[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] How safe is smartphones today?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] How safe is smartphones today?
From: David Rajchenbach-Teller <dteller@xxxxxxxxxxx>
Date: Fri, 04 Apr 2014 11:04:53 +0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 04 Apr 2014 05:11:46 -0400
In-reply-to: <20140404025214.GB26842@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <533C96AF.2050004@xxxxxxxxxxxxxxxxxxxxxxxxxx> <20140403013535.GA9002@xxxxxxxxxxxxxx> <533D2198.9070302@xxxxxxxxx> <533D343B.2000102@xxxxxxxxxxx> <20140404025214.GB26842@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:24.0) Gecko/20100101 Thunderbird/24.4.0

On 4/4/14 4:52 AM, Mike Perry wrote:
> David Rajchenbach-Teller:
>> As a side-note, there is a will to make FirefoxOS very safe, but as far
>> as I know, very few people work on this actively at the moment. If you
>> are interested in contributing to this effort, I can try and find you a
>> good interlocutor.
> 
> I looked into this and made contact with the FFOS team about potential
> collaboration, but it was not a priority for them. We would effectively
> be responsible for doing all of this work ourselves.
> 
> This would actually be a lot of work for us to do, too. There are
> several architectural changes needed to Firefox OS in order for us to be
> able to do the things I did with Android in this post:
> https://blog.torproject.org/blog/mission-impossible-hardening-android-security-and-privacy
> 
> In particular, the following is a sampling of my more major concerns:
> 
> 1. Apps share a lot more state and linkable identifiers due to running
> in the same parent Gecko process (and sharing much of the HTTP stack).

Actually, that's not true. Maybe you checked on B2G Desktop, which uses
a single process. On the real FirefoxOS, each app runs in its own
process, with the following exceptions:
- the browser UI (i.e. the url bar) is part of the system process;
- dialer, contacts and First Time use are three view of the same
application.

> 2. This also means that apps are way less protected from one another
> than on Android (where everything runs as both a separate process *and*
> a separate user ID).

Each process has a distinct uid.

> 3. There are no per-app proxy settings, and individual apps can not be
> blocked from accessing the network.

Investigating the issue. I believe some work is needed here, but that
doesn't look too hard platform-wise.

> 4. The system-wide proxy settings still allow for a number of things to
> leak outside of Tor.

What kind of leaks do you have in mind?

> 5. It is my understanding that apps can source remote JS libraries over
> HTTP if they wish, and nothing prevents this. This effectively means
> that what you think is your app may not be your app at all.

By default, that is correct. What would you suggest?
I know that the system can detect attempts to access the network by an
app, so I suspect that it wouldn't be too hard to fully deactivate
network access once the app is installed.

Cheers,
 David

-- 
David Rajchenbach-Teller, PhD
 Performance Team, Mozilla
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] How safe is smartphones today?
  - From: anonymous coward
- Re: [tor-talk] How safe is smartphones today?
  - From: Mike Perry
- Re: [tor-talk] How safe is smartphones today?
  - From: nb.linux
- Re: [tor-talk] How safe is smartphones today?
  - From: David Rajchenbach-Teller
- Re: [tor-talk] How safe is smartphones today?
  - From: Mike Perry

Prev by Author: Re: [tor-talk] How safe is smartphones today?
Next by Author: Re: [tor-talk] Programming language for anonymity network
Previous by thread: Re: [tor-talk] How safe is smartphones today?
Next by thread: Re: [tor-talk] How safe is smartphones today?
Index(es):
- Author
- Thread