Franklin Heath Ltd

Master Your Information Assets

  • Categories

  • Meta

Archive for the ‘Open Source’ Category

Raspberry Pi Fishcam – The Secure Version

Posted by Craig H on 16 August 2013

Having proved the concept using netcat, we need to add access control and make it accessible via a discoverable external address. The design is essentially the same, running the video capture command on the Pi and routing the output stream over IP to a remote client, but we use ssh (Secure SHell) as the transport to add authentication and encryption.

The first thing to do before exposing your Pi to the outside world is: change the default password! With Raspbian, the default admin user name and password is “pi” and “raspberry”. You should change the password to something that’s not based on a name or word that could be found in a cracking dictionary; best would be a randomly generated password that you write down and keep with you, or you can use initial letters of words in a sentence you can remember but others can’t guess. For extra security you could change the name of the admin account too.
Read the rest of this entry »

Posted in Authentication, Cryptography, Open Source | Tagged: , | 6 Comments »

Raspberry Pi Fishcam

Posted by Craig H on 16 July 2013

I had security concerns over installing a wireless webcam to keep an eye on our goldfish. Such things are available cheaply off the shelf, typically manufactured in China, but I’m not willing to put a device of questionable provenance on our Intranet, especially not with a direct channel out to a server in China.

I started thinking about using a Raspberry Pi and Skype as an alternative solution. As (most of) the software would be open source, that way I would only have to trust Microsoft and the NSA not to interfere with the Skype server ;-).

My Raspberry Pi camera module didn’t arrive until this week (the first production run sold out almost immediately back in May) and, unfortunately for the plan, Microsoft have turned off the ability to register a Skype developer account in the meantime :-(. Read the rest of this entry »

Posted in Open Source, Risks | Tagged: , | 4 Comments »

Is the EFF Right to be Concerned About Mobile Security Patching?

Posted by Craig H on 22 January 2011

There was a thought-provoking post yesterday from Chris Palmer, Technology Director at the Electronic Frontier Foundation (EFF). He specifically calls out Google Android, for being an open source platform but not being open about security fixes. I agree this looks bad – I’ve been following a couple of threads on the Android Security Discussions group on this topic, waiting for an answer from Google staff, but none has been forthcoming.

I don’t really blame Google for not announcing the details of fixed security vulnerabilities though; the reasons are clear, and pointed out in the EFF post (inability to patch operator-customised ROMs). The Symbian Foundation faced the same dilemma, but didn’t recklessly say they were going to announce fixed security vulnerabilities in the first place! Google should at least be honest about their policy.

That said, I disagree with the EFF on two points: Read the rest of this entry »

Posted in Open Source, Vulnerabilities | Leave a Comment »

Opening up the Security Strategy Working Group

Posted by Craig H on 6 November 2009

We’ve been trying to get a Security Strategy Working Group going, and thus far it hasn’t really taken off. Chatting with various people about this, we’ve decided that, following Symbian’s principles of open governance, we should be brave and open the discussions to the world at large.

Do please note that this is not a commitment to full disclosure of unfixed security vulnerabilities; the point of this working group is, among other things, to discuss what the right policy should be for dealing with vulnerabilities. I (Craig) favour responsible disclosure, but that’s up for discussion.

If you have an opinion on the work items (and you really should, they will affect device manufacturers, security researchers, network operators, package owners and committers, security tools vendors and anyone who even uses a Symbian Platform device) then please sign up for the mailing list!

Posted in Open Source, Vulnerabilities | Leave a Comment »

Security Strategy Working Group

Posted by Craig H on 15 October 2009

We are forming a working group to decide what the Symbian community’s strategy should be in dealing with security issues on the Symbian Platform. This is an example of Symbian’s commitment to open governance, and membership of this working group is open to any Symbian Foundation member.

There are some interesting challenges, both in the operation of this working group and in the operation of whatever processes the working group decides should be put in place, arising from the tension between the desire for openness in our dealings with the community and the harm that could be caused by disclosing security vulnerabilities to the world before a fix or workaround is available.

Full details of the remit of the working group are on the Symbian Developer wiki. We already have several working group members signed up, and if you are a Symbian Foundation member and would like to participate, please go ahead and join in!

Posted in Open Source, Vulnerabilities | 1 Comment »

We're Off and Running!

Posted by Craig H on 8 July 2009

Today we have reached a significant milestone for us Symbian security people, and for the Symbian Platform in general. The OS Security package source code is now available under the Eclipse Public License (EPL) and it is the very first package to be officially moved from the closed Symbian Foundation License (SFL) to be open sourced under the EPL.

I want to publicly thank everyone who pulled out the stops to make this happen, particularly Santosh Patil and William Roberts who did most of the heavy lifting, but also many others who were involved in the approval process inside and outside Symbian.

Why was this package the first to go through this process? There was a practical reason and a symbolic reason:

Read the rest of this entry »

Posted in Open Source | 21 Comments »

Making a Difference

Posted by Craig H on 6 July 2009

On Saturday I attended OpenTech 2009, hosted at the University of London Union. I hadn’t been before, but I was particularly intrigued by this year’s theme: Working on Stuff that Matters. The attendees were a motley collection of social activists, technology advocates and alternative lifestylers, but I think our common cause was the desire to make a positive difference in the world in some way. That really resonated with me, as that same desire was a crucial element in my decision to join the Symbian Foundation earlier this year.

I want to briefly (yes, I know I’m really bad at that ;-)) mention some of the ways that I’ve been thinking about in which we (the community) could take advantage of the unique and powerful opportunity that the Symbian Platform offers, to make that positive difference. You may or may not agree with my ideas, but the fundamental thing I want to do is to throw open the challenge. I’m going to focus on security as that’s where my expertise is, but if any other good ideas come up I’ll be happy to move them over to the main Symbian blog for further exposure.

Read the rest of this entry »

Posted in Open Source | 1 Comment »

Many Eyes and Security Incentives

Posted by Craig H on 1 April 2009

[sorry this ended up being so long, I couldn’t see a good way to split it into smaller posts!]

I am often asked whether I think that publishing the complete source code to the Symbian Platform will result in more security vulnerabilities being exploited by the “bad guys” (Internet fraudsters, malware writers, software pirates, etc.)

The short answer to that is: No. I’m confident that the advantages of collaborative open source development will more than outweigh any disadvantages of potential attackers getting easier access to the implementation details of the Symbian OS security mechanisms. There is however a longer answer explaining why I think that, which is what I’d like to share in this blog post. Read the rest of this entry »

Posted in Open Source, Vulnerabilities | 2 Comments »

Security and Going Open Source

Posted by Craig H on 23 March 2009

Over on the main Symbian Foundation blog, Tyson Key asks:

Out of interest, how would you deal with releasing the source code to “sensitive” parts of the combined Symbian OS/S60/UIQ/MOAP(S) codebase? Components involved with handling storing keys for DRM, certain hardware drivers, baseband/physical layer access code, and GSM, GPRS and UMTS radio stacks come to mind.

This is a very good question!  We’re clear on our goal, which is that devices using the Symbian Foundation platform won’t rely on any “security by obscurity”.  Although that can work (for a while) and can be a rational business decision in some circumstances, it’s not a long-term foundation for a good security architecture (especially not for one that’s going open source!).  We’ve been clear on this from the outset in designing the Symbian OS Platform Security architecture, and security is not going to be an acceptable reason for blocking the publication of any of the source code.

That said, of course real life isn’t that clear cut!  Many of the things you mention (DRM key storage, radio stack, etc.) need to work with the particular hardware platform in the device, and they aren’t (yet) standardised parts of the Symbian Foundation platform.  There are some things that need to be protected more strongly than you can do in software alone (the IMEI for example) and today phone manufacturers typically write custom code to talk to their hardware when is then embedded in the boot code, radio stack, DRM agent and so on.

The architecturally pure way to fix that is to define hardware adaptation interfaces (HAIs) which abstract the common features of these hardware security services (but at the lowest possible level of abstraction) and then generic platform components can be provided which call those HAIs, and device integrators can provide simple adaptations for the hardware platform they choose.

Today we are probably missing some of those necessary HAIs, but we hope that we will, step by step, identify which are missing, agree the definition of the HAI, and thus be able to provide a functionally complete set of generic open source components which anyone can take and build a working, secure device with a minimal amount of hardware adaptation.

That’s a quick run through of some of the issues I’ve been thinking about recently, but what do you think?

Posted in Hardware Adaptation, Open Source | 3 Comments »