[Dev] Implementing Security is a pain, why not try to do without ...

Ryan Ware ware at linux.intel.com
Tue May 13 19:30:09 GMT 2014



On 5/13/14, 10:51 AM, "Dominig ar Foll (Intel OTC)"
<dominig.arfoll at fridu.net> wrote:

>Hello,
>
>I have been receiving two links about security weaknesses in the first
>Tizen device launched on the market, the Samsung nx3000 camera that I
>want to share with you.
>If you have a quick look at the reports posted on the following URLs you
>will see that it could be better.
>I know that it's 'only' a Camera and a very first Tizen based product,
>nevertheless I doubt that we want a Tizen car or a phone to be "that"
>open.
>
>In short, I hope that this very informative reading will help all if us
>(including me) who regularly curse our Tizen security constrains and the
>extra work that they force on us, to think twice at why we want/need to
>enforce a Mandatory Access Control (Smack) and Application Manifest
>enforcement in Tizen3, even if that give a bit more work.
>
>Taking the short cut will not be easier.
>
>Enjoy the reading.
>
>   http://op-co.de/blog/posts/hacking_the_nx300/
>   https://news.ycombinator.com/item?id=7711200

Thank you Dominique for posting this.  It definitely shows that people
will not miss finding issues in Tizen devices.

Ryan




More information about the Dev mailing list