The Dink Network

Reply to Re: Millimeter talks about copyright

If you don't have an account, just leave the password field blank.
Username:
Password:
Subject:
Antispam: Enter Dink Smallwood's last name (surname) below.
Formatting: :) :( ;( :P ;) :D >( : :s :O evil cat blood
Bold font Italic font hyperlink Code tags
Message:
 
 
January 13th 2016, 05:55 PM
dinkdead.gif
millimeter
Peasant He/Him Canada
Millimeter is Wee-Lamm, Recording Artist. :-) 
Data:
I do not. That has nothing to do with me trusting the hardware; it has everything to do with me not trusting the OS.

Proof we are not on the same page here, is in your comment above. When it comes to connecting through your mobile device, it doesn't matter whether "you" trust your O/S or not, nor whether "you" trust the hardware or not. It is entirely about whether the "O/S" trusts the "hardware" or not.

During the design stage, it was determined by the concept team that the end user would want some influence over what could access GPS generated data with the human notion that sometimes we just want to remain hidden. In this regard, the GPS has been deemed a critical component and has restricted access to background processes, unless the user relaxes this restriction.

In the Implementation phase, there were no prior conditions identified to require security to other sensors, such as gyroscope, camera, mic, etc. As such, those devices are seen as trivial components and have unrestricted access to background processes, unless the user can implement restrictions, which is not likely to occur and especially in rooted/jail-broken devices.

When you consider that authentication occurs between the Session and Presentation layers, where it can serve to elevate Transport and Network privilege or not, while these unrestricted components exist in the Hardware layer, we see the problem. Though we tend to see the Camera and Mic in the same relationship as we see the + and - button on a calculator, it makes more sense to see the device as a private network, where each component is a node and they are either critical and have restricted access or are trivial and have unrestricted access.

Personal research will show that I am not speaking my hypothetical notions. I must admit though, that this has opened the market for security appliances to trap some of these device intrusions, before they can traverse our networks and reach our sensitive data. Sadly though, it is difficult to eliminate the threat of Social engineering and challenging to prevent social media from being accessed through mobile devices, which we have also allowed to connect to our networks.

Mm