Ask / Submit
13

Sailfish Secure -- for govs and corps only?

asked 2015-03-03 10:15:37 +0200

decibyte gravatar image

updated 2015-03-03 10:43:13 +0200

jiit gravatar image

From yesterday's press release (My emphasis):

With Sailfish Secure, the two Finnish companies, Jolla Ltd. and the market leader in security solutions, SSH Communications Security, are aiming to answer the increased demand in privacy in mobile communications. The solution will be based on a security-hardened version of the open and independent mobile operating system Sailfish OS, and SSH’s communication encryption and key management platform.

Customers for the solution can include government officials, and corporations needing a secure mobile solution. The aim is also to make the solution affordable for consumers.

I may read this wrong, but does this mean there will be a more security-hardened fork of SailfishOS targeted govs and corps? If so, how come you don't want to harden the existing SFOS? I, as a regular citizen, also want the most secure SFOS. And I want my friends to have it as well. Not only govs and corps.

Can you please explain the thought behind this a bit more?

Thanks!

edit retag flag offensive close delete

1 Answer

Sort by » oldest newest most voted
5

answered 2015-03-03 10:25:01 +0200

juiceme gravatar image

As I understand it, the Security-hardened SFOS version will also be available to "normal" customers.

There is some sense in havng the OS come in 2 differently placed flavours; I'd assume that the security features can be implemented on a device with locked boot loader and reduced access to the device internals (like no developer mode for example)

For many people intrested in the tweakability of the platform and OS this is not an optimal solution, hence the 2 variants.

edit flag offensive delete publish link more

Comments

1

This is also discuss on Twitter and Harri Hakulinen responded this https://twitter.com/HarriHakulinen/status/572667259346399232 So it' will be one core. Lets ask it at the next SFOS community meeting

I ask the question link fot the next meeting

Nokius ( 2015-03-03 10:30:25 +0200 )edit
1

Uhm, I suppose that if you are intereted in a certification, then locked bootloader and no develoerp mode is needed.

That does not mean that security improvements would not come to those activating develper mode... only that they must be very careful what they install.

Say the security improvement include an encrypted partition: the feature will still be there.

mikelima ( 2015-03-03 10:53:36 +0200 )edit

@Nokius - i couldn't find an answer to the question you wanted to ask ath the SFOS community meeting. Would you mind pointing out or telling more?

kaktux ( 2015-07-03 11:14:12 +0200 )edit

@kaktux Sorry may a bit late but late is better then never, here are the logs of the meeting http://merproject.org/meetings/mer-meeting/2015/mer-meeting.2015-03-10-15.00.log.html

Nokius ( 2015-07-15 22:40:51 +0200 )edit
Login/Signup to Answer

Question tools

Follow
4 followers

Stats

Asked: 2015-03-03 10:15:37 +0200

Seen: 542 times

Last updated: Mar 03 '15