Menu
Geekazine.com
Technology Reviews, Interviews
  • ABOUT
    • Product Reviews
    • The Gear I Use
    • Podcast Consulting
    • Rate Card
    • Jeffrey Powers – Author
    • Geekazine FAQ
    • Supporters
    • #GeekOut
    • Contest Rules
    • Blogroll
    • Privacy Policy GDPR, COPPA
  • Geekazine LIVE!
    • Hardwarecon 2019
  • Coupons
  • Contact
    • Contact
    • Write for Geekazine
    • Subscribe
  • TikTok
Close Menu
December 20, 2009

Cell Phones, Open Source, and Security

cell phones, iPhone, Linux, open source, security 1

Share on Facebook Share
0
Share on TwitterTweet
Share on Pinterest Share
0
Share on LinkedIn Share

In his most recent Geekazine podcast, Jeffrey expressed some concerns about open source software on cellphones.

I do not share those concerns.

The issue is not open source; the issue is the Linux/Unix security model, which underlies the open source cell phone operating systems (“*nix” is sometimes used to refer to Linux and Unix to the extent that they have common traits).

That model has proven itself far more secure than any of its competitors over the years.

“Open source” means that the source code of an operating system or of applications is made available to anyone using them. Under the terms of the Gnu General Public LIcense (commonly referred to as the “GPL”), the most common license used for open source software, any changes someone makes to the software must also be made available, if the changed software is also made available.

This does not mean that the software itself is open to intrusion. Theoretically, it implies that hundreds bad guys could comb the source code looking for vulnerabilities; practically, it means that thousands of good guys do the same thing, usually resulting in flaws being identified and fixed much more quickly than is the case with closed source software.

Here is a good description of the Linux Security Model. A simplified version, as it applies to most computer users, is this:

Only a root user has access to the operating system to install, uninstall, and modify programs and system configuration files. Regular users may use programs and have access to their own data files stored in their home directories (roughly equivalent to C:\Documents and Settings\[username] in a Windows system, but easier to understand).

Day-to-day computing is done as user, not as “root”; this applies to both computers and Linux cellphones. To do something as root, a user must login as “root” or otherwise obtain root privileges.

Some Linux distributions do not allow a user to log in as root; instead, the user must use the su or sudo commands from a terminal (command window) after logging is as user. In Debian and its variants, including Ubuntu, if user starts a program with a graphical interface that requires root privileges (such as the software update or software installation programs), the program demands a password before doing anything.

In Linux-based cellphones, the security model is even tighter. In Google’s Android, root access by the user is disabled by default. There are hundreds of pages on the web with work-arounds, but I’m not going to link to any of them; if you want to hack your Android, you’re on your own.

So this is why I’m not concerned about Linux-based open source software on mobile phones. Some coder may mess with the source code he or she finds out there, but he or she will not be able to get it onto a phone, at least not without the user’s help.

In contrast to Windows, which pretty much allows anyone to install anything anywhere, Linux demands credentials before someone can change stuff. Of course, if a user chooses to make those credentials available, that is not the fault of the operating system. That is PEBCAK.

By the way, the iPhone uses a variant of a *nix operating system. The recent intrusions to iPhones happened because users jailbroke the phones and failed to change the default root password (many of them, having come from the World of Windows, probably had no idea that there was any such thing). They violated Rule One of using a device: Always change the default password.*

No computer security can outwit users’ lack of diligence.

___________________________

*By the way, if you didn’t change the default password on your router when you installed it, your network is vulnerable. I noticed that router I bought recently came with an installation CD. I wondered why, since there is nothing to install, so I found a Windows computer and ran the CD. It does nothing that you can’t do simply by jacking the device into a computer with an Ethernet cable and going to http://192.168.1.1 from your browser, but it does force users to set up a password for the router and, when applicable, for the wireless network.

(Visited 118 times, 1 visits today)
The iPhone Gets Drafted Bing! Bang! Bust! TM!

Related Posts

guests, News

Popular Wearable Tech Trends for 2015?

guests

Using a Legacy Screensaver in Windows 7

guests

Free Commander File Manager for Windows

Follow to #geekout

Subscribe to Geekazine for New Notifications

Geekazine Live!


Geekazine covers consumer tech, enterprise tech, music tech, and video tech. If you want something reviewed, Contact Me.



Sponsors




TubeBuddy is awesome for any YouTuber out there. Install for free now!




Instagram

geekazine

2,791 3,386

#Geek #Podcaster #influencer of tech and music tech at geekazine.com, #Youtube [email protected] for press events, conferences.
@geekazine #geekout

Jeffrey Powers

geekazine

View

Nov 5

Open
#groundhogsday #election #election2020

#groundhogsday #election #election2020 ...

7 0

geekazine

View

Nov 12

Open
Was just on @AmazonLive Showing some of the #deals, and unboxing a @ViewSonic Portable monitor. Check it out here: https://www.amazon.com/live/channel/646dc06d-21ac-40c9-a5c0-36d63e9a8f6b #unbox #live #geekout

Was just on @AmazonLive Showing some of the #deals, and unboxing a @ViewSonic Portable monitor. Check it out here: https://www.amazon.com/live/channel/646dc06d-21ac-40c9-a5c0-36d63e9a8f6b

#unbox #live #geekout
...

2 0
Load More... Follow on Instagram

#geekout

Twitter

Tweets by Geekazine

Top 5 Posts

  • Streaming with DJI Osmo Pocket, Cosmostreamer, and Grip Gear SliderStreaming with DJI Osmo Pocket, Cosmostreamer, and… I fell in love with the DJI Osmo Pocket the…
  • Set Up Raspberry Pi As a Zoom MachineSet Up Raspberry Pi As a Zoom Machine My Pi Camera looks like Johnny 5 or Wall-E, right?…
  • HP Reinventing SMB Printing with Office Jet Pro 8025, 8035, 9015, 9025, PremierHP Reinventing SMB Printing with Office Jet Pro… I went to New York a couple weeks ago to…
  • What's Fake and What's Real on Wish.comWhat’s Fake and What’s Real on Wish.com For the last few months, I've been keeping tabs on…
  • Elgato Stream Deck XL with Companion and VICREO is Perfect for Multiple Device ControlElgato Stream Deck XL with Companion and VICREO is… I have been a fan of Elgato Stream Deck for…
Back To Top
Geekazine.com
  • Home
  • ABOUT
  • Geek Smack!
  • Appwild
  • Store
  • TV
  • Wiki
  • Polls
  • Fun
  • Contact
Congratulations! You found the Footer and copyright information! c.2020 Geekazine.com
Geekazine is a participant in the Amazon Services associates program, and earns from qualifying purchases. For more information, check out the Privacy Policy - geekazine.com/about/geekazine-privacy-policy/. Have an Awesome day!

You are awesome for coming to my website. Thank you.