← previous next →
Pages: [1]

Author Topic: We need CPR for this forum!  (Read 5625 times)

Foxdie

  • Sr. Member
  • ****
  • Posts: 465
    • View Profile
    • http://trackmygps.co.uk
We need CPR for this forum!
« on: December 16, 2003, 09:02:25 am »
Well this section of the forum has been here for quite a while and still it has cobwebs, time to brush them away I think.

The Zaurus, is it secure or not? Why is it/isn\'t it?

Comments please.
Logged
Jason "Foxdie" Gaunt
HTC Universal G4 with 2GB SD card running Debian Titchy Linux
[img]http://trackmygps.co.uk/signatures/foxdie.gif\" border=\"0\" class=\"linked-sig-image\" /]
Click image to view my GPS tracker
Follow me on Twitter: @jasongaunt

Mickeyl

  • Hero Member
  • *****
  • Posts: 1495
    • View Profile
    • http://www.Vanille.de
We need CPR for this forum!
« Reply #1 on: December 16, 2003, 10:03:34 am »
What is CPR ?
Logged
Cheers,

Michael 'Mickey' Lauer | Embedded Linux Freelancer | www.Vanille-Media.de
Consider donating, if you like the software I contribute to.

Anonymous

  • Guest
We need CPR for this forum!
« Reply #2 on: December 16, 2003, 10:16:21 am »
it means die Herz-Lungen-Reanimation

regards,
xconduct
Logged

Foxdie

  • Sr. Member
  • ****
  • Posts: 465
    • View Profile
    • http://trackmygps.co.uk
We need CPR for this forum!
« Reply #3 on: December 16, 2003, 10:47:12 am »
Logged
Jason "Foxdie" Gaunt
HTC Universal G4 with 2GB SD card running Debian Titchy Linux
[img]http://trackmygps.co.uk/signatures/foxdie.gif\" border=\"0\" class=\"linked-sig-image\" /]
Click image to view my GPS tracker
Follow me on Twitter: @jasongaunt

Capt_Caveman

  • Newbie
  • *
  • Posts: 15
    • View Profile
    • http://
We need CPR for this forum!
« Reply #4 on: December 16, 2003, 10:58:35 am »
Is it secure?

Not really, at least not the default configuration.  The 2 biggest weaknesses I can think of off the top of my head would have to be that there is not even a rudimentry firewall installed and the initial root password can only be a numeric string of, IIRC, 8 characters.  The fact that letters or punctuation aren\'t used reduces the amount of time needed to crack passwords by orders of magnitude.  I\'ve seen iptables packages available, but I\'m not sure if you can use it without recompiling the kernel to include netfilter support.  There\'s a boat-load of other security issues you could nit-pick about, but it really comes down to a trade-off between sacrificing usability for security.  How many newbies want to write iptables scripts just so they can get there Z to sync?  Not many.
Logged

Taim

  • Jr. Member
  • **
  • Posts: 66
    • View Profile
    • http://www.lgvfc.org
We need CPR for this forum!
« Reply #5 on: December 16, 2003, 01:05:29 pm »
I think part of the reason security really wasn\'t considered is because PDAs in general do not have security features other than a simple password to keep prying fingers off of them.  Keep in mind, up until recently, wired/wireless/mobile connectivity has not been a popular or affordable option for PDAs.  As more and more PDAs and wired/wireless/mobile solutions become available, PDA OSes  do have to change.

I also wonder if security is a \"size\" issue \'thang.  The more security you pack into a PDA, the more memory and FS space it takes up.
Logged
Taim

Pittsburgh, PA, USA
Zaurus SL5500
Sharp 3.10 ROM
128, 256 MB Sandisk SD
16, 32 MB Sandisk CF
Ambicom Wireless CF

Capt_Caveman

  • Newbie
  • *
  • Posts: 15
    • View Profile
    • http://
We need CPR for this forum!
« Reply #6 on: December 16, 2003, 03:07:49 pm »
True, especially when you think about all the necessary modules that come along with iptables.

Unfortunately a zaurus with wireless networking makes a nice springboard into a network; especially with nasties like samba shares and tFTP available.  Though it is possible to turn off some of the un-needed networking daemons.  I can\'t remember what the default config looks like, but I remember turning off a bunch of stuff when I first got my Z.

To be fair though, I don\'t think that it differs from any other PDA that I\'m aware of.  That just seems to be the industry standard, probably for the reasons you pointed out Taim.
Logged
Pages: [1]
← previous next →