Talk:Maemo security
(→Is there a diagram showing the security framework and components?) |
(clean up the page now that Elena gave some replies and they were moved to main page) |
||
Line 1: | Line 1: | ||
Suggested questions: | Suggested questions: | ||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
===What is "Open Mode" and can it be revoked remotely?=== | ===What is "Open Mode" and can it be revoked remotely?=== | ||
Line 12: | Line 6: | ||
Maybe this should be 2 questions. | Maybe this should be 2 questions. | ||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
===Can open applications use the DRM encryption mechanisms in the Open and Closed modes?=== | ===Can open applications use the DRM encryption mechanisms in the Open and Closed modes?=== | ||
I can see that this could be useful. Maybe. | I can see that this could be useful. Maybe. | ||
- | |||
- | |||
- | |||
===Is there any GPLv3 software impacted?=== | ===Is there any GPLv3 software impacted?=== |
Revision as of 13:09, 16 October 2009
Suggested questions:
What is "Open Mode" and can it be revoked remotely?
Is that the right terminology? Essentially can Nokia reach out the the 2nd stage bootloader and tell it to stop running unsigned kernels. Maybe this should be 2 questions.
Can open applications use the DRM encryption mechanisms in the Open and Closed modes?
I can see that this could be useful. Maybe.
Is there any GPLv3 software impacted?
Please have a license discussion somewhere and let us know when you have consensus. What is Nokias position? Peter made a statement at the talk - can someone transcribe it and/or get Nokia to clarify.
What exactly is available to the end user?
- storage encryption ?
- PIM data encryption ?
- encrypted/signed communications (phone, sms/mms, mails, IM) ?
How does closed mode affect on-device debugging?
For example, will ptrace(2) still work (eg gdb, strace & ltrace)? Will we be able to produce code dumps?
Will DRM-free data and DRM-free applications be accessible from both modes once they're installed/created in either of the two modes?
E.g.: I start in DRM-mode, install DRM-free applications from Extras, take 3 pictures, add some contacts. Then I switch to DRM-free mode: Will I be able to run the applications installed in DRM-free mode, view and edit my contacts and view and edit my own pictures? (And the other way round, of course, starting from DRM-free mode and switching to DRM afterwards.)
What is open mode good for at all?
Provided you don't consume digitally restricted media and don't purchase applications that in any way rely on DRM: You don't need DRM-mode then, but on the other hand why would you want DRM-free mode? What is it you cannot do in DRM-mode in such a scenario? Use case?
What is ARM's TrustZone?
The official ARM TrustZone page: http://www.arm.com/products/security/trustzone/index.html
Can the Trusted Execution Environment (TrEE) be used as a kill switch for the device even if it runs in open mode?
Maintaining the discussion
On the talk.maemo.org thread, I suggest that end-users are kept at arms' length from this page and we use it as a proper communication mechanism between the community and Elena et al. --Jaffa 10:43, 13 October 2009 (UTC)
More discussion in the #maemo chat which was going on concurrently with the talk and a few flickr photos. --Jaffa 11:20, 13 October 2009 (UTC)