On Mon, 2008-07-14 at 10:57 -0400, Crane, Matthew wrote:
You're forgetting a large attack vector: social engineering. It doesn't
require someone being able to maliciously install something for it to
get on your system, especially once Moko repositories start to flourish
and organizations setup their own for specific apps/purposes.
Additionally, having used several mobile phones (Smart and otherwise)
often it is helpful to be able to decide what abilities a piece of
downloaded software will have (e.g. a game doesn't need to look at my
address book).
You're also assuming that it's a "secure device" and that the owner will
know how to keep it that way. From experience, I can tell you that as
soon as non-geeks get a hold of this phone (Presumably sometime this
fall) device security will go out the window.
> I've been picturing running an encrypted rootfs image off an SD card.
Not a bad idea. I had to do something similar with my Zaurus 5500
several years ago because 14M of storage is not enough. However with the
FreeRunner, I do actually want to keep my rootfs on the rootfs and use
the card(s) for different data sets.
> Once the system boots it's up to the user to unlock the keys to the
Then what happens if you leave the system in sleep mode and accidentally
leave it somewhere and it "wanders off"? You've unlocked the rootfs
already, so as long as the attacker doesn't reboot the phone, they've
got access.
