OESF | ELSI | pdaXrom | OpenZaurus | Zaurus Themes | Community Links | Ibiblio

IPB

Welcome Guest ( Log In | Register )

 
Reply to this topicStart new topic
> We need CPR for this forum!
Foxdie
post Dec 16 2003, 06:02 AM
Post #1





Group: Admin
Posts: 465
Joined: 8-November 03
From: Birmingham, United Kingdom
Member No.: 875



Well this section of the forum has been here for quite a while and still it has cobwebs, time to brush them away I think.

The Zaurus, is it secure or not? Why is it/isn't it?

Comments please.
Go to the top of the page
 
+Quote Post
Mickeyl
post Dec 16 2003, 07:03 AM
Post #2





Group: Members
Posts: 1,497
Joined: 12-November 03
From: Germany
Member No.: 907



What is CPR ?
Go to the top of the page
 
+Quote Post
post Dec 16 2003, 07:16 AM
Post #3





Group:
Posts: 0
Joined: --
Member No.: 0



it means die Herz-Lungen-Reanimation

regards,
xconduct smile.gif
Go to the top of the page
 
+Quote Post
Foxdie
post Dec 16 2003, 07:47 AM
Post #4





Group: Admin
Posts: 465
Joined: 8-November 03
From: Birmingham, United Kingdom
Member No.: 875



http://depts.washington.edu/learncpr/
Go to the top of the page
 
+Quote Post
Capt_Caveman
post Dec 16 2003, 07:58 AM
Post #5





Group: Members
Posts: 15
Joined: 7-August 03
From: Pittsburgh, PA
Member No.: 336



Is it secure?

Not really, at least not the default configuration. The 2 biggest weaknesses I can think of off the top of my head would have to be that there is not even a rudimentry firewall installed and the initial root password can only be a numeric string of, IIRC, 8 characters. The fact that letters or punctuation aren't used reduces the amount of time needed to crack passwords by orders of magnitude. I've seen iptables packages available, but I'm not sure if you can use it without recompiling the kernel to include netfilter support. There's a boat-load of other security issues you could nit-pick about, but it really comes down to a trade-off between sacrificing usability for security. How many newbies want to write iptables scripts just so they can get there Z to sync? Not many.
Go to the top of the page
 
+Quote Post
Taim
post Dec 16 2003, 10:05 AM
Post #6





Group: Admin
Posts: 66
Joined: 4-August 03
From: Pittsburgh
Member No.: 329



I think part of the reason security really wasn't considered is because PDAs in general do not have security features other than a simple password to keep prying fingers off of them. Keep in mind, up until recently, wired/wireless/mobile connectivity has not been a popular or affordable option for PDAs. As more and more PDAs and wired/wireless/mobile solutions become available, PDA OSes do have to change.

I also wonder if security is a "size" issue 'thang. The more security you pack into a PDA, the more memory and FS space it takes up.
Go to the top of the page
 
+Quote Post
Capt_Caveman
post Dec 16 2003, 12:07 PM
Post #7





Group: Members
Posts: 15
Joined: 7-August 03
From: Pittsburgh, PA
Member No.: 336



True, especially when you think about all the necessary modules that come along with iptables.

Unfortunately a zaurus with wireless networking makes a nice springboard into a network; especially with nasties like samba shares and tFTP available. Though it is possible to turn off some of the un-needed networking daemons. I can't remember what the default config looks like, but I remember turning off a bunch of stuff when I first got my Z.

To be fair though, I don't think that it differs from any other PDA that I'm aware of. That just seems to be the industry standard, probably for the reasons you pointed out Taim.
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic
2 User(s) are reading this topic (2 Guests and 0 Anonymous Users)
0 Members:

 



RSS Lo-Fi Version Time is now: 21st September 2014 - 06:15 PM