UBports Robot Logo UBports Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Search
    • Register
    • Login

    Let's talk about security

    Scheduled Pinned Locked Moved General
    3 Posts 2 Posters 1.3k Views 1 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
      Reply
      • Reply as topic
      Log in to reply
      This topic has been deleted. Only users with topic management privileges can see it.
      • advocatuxA Offline
        advocatux
        last edited by

        Does anyone know where I can find a UBports security roadmap?

        For example, when people download something (like images) there isn't a way to check the integrity of the software. Is there any plan to implement checksums?

        Or asking in a more general way, what's the plan to keep UBports phone secure?

        1 Reply Last reply Reply Quote 0
        • U Offline
          UniSuperBox
          last edited by

          We actually inherited a lot of image verification from Canonical by setting up system-image.

          You can read about the GPG validation chain here: https://wiki.ubuntu.com/ImageBasedUpgrades/GPG

          advocatuxA 1 Reply Last reply Reply Quote 0
          • advocatuxA Offline
            advocatux @UniSuperBox
            last edited by

            @UniSuperBox, thank you for the reply.

            Yes, I know about the GPG validation chain, and I'm confident about the communication phone-server and vice versa for the official issues, so to speak.

            I'm more interested in how to check integrity when downloading one of these images [0] directly, or in the security check of all those apps people are developing and uploading to the openstore, and things like that [1]. That's why I asked about the plan to keep UBports secure.

            [0] http://cdimage.ubports.com/devices/
            [1] Some people already tried to sneak malicious apps into the "old" Ubuntu Store.
            https://insights.ubuntu.com/2015/10/15/update-on-ubuntu-phone-security-issue/

            1 Reply Last reply Reply Quote 0

            Hello! It looks like you're interested in this conversation, but you don't have an account yet.

            Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.

            With your input, this post could be even better 💗

            Register Login
            • First post
              Last post