LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

NSA releases security-enhanced Android (The H)

NSA releases security-enhanced Android (The H)

Posted Jan 19, 2012 0:12 UTC (Thu) by rqosa (subscriber, #24136)
In reply to: NSA releases security-enhanced Android (The H) by gidoca
Parent article: NSA releases security-enhanced Android (The H)

> Not everyone wants to flash their own firmware.

If someone doesn't care whether or not they can install an OS on their own computer, that means they don't care whether or not someone else (e.g. the carrier or the manufacturer) has control over their computer. Those people probably don't care about FLOSS at all — at least, they must not care whether or not they can exercise the rights granted by the software's license.

> It's useful to have exploits to get root access on the stock firmware

But there are Android devices on the market already that are unlocked to the user / owner. Users who care about the cause of promoting "unlocked" / "un-Tivoized" hardware ought to vote with their money in favor of these unlocked devices, rather than finding ways to hack the locked-down ones (thereby economically supporting the user-hostile vendors that lock their devices).

Furthermore, having control over one's own hardware means being able to run any software (that doesn't exceed the hardware resource limits) on it. Preventing people from using SELinux on their own hardware is contrary to giving control to hardware owners (and is likely to give control to malware authors instead of hardware owners).

(Log in to post comments)

NSA releases security-enhanced Android (The H)

Posted Jan 19, 2012 15:08 UTC (Thu) by rich0 (guest, #55509) [Link]

There are exactly 4 android phones that are supplied by the OEM unlocked to the user - only two of which are of any value at all today:

1. The ADP.
2. The Nexus One.
3. The Nexus S.
4. The Galaxy Nexus.

If you don't like those particular modules, you're SOL (well, you end up rooting some other phone, until vendors decide to increase their security). There just isn't much diversity in the Nexus line.

All four models have sold with premium pricing - the Nexus S eventually made it down to a subsidized $200 price tag, which is relatively high, and I imagine the Galaxy Nexus will do the same. It isn't hard to find locked android smartphones for under $100, and I got a G2 for free.

I'm all for buying unlocked hardware, but I find it hard to justify paying $100 for hardware that I actually prefer less, simply because the OEM isn't locking it down. It makes far more sense to look at locked phones that already have exploits available.

NSA releases security-enhanced Android (The H)

Posted Jan 19, 2012 18:26 UTC (Thu) by raven667 (subscriber, #5198) [Link]

I think the prices are a little better now, I got a Nexus S with a new contract for $50 for the holidays. I got it because it was an unlocked, unadulterated device that I could play around with as much as I want, unlike my iPhone 3GS

NSA releases security-enhanced Android (The H)

Posted Jan 21, 2012 7:39 UTC (Sat) by rqosa (subscriber, #24136) [Link]

> I find it hard to justify paying $100 for hardware that I actually prefer less, simply because the OEM isn't locking it down. It makes far more sense to look at locked phones that already have exploits available.

But for someone who cares about the continued availability of unlock{ed,able} Android devices in the marketplace, it makes sense to support the manufacturers that intentionally make their devices that way, instead of supporting those that tried to lock down their devices and failed.

NSA releases security-enhanced Android (The H)

Posted Jan 22, 2012 13:35 UTC (Sun) by job (guest, #670) [Link]

That's not entirely true. HTC and Sony-Ericsson both offer software to the end-user to unlock a many models of their phones. They may not ship unlocked but they are trivially easy to unlock with the provided software.

NSA releases security-enhanced Android (The H)

Posted Jan 19, 2012 15:20 UTC (Thu) by gidoca (subscriber, #62438) [Link]

I _do_ care that I can install whatever OS I like on my smartphone should I need it sometime, and I did vote with my money: I bought a SonyEricsson because they offer the possibility to unlock the bootloader. Right now, however, the most important thing to me is that it just works, as I don't have any other working phone, so I'll stick with the stock Android for now. Therefore, it is _also_ important to me that I have the possibility to obtain root privileges on the stock distribution, as this allows me to run any user mode software, which is sufficient for most of the things I might want to do. I'm not saying people shouldn't use SELinux on their device when they choose to, but I think having control over how the stock firmware works (i.e., having root access) is useful even with an unlocked bootloader.

NSA releases security-enhanced Android (The H)

Posted Jan 21, 2012 7:45 UTC (Sat) by rqosa (subscriber, #24136) [Link]

> having root access) is useful even with an unlocked bootloader.

It's true that it makes it more convenient, but it's not a requirement for ensuring that the user controls their own hardware.

(What's more, one could argue that, in the presence of untrusted user-space software, having an enforceable security policy in the OS is required to ensure that the user maintains control over their hardware.)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds