WebOS Internals - User contributions [en]

Research Securing Pre

2009-09-15T16:47:40Z

Tragicfame:

==Intro==
A rooted box with broadband capabilities running a web engine and [http://www.palm.com/us/company/privacy.html|Palm's Privacy Policy] clipped to your belt? Anyone else nervous about this?

So here we'll explore some of the general best practices that sysadmins using Linux normally employ when securing their systems and how such practices can be used on the Palm Pre to provide a higher level of privacy and security on your device.

==System Logging mechanisms==
* [[Research_RDXD| RDXD Logging facility]]
* [[Research_Uploadd_| Uploadd facility]]
* [[Research_PmLog_| PmLog (syslog alternative)]]
* [[Research_Secure_Logging_Recommendations|Alternative Logging configuration for security and privacy]]

==Networking Configurations==
Protocols listening for any inbound connection
* [[Research_tcp_14400|TCP Port 14400]]
* [[Research_tcp_53|TCP Port 53]]
* [[Research_tcp_16888|TCP Port 16888]]
* [[Research_tcp_16889|TCP Port 16889]]
* [[Research_tcp_4444|TCP Port 4444]]
* [[Research_tcp_4445|TCP Port 4445]]

The Palm Pre does have iptables installed, so lets look at the [[Research_iptables_configuration|Current Iptables configuration]] with that in mind, lets look at an [[Research_Secure_Logging_Recommendations|alternative Iptables configuration for security and privacy]].

Research RDXD

2009-09-15T16:39:23Z

Tragicfame:

==Overview==
Let's discuss the [http://www.palm.com/us/company/privacy.html|Palm Privacy notice]... Palm explicitly reserves the rights to collect from your phone, all location information acquired, any system logs, any messages, emails, phone calls, and pretty much any other information you store or process on your phone. Worse off, they also explicitly reserve the right to send any of that information to any of their third party affiliates. I don't know about you, but that prompted an immediate email to Palm's Privacy email to request an immediate Opt Out. But lets look at some of the guts behind that. The rdxd facility is one of serveral on the Palm Pre that aggregates system usage information into packages sent to Palm. The rdxd facility handles the collection of the contents of /var/log and a few other miscellaneous things. This practice is common for sysadmins who want to keep tabs on a wide variety of servers. Whether or not you want this information going to Palm is yet another question.

==/etc/rdxd.conf==

This is the main configuration file for the rdxd facility. It defines each of the text files that are generated and sent off and provides the scripts that are used to generate the text files. There are two main variables that presumably define how rdxd operates. These two variables are AutoUpload and MaxPendingReports. Presumably, these determine if rdxd should automatically upload files and how many it should keep on hand between sends. However, I've not located documentation to verify this yet. The developers of this script comment the variables as "TODO: document this".

==/var/log/rdxd==
Each of the ".txt" files is stored into a gziped and tarred archive located in /var/log/rdxd/pending and /var/log/rdxd/uploaded.

===minicore.txt===

*Used to track events in [[research_minicores|/var/minicores]]
*Created by [[research_parse_minicore.sh|/usr/lib/rdxd/parse_minicore.sh]]

present if a crash happens, this could be of some concern depending on what application you're running. This is essentially a stack trace of the error that occurred. There's no memory data contained in the file, only the procedures that resulted in the crash, so I wouldn't think it too horribly concerning.

===javadump.txt===
*Used to track events in [[research_javadumps|/var/javadumps]]
*Created by [[research_parse_javadump.sh|/usr/lib/rdxd/parse_javadump.sh]]

===cro.txt===
*Used to track events in [[research_cro|/var/cro]]

===touchpaneldump.txt===
*Used to track events in [[research_touchpaneldump|/var/touchpaneldump]]

===javaoom.txt===
*Used to track events in [[research_javaoom|/var/javaoom]]

===fsck_dirty.txt===
*Used to track events in [[research_fsck|/var/fsck]]

===kernelpanic.txt===
*Used to track events in [[research_kernelpanics|/var/kernelpanics]]

===misc.bin===
*Used to track events in [[research_misc.bin|/var/misc]]
*Created by [[research_parse_miscellaneous.sh|/usr/lib/rdxd/parse_miscellaneous.sh]]

==CONTEXTLOG==
According to the Script Author, the context log is used for: "This section contains files that provide contextual information to a crash report, but are not indicative of a crash themselves. For instance logs serve this purpose. When rdxd detects a crash it will run each of the following scripts passing a path to the desired output. The script must produce a file at the provided path."

===sysinfo.txt===
*Generated by [[research_makesysinfo|/usr/lib/rdxd/make_sysinfo.sh]]

Creates a text file with the output of the following commands:
cat /proc/cpuinfo
cat /sys/class/mmc_host/mmc0/mmc0:0001/manfid
cat /sys/class/mmc_host/mmc0/mmc0:0001/oemid
cat /sys/class/mmc_host/mmc0/mmc0:0001/serial
cat /sys/devices/w1_bus_master1/w1_master_slaves
cat /proc/mounts
uptime
df -h
ps -f (ran as root)
jthreads
jps

This file should be very concerning. Checking out your latest porn on your phone? Well, if you're doing it when this process collects this information, Sprint and Palm and any other third party affiliate will know. (Don aluminum foil hat).

===syslog.txt===
*Generated by [[research_dumplog.sh|/usr/lib/rdxd/dumplog.sh]] using /var/log/messages

This is a listing of the syslog log file. Of interest is the shear noise that Luna puts off. Any time you change a preference on your phone, Luna logs it. Times when your phone goes to sleep are also logged. Connections and disconnections from the network are logged. Luna also does make some entries regarding usage of apps. Primarily I saw each time I started the Youtube app listed in there. It did capture the event that created the minicore file as well. So there's good time stamps of logging the event. Overall, aside from tracking some basic activity and usage, I didn't see much in this file to be overly alarmed by.

===fsck.txt===
*Generated by [[research_dumplog.sh|/usr/lib/rdxd/dumplog.sh]] using /var/log/fsck.log

This file reports which version is installed and the status of the mounted partitions. It could be derived how much space on your device or how many files your device might be holding. Of little to no concern.

===manifest.txt===
*Generated by [[research_make_manifest|/usr/lib/rdxd/make_manifest.sh]]

This is a file that concerns me greatly. This is essentially a listing of all packages and their versions that are installed on the machine. So if you're using home brew apps, this will be how Sprint or Palm will know what you're doing. Of moderate to high concern.

===dmesg.txt===
*Generated by [[research_make_kernel|/usr/lib/rdxd/make_kernel.sh]]

This file is a listing of your dmesg data. From this data it is possible to determine if any modifications have been done to the system hardware perimeters or if you've done things like installed any tethering packages that utilize usbnet. Of minor concern.

===rootfs_history.txt===
*Generated by [[research_dumplog.sh|/usr/lib/rdxd/dumplog.sh]] using /etc/rootfs_open.log

==overview.txt==
This file identifies your phone. It contains the serial number, MEID or IMEI (guess they plan on having a GSM version), the build information (including service provider), and a listing of all files attached.

Research Securing Pre

2009-09-15T16:36:03Z

Tragicfame:

===Intro===
A rooted box with broadband capabilities running a web engine and [http://www.palm.com/us/company/privacy.html|Palm's Privacy Policy] clipped to your belt? Anyone else nervous about this?

So here we'll explore some of the general best practices that sysadmins using Linux normally employ when securing their systems and how such practices can be used on the Palm Pre to provide a higher level of privacy and security on your device.

Some topics to consider:
* System Logging mechanisms
** [[Research_RDXD| RDXD Logging facility]]
** [[Research_Uploadd_| Uploadd facility]]
** [[Research_PmLog_| PmLog (syslog alternative)]]
** [[Research_Secure_Logging_Recommendations|Alternative Logging configuration for security and privacy]]
* To be added to....

Research RDXD

2009-09-15T16:31:20Z

Tragicfame:

==Overview==
Let's discuss the [http://www.palm.com/us/company/privacy.html|Palm Privacy notice]... Palm explicitly reserves the rights to collect from your phone, all location information acquired, any system logs, any messages, emails, phone calls, and pretty much any other information you store or process on your phone. Worse off, they also explicitly reserve the right to send any of that information to any of their third party affiliates. I don't know about you, but that prompted an immediate email to Palm's Privacy email to request an immediate Opt Out. But lets look at some of the guts behind that. The rxdx facility is one of serveral on the Palm Pre that aggregates system usage information into packages sent to Palm. The rxdx facility handles the collection of the contents of /var/log and a few other miscellaneous things. This practice is common for sysadmins who want to keep tabs on a wide variety of servers. Whether or not you want this information going to Palm is yet another question.

==/etc/rxdx.conf==

This is the main configuration file for the rxdx facility. It defines each of the text files that are generated and sent off and provides the scripts that are used to generate the text files. There are two main variables that presumably define how rdxd operates. These two variables are AutoUpload and MaxPendingReports. Presumably, these determine if rdxd should automatically upload files and how many it should keep on hand between sends. However, I've not located documentation to verify this yet. The developers of this script comment the variables as "TODO: document this".

==/var/log/rxdx==
Each of the ".txt" files is stored into a gziped and tarred archive located in /var/log/rdxd/pending and /var/log/rdxd/uploaded.

===minicore.txt===

*Used to track events in [[research_minicores|/var/minicores]]
*Created by [[research_parse_minicore.sh|/usr/lib/rdxd/parse_minicore.sh]]

present if a crash happens, this could be of some concern depending on what application you're running. This is essentially a stack trace of the error that occurred. There's no memory data contained in the file, only the procedures that resulted in the crash, so I wouldn't think it too horribly concerning.

===javadump.txt===
*Used to track events in [[research_javadumps|/var/javadumps]]
*Created by [[research_parse_javadump.sh|/usr/lib/rdxd/parse_javadump.sh]]

===cro.txt===
*Used to track events in [[research_cro|/var/cro]]

===touchpaneldump.txt===
*Used to track events in [[research_touchpaneldump|/var/touchpaneldump]]

===javaoom.txt===
*Used to track events in [[research_javaoom|/var/javaoom]]

===fsck_dirty.txt===
*Used to track events in [[research_fsck|/var/fsck]]

===kernelpanic.txt===
*Used to track events in [[research_kernelpanics|/var/kernelpanics]]

===misc.bin===
*Used to track events in [[research_misc.bin|/var/misc]]
*Created by [[research_parse_miscellaneous.sh|/usr/lib/rdxd/parse_miscellaneous.sh]]

==CONTEXTLOG==
According to the Script Author, the context log is used for: "This section contains files that provide contextual information to a crash report, but are not indicative of a crash themselves. For instance logs serve this purpose. When rdxd detects a crash it will run each of the following scripts passing a path to the desired output. The script must produce a file at the provided path."

===sysinfo.txt===
*Generated by [[research_makesysinfo|/usr/lib/rdxd/make_sysinfo.sh]]

Creates a text file with the output of the following commands:
cat /proc/cpuinfo
cat /sys/class/mmc_host/mmc0/mmc0:0001/manfid
cat /sys/class/mmc_host/mmc0/mmc0:0001/oemid
cat /sys/class/mmc_host/mmc0/mmc0:0001/serial
cat /sys/devices/w1_bus_master1/w1_master_slaves
cat /proc/mounts
uptime
df -h
ps -f (ran as root)
jthreads
jps

This file should be very concerning. Checking out your latest porn on your phone? Well, if you're doing it when this process collects this information, Sprint and Palm and any other third party affiliate will know. (Don aluminum foil hat).

===syslog.txt===
*Generated by [[research_dumplog.sh|/usr/lib/rdxd/dumplog.sh]] using /var/log/messages

This is a listing of the syslog log file. Of interest is the shear noise that Luna puts off. Any time you change a preference on your phone, Luna logs it. Times when your phone goes to sleep are also logged. Connections and disconnections from the network are logged. Luna also does make some entries regarding usage of apps. Primarily I saw each time I started the Youtube app listed in there. It did capture the event that created the minicore file as well. So there's good time stamps of logging the event. Overall, aside from tracking some basic activity and usage, I didn't see much in this file to be overly alarmed by.

===fsck.txt===
*Generated by [[research_dumplog.sh|/usr/lib/rdxd/dumplog.sh]] using /var/log/fsck.log

This file reports which version is installed and the status of the mounted partitions. It could be derived how much space on your device or how many files your device might be holding. Of little to no concern.

===manifest.txt===
*Generated by [[research_make_manifest|/usr/lib/rdxd/make_manifest.sh]]

This is a file that concerns me greatly. This is essentially a listing of all packages and their versions that are installed on the machine. So if you're using home brew apps, this will be how Sprint or Palm will know what you're doing. Of moderate to high concern.

===dmesg.txt===
*Generated by [[research_make_kernel|/usr/lib/rdxd/make_kernel.sh]]

This file is a listing of your dmesg data. From this data it is possible to determine if any modifications have been done to the system hardware perimeters or if you've done things like installed any tethering packages that utilize usbnet. Of minor concern.

===rootfs_history.txt===
*Generated by [[research_dumplog.sh|/usr/lib/rdxd/dumplog.sh]] using /etc/rootfs_open.log

==overview.txt==
This file identifies your phone. It contains the serial number, MEID or IMEI (guess they plan on having a GSM version), the build information (including service provider), and a listing of all files attached.

Research RDXD

2009-09-15T16:23:34Z

Tragicfame: New page: ==Overview== Let's discuss the [http://www.palm.com/us/company/privacy.html|Palm Privacy notice]... Palm explicitly reserves the rights to collect from your phone, all location information...

==Overview==
Let's discuss the [http://www.palm.com/us/company/privacy.html|Palm Privacy notice]... Palm explicitly reserves the rights to collect from your phone, all location information acquired, any system logs, any messages, emails, phone calls, and pretty much any other information you store or process on your phone. Worse off, they also explicitly reserve the right to send any of that information to any of their third party affiliates. I don't know about you, but that prompted an immediate email to Palm's Privacy email to request an immediate Opt Out. But lets look at some of the guts behind that. The rxdx facility is one of serveral on the Palm Pre that aggregates system usage information into packages sent to Palm. The rxdx facility handles the collection of the contents of /var/log and a few other miscellaneous things. This practice is common for sysadmins who want to keep tabs on a wide variety of servers. Whether or not you want this information going to Palm is yet another question.

==/etc/rxdx.conf==

This is the main configuration file for the rxdx facility. It defines each of the text files that are generated and sent off and provides the scripts that are used to generate the text files. There are two main variables that presumably define how rdxd operates. These two variables are AutoUpload and MaxPendingReports. Presumably, these determine if rdxd should automatically upload files and how many it should keep on hand between sends. However, I've not located documentation to verify this yet. The developers of this script comment the variables as "TODO: document this".

==/var/log/rxdx==
Each of the ".txt" files is stored into a gziped and tarred archive located in /var/log/rdxd/pending and /var/log/rdxd/uploaded.

===minicore.txt===

Used to track events in /var/minicores
Created by /usr/lib/rdxd/parse_minicore.sh

present if a crash happens, this could be of some concern depending on what application you're running. This is essentially a stack trace of the error that occurred. There's no memory data contained in the file, only the procedures that resulted in the crash, so I wouldn't think it too horribly concerning.

===javadump.txt===
Used to track events in /var/javadumps
Created by /usr/lib/rdxd/parse_javadump.sh

===cro.txt===
Used to track events in /var/cro

===touchpaneldump.txt===
Used to track events in /var/touchpaneldump

===javaoom.txt===
Used to track events in /var/javaoom

===fsck_dirty.txt===
Used to track events in /var/fsck

===kernelpanic.txt===
Used to track events in /var/kernelpanics

===misc.bin===
Used to track events in /var/misc]
Created by /usr/lib/rdxd/parse_miscellaneous.sh

==CONTEXTLOG==
According to the Script Author, the context log is used for: "This section contains files that provide contextual information to a crash report, but are not indicative of a crash themselves. For instance logs serve this purpose. When rdxd detects a crash it will run each of the following scripts passing a path to the desired output. The script must produce a file at the provided path."

==sysinfo.txt===
Generated by /usr/lib/rdxd/make_sysinfo.sh

Creates a text file with the output of the following commands:
cat /proc/cpuinfo
cat /sys/class/mmc_host/mmc0/mmc0:0001/manfid
cat /sys/class/mmc_host/mmc0/mmc0:0001/oemid
cat /sys/class/mmc_host/mmc0/mmc0:0001/serial
cat /sys/devices/w1_bus_master1/w1_master_slaves
cat /proc/mounts
uptime
df -h
ps -f (ran as root)
jthreads
jps

This file should be very concerning. Checking out your latest porn on your phone? Well, if you're doing it when this process collects this information, Sprint and Palm and any other third party affiliate will know. (Don aluminum foil hat).

===syslog.txt===
Generated by /usr/lib/rdxd/dumplog.sh using /var/log/messages

This is a listing of the syslog log file. Of interest is the shear noise that Luna puts off. Any time you change a preference on your phone, Luna logs it. Times when your phone goes to sleep are also logged. Connections and disconnections from the network are logged. Luna also does make some entries regarding usage of apps. Primarily I saw each time I started the Youtube app listed in there. It did capture the event that created the minicore file as well. So there's good time stamps of logging the event. Overall, aside from tracking some basic activity and usage, I didn't see much in this file to be overly alarmed by.

===fsck.txt===
Generated by /usr/lib/rdxd/dumplog.sh using /var/log/fsck.log

This file reports which version is installed and the status of the mounted partitions. It could be derived how much space on your device or how many files your device might be holding. Of little to no concern.

===manifest.txt===
Generated by /usr/lib/rdxd/make_manifest.sh

This is a file that concerns me greatly. This is essentially a listing of all packages and their versions that are installed on the machine. So if you're using home brew apps, this will be how Sprint or Palm will know what you're doing. Of moderate to high concern.

===dmesg.txt===
Generated by /usr/lib/rdxd/make_kernel.sh

This file is a listing of your dmesg data. From this data it is possible to determine if any modifications have been done to the system hardware perimeters or if you've done things like installed any tethering packages that utilize usbnet. Of minor concern.

===rootfs_history.txt===
Generated by /usr/lib/rdxd/dumplog.sh using /etc/rootfs_open.log

==overview.txt==
This file identifies your phone. It contains the serial number, MEID or IMEI (guess they plan on having a GSM version), the build information (including service provider), and a listing of all files attached.

Research Securing Pre

2009-09-15T15:54:37Z

Tragicfame:

Research Securing Pre

2009-09-15T15:24:46Z

Tragicfame:

===Intro===
A rooted box with broadband capabilities running a web engine and [http://www.palm.com/us/company/privacy.html|Palm's Privacy Policy] clipped to your belt? Anyone else nervous about this?

So here we'll explore some of the general best practices that sysadmins using Linux normally employ when securing their systems and how such practices can be used on the Palm Pre to provide a higher level of privacy and security on your device.

Some topics to consider:
* [[Research_OS_Logging| Underlying Linux OS Logging]]
* To be added to....

Research Securing Pre

2009-09-15T15:21:10Z

Tragicfame: New page: ===Intro=== A rooted box with broadband capabilities running a web engine and [http://www.palm.com/us/company/privacy.html|Palm's Privacy Policy] clipped to your belt? Anyone else nervous ...

Portal:Research

2009-09-15T15:14:37Z

Tragicfame:

__notoc__
{{portal-header|
The Research Portal is for bleeding edge things being done with the device.

Title all pages: '''Research [description]''' or '''Reference [description]'''
}}
{{portal-two-columns
|column1=
===Research:===

* [[Applications Bundled on the Pre]]
* [[Application_Framework|Application Framework]]
* [[Blocking Updates]]
* [[New Bluetooth|BlueZ (Replacing Palm Bluetooth)]]
* [[Boot_Chain|Boot Chain]]
* [[Bootie]]
* [[ClassicFilesystem]]
* [[Decrypt SSL (trusted man-in-the-middle technique)|Decrypt SSL (trusted man-in-the-middle technique)]]
* [[Fonts available on board the Pre]]
* [[Gstreamer]]
* [[Hidd]]
* [[Introspecting_Dbus|Introspecting Dbus]]
* [[Key Codes|Key Codes]]
* [[Pre Specific Hash Codes|Pre Specific Hash Codes]]
* [[Pictures from Self-Test|Pictures from Self-Test]]
* [[Restore Debug Log|Restore Debug Log]]
* [[Reverse_Engineering_WebOS_Doctor|Reverse Engineering WebOS Doctor]]
* [[Rooted Pre Issues|Rooted Pre Issues]]
* [[Research_Securing_Pre|Securing your Pre]]
* [[Running Processes|Running Processes]]
* [[Symlink Applications|Symlink Applications]]
* [[System Sounds|System Sounds]]
* [[TestApps|TestApps]]
* [[Update Service Trace|Update Service Trace]]
* [[Tidbits|Tidbits]]
* [[VideoRecording]]
* [[WebOS Exploration - Various Information|WebOS Exploration - Various Information]]

|column2=
===Reference===
* [[Packaging Standards|Packaging Standards]]
* [[webkit_transform|Webkit Transform]]- a powerful set of commands for manipulating elements.
}}