. Once enabled it will ask for it every time at start up. Without it you cannot access the device even if you plug in the USB connection. I believe you cannot flash it either without the lock code (after enabling it).

Unsure of SD cards however, people could always eject them so don't put anything on the SD card that you want to keep private.

Good luck, I took a class on domestic violence, and in the second semester I worked in a domestic violence shelter. So I know a little about how hard it is.

Physical access trumps everything. I can extract almost anything from any system, including passwords, assuming I have physical access.

There's no 100% security against physical access. The data on the device is not encrypted and it can probably be read without knowing the code using the flasher utility, USB and some inside knowlege about how N810. However this or installing other nasty stuff such as software keyloggers is not trivial and cannot be googled. If he tries this it will take time and programming knowledge.

I think the tablet can serve as a secure communication device if passwords arent stored locally and all communication is encrypted.

The big advantage of chosing N810 over a regular computer is, that probably neither for its hardware nor for its software any malware is available. That is, if you want to install a keylogger (either hardware or software) on the N810 you have to do it manually.

Cheap alternative: Boot from a Linux Live CD like Knoppix. If the hardware cannot be manipulated, I'd consider this equally secure. (Of course, any computer can be compromised, but not by anyone. I think, it's difficult to install a hardware keylogger on modern notebook.)

Actually i think, given it is a linux device makes it a lot harder to install any spyware kind of thing anyway...

I suspect that the tablets will be secure enough for this use... IF the owner is diligent.

I suggest using a web based mail, and not store the password on the device. This way nothing is stored on the Nokia.

This being said, nothing is 100% sure. It is always possible to install a sniffer on the network.

I don't know how good the password protection is and where it is stored. It is, for example, possible, to boot an IT from a SD-Card. Is this blocked by a password?
Is the filesystem mountable without the password?

For the rest: I believe it is a huge advantage, that the ITs are linux based.

Some random thoughts:
Concerning the emails, that woman should choose a mail provider which allows ssl-encrypted connections for sending and receiving, so even *if* there was a sniffer on the network, it would be useless to sniff the traffic.

These emails should be fetched with a mail client that saves the ssl certificate (claws mail does that for example, and it is capable of imap4-mailboxes with ~20000 mails in it). After the ssl certificate is saved, man-in-the-middle attacks are useless (as they would offer a "changed" certificate. (man-in-the-middle attack is roughly: The intruder sits on your network and watches you wanting a ssl connection to mail.provider.net. He cuts your connection but offers you *his* ssl-certificate, boasting to be mail.provider.net. The victim believes it is the certificate of his provider, accepts it and has a secure connection... to the attacker, who decodes the traffic and re-encodes it for the *true* provider, so the victim won't notice anything... except that the certificate changed...))

I don't know how well GTalk is encrypted and whether you can access it per https, but it might be worth to consider data connections via cell phone instead of wlans (but you might get a trojan on the cell phone...)

Oh, the cell phone should be as simple as possible, no symbian os or windows mobile, no camera... the less "os" the less trojanizing opportunities ;-)


/EDIT: http://www.internettablettalk.com/fo...ad.php?t=15742
discusses booting from a fully encrypted partition - so the whole file system can't be read with the IT off

My concern would be that if the abuser has gone this far already, why would he not take/destroy the n810?

Other options that might make sense...

Sidekick? A used one + a prepay plan
Cell phone/tracfone? Many shelters will give these to abuse victims
Linux LiveCD/Bootable USB? Reboot the computer and have a secure environment for using a webmail service

The n810 sounds like it *might* work, but it can be a little quirky.

Just as an aside, I once helped a woman in a similar situation try and protect some data with things like passwords, and when the abuser ran into them, she got beaten very badly.

Know what you're doing, I think the moral of that is.