Re: NSA Creates Android based Super Secure Smartphone

[Jeffrey Walton <noloader () gmail com>]

On Sat, Mar 3, 2012 at 10:22 PM,  <Valdis.Kletnieks () vt edu> wrote:
> On Sat, 03 Mar 2012 22:04:07 EST, Jeffrey Walton said:
> > Will there be an NSA sponsored Market so folks can get hardened apps?
> > Anything that adds finer grain permissions for applications is a
>
> NSA already gave us SELinux.
Yes, and a port of android to SE Android ,too.

It appears the coarse grained permissions still plague SE Android
(from reading the slides at
http://selinuxproject.org/~jmorris/lss2011_slides/caseforseandroid.pdf).
I see the slides point out "[Current Android suffers] limited
granularity, coarse-grained privilege." But I don't see where SE
Android corrected it. For example, it appears PHONE_READ_STATE still
encompasses reading a username, device serial number, IMEI, SIM ID,
call state, incoming calling number, etc.

It would have been nice if permissions were fixed (ie, finer
granularity), and see a Market which used the improved permissions.

Jeff
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.