ubuntu-phone team mailing list archive
Mailing list archive
Re: Is ubuntu phone resistant to vault 7 attacks?
There seems to be a great opportunity to obtain a higher level of security
with Ubuntu Touch than with Android.
After reading through this thread i understand that no firewall is needed
since ports are exposed at this time. Is this a design decision? if so, how
will future applications work in case they might need to open ports ? Since
there is no firewall does it mean that an app can start listening to a port
at any moment?
I also understand that the userspace in Ubuntu is simpler to see what is
going on inside, however i don't understand how this makes it more secure
Is there any existing work in Ubuntu Touch related to hardening the kernel
or userspace? I have seen here:
that AppArmor is used for application sandboxing. Is this the current
method applied in Ubuntu Touch ?
Is there any page where one can find a comparative of Ubuntu touch and
Android from a security perspective? Clarifying the situation will give
everyone more confidence.
On Fri, Mar 10, 2017 at 5:13 AM, Unix One <unix1@xxxxxxxx> wrote:
> On 03/09/2017 11:53 AM, Rodney Dawes wrote:
> > You used the SDK or phablet-shell tool to connect to the device over
> > ssh, which enabled it. It is not enabled by default on phones, even
> > when developer mode gets enabled. It also only accepts key based login,
> > and a unique key is generated for this when you use the SDK or phablet-
> > shell command to connect over ssh.
> Aha! Yes - I did indeed use the SDK for development. That makes sense.
> > Really, it should be only bound on "local" interfaces, and not the
> > cellular modem connection.
> +1, and maybe additionally - if SDK/IDE turns it on when it needs it, it
> should also turn it off when it's done.
> > Yes, you would need to disable ssh with android-gadget-service, to
> > disable it.
> Thanks for the tip!
> Mailing list: https://launchpad.net/~ubuntu-phone
> Post to : ubuntu-phone@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~ubuntu-phone
> More help : https://help.launchpad.net/ListHelp