Hello, There seems to be a great opportunity to obtain a higher level of security with Ubuntu Touch than with Android.
After reading through this thread i understand that no firewall is needed since ports are exposed at this time. Is this a design decision? if so, how will future applications work in case they might need to open ports ? Since there is no firewall does it mean that an app can start listening to a port at any moment? I also understand that the userspace in Ubuntu is simpler to see what is going on inside, however i don't understand how this makes it more secure than Android. Is there any existing work in Ubuntu Touch related to hardening the kernel or userspace? I have seen here: https://wiki.ubuntu.com/SecurityTeam/Specifications/ApplicationConfinement that AppArmor is used for application sandboxing. Is this the current method applied in Ubuntu Touch ? Is there any page where one can find a comparative of Ubuntu touch and Android from a security perspective? Clarifying the situation will give everyone more confidence. Kind Regards, Ermis On Fri, Mar 10, 2017 at 5:13 AM, Unix One <un...@live.com> wrote: > On 03/09/2017 11:53 AM, Rodney Dawes wrote: > > You used the SDK or phablet-shell tool to connect to the device over > > ssh, which enabled it. It is not enabled by default on phones, even > > when developer mode gets enabled. It also only accepts key based login, > > and a unique key is generated for this when you use the SDK or phablet- > > shell command to connect over ssh. > > Aha! Yes - I did indeed use the SDK for development. That makes sense. > > > Really, it should be only bound on "local" interfaces, and not the > > cellular modem connection. > > +1, and maybe additionally - if SDK/IDE turns it on when it needs it, it > should also turn it off when it's done. > > > Yes, you would need to disable ssh with android-gadget-service, to > > disable it. > > Thanks for the tip! > -- > Mailing list: https://launchpad.net/~ubuntu-phone > Post to : ubuntu-phone@lists.launchpad.net > Unsubscribe : https://launchpad.net/~ubuntu-phone > More help : https://help.launchpad.net/ListHelp >
-- Mailing list: https://launchpad.net/~ubuntu-phone Post to : ubuntu-phone@lists.launchpad.net Unsubscribe : https://launchpad.net/~ubuntu-phone More help : https://help.launchpad.net/ListHelp
