[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] How safe is smartphones today?



David Rajchenbach-Teller:
> As a side-note, there is a will to make FirefoxOS very safe, but as far
> as I know, very few people work on this actively at the moment. If you
> are interested in contributing to this effort, I can try and find you a
> good interlocutor.

I looked into this and made contact with the FFOS team about potential
collaboration, but it was not a priority for them. We would effectively
be responsible for doing all of this work ourselves.

This would actually be a lot of work for us to do, too. There are
several architectural changes needed to Firefox OS in order for us to be
able to do the things I did with Android in this post:
https://blog.torproject.org/blog/mission-impossible-hardening-android-security-and-privacy

In particular, the following is a sampling of my more major concerns:

1. Apps share a lot more state and linkable identifiers due to running
in the same parent Gecko process (and sharing much of the HTTP stack).

2. This also means that apps are way less protected from one another
than on Android (where everything runs as both a separate process *and*
a separate user ID).

3. There are no per-app proxy settings, and individual apps can not be
blocked from accessing the network.

4. The system-wide proxy settings still allow for a number of things to
leak outside of Tor.

5. It is my understanding that apps can source remote JS libraries over
HTTP if they wish, and nothing prevents this. This effectively means
that what you think is your app may not be your app at all.

> On 4/3/14 10:53 AM, nb.linux wrote:
> > In case you don't know it yet, you may also read
> > https://www.fsf.org/blogs/community/replicant-developers-find-and-close-samsung-galaxy-backdoor
> > and
> > http://redmine.replicant.us/projects/replicant/wiki/SamsungGalaxyBackdoor
> > 
> > So free software matters, e.g. by not implementing risky features.
> > But it is not a guarantee and may only work sometimes, as it depends on
> > the architecture of the phone.

-- 
Mike Perry

Attachment: signature.asc
Description: Digital signature

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk