Forgive me if this sounds bitter, but as a wireless subscriber who has an Android phone I am not inclined to think of ways to help the carriers better lock down their phones. There is indeed defense against a physically local attacker, as evidenced by the month between release of the G2/Vision and its rooting. Ultimately, it's rooting had nothing to do with physical proximity.
However, I agree that having no defense against a physically local attacker would be a very good thing. If all phones shipped with an "engineering" SPL that would be great. It would also make it more attractive for android hackers to contribute to kernel security rather than assuming that their only way out of jail is to exploit it. "App developers, carriers, OEMs, et al. should work with users, not against them." +1 to that Steve On Dec 20, 2010, at 2:05 PM, Chris Palmer wrote: > 1a. There is no defense against a physically local attacker. > > 1b. That's a good thing. > > 2. Earlence is right: The Linux kernel is weak. We should focus our > efforts on making it a smaller and harder target, not a bigger and > dumber target. (All COTS kernels are weak. Non-COTS kernels usually > come with dubious or even laughable claims of security.) > > 3. App developers, carriers, OEMs, et al. should work with users, not > against them. There are many win-win-win scenarios. Example: People > rooted their phones to get a tethering feature. Froyo added it as a > native feature, obviating that reason to root. Some carriers/OEMs > actually disable that feature of Froyo; if they were smart, they'd > simply charge more for a premium data plan. As it is, people will root > those phones (1a, 2) and then use data heavily (1b). Result: The > carrier gets no extra revenue from self-selecting premium feature > users, the user has an annoying and possibly unsafe experience, and > there is a tragedy of the commons (some data hogs eat all the > bandwidth, causing dumb carriers to lock down even harder on data > usage...). > > 4. "Root" and "su" are not acronyms or capitalized for any other reason. -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
