On Wed, Jun 4, 2008 at 11:07 AM, David Dyer-Bennet <dd-b@xxxxxxxx> wrote: <snip> > > I can probably just be careful about ssh agent and keys, I don't use it > *that* much on the N800. My fallback position on the email config would > be to be prepared to change the password there on short notice, which is > easy enough to do. It's a bit inelegant. > > Also anything where the browser is keeping the passwords for me would be > at risk. > > I know *so* many people who have had portable electronic devices lost or > stolen, I really do think it's a much bigger threat than desktop systems > (I do know some people who have had those stolen as well, but not nearly > as many). > > And, because it's Linux underneath, I tend to think in terms of the level > of security I normally try to achieve on my linux boxes. > > I'm kinda left feeling that security was not considered in the design of > the software system for this box. ... which is why the whole root situation is so frustrating. They went to great lengths to "protect" the devices from their legitimate owners, while leaving the owner's data completely and utterly exposed. That's one really good reason why (whether they agree or not) Nokia should have made a decent PIM part of the package out of the box, and it's probably the major reason why they didn't; they didn't want to go to any effort to deal with the security side of it. By pronouncing the devices "NOT PDAs" they're attempting to absolve themselves of any responsibility on that front. However, there's no justification for assuming people want to carry around another device, especially when with VoIP it's perfectly legitimate to expect some people to do without a smartphone (or maybe even *any* mobile phone) if they have one of these. Why didn't they just force owners login to their tablet like you do in most Linux distros? If they used the same kind of login process as desktop Linux, users could choose whether to autologin if they don't care about security or require logging in if they do. Between that and the "lock device" feature (which should also have a timeout feature to automatically lock it after a selectable period of inactivity and would work like screensavers that can be set to require a login to exit the screensaver) would go a long way toward satisfying basic security needs. Inclusion of on-the-fly encryption (especially for the removable cards) would round out the package nicely. Mark _______________________________________________ maemo-users mailing list maemo-users@xxxxxxxxx https://lists.maemo.org/mailman/listinfo/maemo-users
