Privacy and proper security jails
asked 2014-06-08 17:16:44 +0300
Heippa,
I see a lot of questions regarding privacy and security concerns which are all very valid given the revelations during the last 12 months. I used to work in Nokia Telecoms R&D for a while in the 90s and regarded Nokia/Finland as pretty good when it comes to privacy and security - all since the anon.penet.fi days...
The Meebo platofrm was using Smack via LSM, but that of course got killed by the MS takeover of Nokia and differing security priorities I am sure. I see "many" promoting the Immunix/Novell/Canonical/US-based Apparmor which has been rebranded several times. Some are funnily enough even promoting the NSA SELinux variant...
What process jails are you going to be aiming for? Will the jail be "government friendly" or "privacy first"?
No one other than the low-level network handlers need to know MAC-ids of surrounding WIFIs - is there or will there be a secure way to block or just blank the response to such queries? The same goes for GSM cell information and GPS as many have already asked here - will there be a secure way to return blank information or block requests for GSM cell information? This also applies to IMEI information - will there be a way to return blank information or block requests for IMEI information upon mobile phone user discretion to such processes asking for identifiable information?
The same goes for protecting the address book, messages, gallery, storage cards, stored files and filesystem in general - will there be ways to return blank structures or block such requests on user discretion? Another nice thing could be to be able to "reset" applications to some pre-installation or first initial state - e.g like "vagrant destroy" to reset an app and leave as few identifiable device fingerprints as possible.
The NSA has a patent for triangulating even regarding to elevation based on signal tracking of GSM and WIFI signal levels. Will Sailfish OS ever have capabilities to prevent such tracking?
What are the security and privacy considerations that Sailfish OS will focus on? The EU has passed legislation allowing EU citizens the right to privacy, and the operator records hold the information required of EU governments. The model over on the "other side of the pond" is to let corporations extract as much as possible and then just require them to turn over all the info willingly or otherwise to authorities. Friday June 6th the EU commission met and EU Justice Commissioner Viviane Reding explicitly stated that: "All companies operating on European soil have to apply the rules." http://www.reuters.com/article/2014/06/06/us-eu-dataprotection-idUSKBN0EH1ER20140606 Does Sailfish and Jolla plan to accommodate the view of the EU commission and offer to protect users?
Does Sailfish OS intend to be an alternative to this dark present state of affairs? Many businesses would be very interested in more secure alternatives and in my sector which is the petroleum industry, we are all the time trying to keep up to avoid industry espionage and state espionage.
Can effective process jails be setup for e.g browsers or any app on Sailfish? I know that except stuff like Qubes OS, it is very difficult to protect monolithic kernels with regards to driver and low-level access. I remember some years ago some Australian making a hypervisor for ARM-based mobile platforms, but what are you planning for making applications run without capabilities of escalating permissions?
Is it possible to run something like the Unbound DNS cache on Sailfish OS? Does Sailfish OS use DNSSEC -now that most of Europe is actually using it? Is it possible to prevent DNS leaking with Sailfish OS somehow? Is iptables or similar routing possible to prevent requests outside of e.g VPN devices?
Best of luck to you guys!
These are some great questions. It would be very interesting to see any official answers.
Drekkarian ( 2014-06-09 22:27:18 +0300 )editGreat to have such a security oriented people among us! Thanks for your questions, hope they get answered too!
simo ( 2015-04-01 02:59:11 +0300 )edit