06-18-2011 03:11 AM
I just purchased the new Thrive Tablet and have a curiosity on how secure it is. There is no mention of that on the specifications, etc on it and I was wondering how that worked with it since it does work with emails, files, etc..
I would appreciate if a Tech would answer and let me know on this subject. I am looking forward to receiving the Tablet.
07-10-2011 10:31 PM
Most security issues people face are rooted either in a bad user decision, which BTW get back to me if you want that Spanish national lottery winnings, or exploits of glaring holes in their operating system. This is an inherently secure product, as much as can possibly be expected, provided you can't make it to that Nigerian conference... Don't forget to bring your wallet...
In order to answer this as a tech type I'll just toss out some things you can look up if you like. Android is based on Linux which is similar to Unix. It's produced by a lot of security minded guys. The Android environment is based on Java and each application runs in it's own sandbox with it's own user account. Application permissions are displayed when you download an app so you can see exactly what they have access to. The encryption models and the design are as good as it gets. Compared to Windows which inherently makes every program everywhere runnable and happily drops them anywhere on your system without asking and then runs scripts that can wipe everything, again without asking, this is the last place to expect a problem.
The weak point in this is that applications are not heavily inspected like with the Apple model to allow for a more free flowing creative environment with more activity. Actual risk of exposure typically is very short on brand new apps or uploads as the occasional app is snagged by Google when reported.
I run a Linux desktop and local network at home and admin my web site. If I had to use a Windows box I would probably try to use my tablet even more as it is definitely more secure than any Windows box not admined by a paranoid security expert.
07-29-2011 11:07 AM
Even Apple has its problems - the PDF to root (visit website to jailbreak) and bad certificate chain handling (I could impersonate anyone and do a man-in-the-middle attack against any iOS device).
It is better to be a bit paranoid and check rather than to trust Apple will get it right - somewhere in that 55 page agreement it probalby says they aren't responsible.
07-29-2011 12:06 PM
I don't know much about security, just the basics; and I am not a tech but I thought I'd throw in my two pennies. On one side I see the need to use a secure network for any internet activity or file transfer, that includes email and banking and things of that nature. My wireless network is encrypted and I have a firewall; I also use a security suite from MacAfee (which is free from my IPS) on my pc's and my laptop; I use Webroot on my android devices; is this the security you are referring to?
Then on the other side, I don't do online banking or pay bills on my tablet, even though I can do it, I don't trust it enough. I know that encryption has grown to be pretty sofisticated, so I would assume that the environment is very secure when adding all of the above: secure WiFi, firewall, antivirus, antispam and all that to the network I use.
I agree; Linux is based on Unix and it is stable and secure, that is why Apple boasts about not being attacked by viruses, or at least not being as vulnerable as Windows. Android is based on Linux, as far as I know, so a high level of security is already inherent in it; I think the risk is dowloading an app or opening a file that has not been scanned, or checked, or originated from an unknown source.
I don't know if I'm making sense, I hope I'm not adding confusion to the thread, like I said, I'm just a neophyte.
Then I see another issue; which is google. Everything I do with my tablet or my android phone is done by using my primary email address, which is owned by Google; I think that as long as they keep the system secure I should be okay, but what happens when Google decides to take me out of the equation? I'm just saying.
This is a good post, it has gven me the curiosity to research the topic, so thank you all for sharing.
10-03-2011 07:42 PM
Mr Bill, I have read the instructions thoroughly, and can find no reference to any fire wall, virus program, or any other net security. If the Thrive has it, they are sure being quiet about it. As it is, I'm very reluctant to use the tablet for anything other than a toy. Perhaps someone from Toshiba could enlighten us as to how to get secure.
10-04-2011 07:13 AM
10-04-2011 08:48 AM - edited 10-04-2011 08:50 AM
As I replied in another post you decided to take over with you security questions, i'll reply here. And please read carefully, I'm trying to word this not to offend, but to enlighten you of the way this works. It's secure by default.
First, the thrive is running android, which is a take on linux.
Now some things to note, unlike windows, which by default has a couple of servers running in the background, like file servers, etc. Android has nothing of the like, by default. No open ports, nothing, unless you install a program to open a port. Therefore no need for a local firewall. Nothing to attack, means nothing to protect.
More importantly, firewalls should only be used on local machines if you are on an unsafe network. So if you have a firewall on your PC on your home computer on your home network, that's a waste. If you have a router, that will provide sufficient firewall protection to the internet.
Anti-Virus, now the thrive comes with Kapersky, a decent enough antivirus for android. But viruses on android don't have much they can do! The way android is set up is secure enough to prevent apps from having access to your system files, and other apps, unless you explicitly accept these permissions. So there is no real need for an anti-virus, because it actually can't do anything, it doesn't have the capability, due to the sandbox effect that android impliments.
(unless you root, and there are tools that prevent this when you root your android device)
Ah, spam filtering, was your last item on another post. Spam filtering should never be done on your local computer, that is what your email host provider should be doing. Gmail provides this for free. Many other ISPs/ESP also provide this for free, at the server side, where they get your incomming mail, literally before it reaches your inbox.
If you don't have spam filtering provided by your email service provider, you need to really rethink who your provider is. (Gmail has services to be an email host for your domain, if you have a personal domain name you use.)
And yes, in my professional opinion, no android device, nor ipod/ipad device should be considered anything more than a toy. Because they aren't really designed for professional or office use. The enviornment of it, just isn't really ready for a work environment.
dont get me wrong, there are some great apps I use to provide me tools for my job, but they are pretty specific. And unless there are specific apps for your use, then it is, just back to a "nice to have", toy.
10-04-2011 11:54 AM
IMHO, there's no such thing as secure by default, unless you're going encrypted point to point. So, the Thrive is basically unprotected. I shouldn't access my broker account, and likewise, I should assume that at some point, I'll have to reload factory settings, as some tech genius will eventually get around to putting a trojan or worse on the device.
When I'm travelling, using wi-fi servers in various convention centers/hotels, McDonalds, etc., which do not have spam filters, we are just left high and dry???
Anyway, appreciate you sharing your opinion. I did hit the reply button to reply to a specific point, but, as you must know by now, the Toshiba forum ignores that and just puts your post where ever.
10-04-2011 12:56 PM
This was also sent in a PM to John_Brook:
Open Response to his post,
So not to attack you, but to clear things up, hopefully. I am an IT Systems Admin, and have been in this field of work for 10 years.
A firewall blocks attempts of attacks at an open port on a computer, or system. An open port requires a service running on the machine to wait for a connection attempt.
Now on a linux system (android included), there are no open ports; without a server or service waiting for a connection, meaning a firewall would be pointless if you have nothing waiting to be "attacked". By nature, linux, and android has no open ports. Therefore, nothing to compromise. Now if you install an app/service, SSH server, or a file sharing server, that would open a port, and allow you "vulnerable to attack".
By default windows computers left you open to attack because every windows workstation has a file server running, along with other back-end services.
Which being on an unknown network, with unknown people can be dangerous to any data you have on your machine. Where in Windows, Yes, I agree, you need a firewall. But this isn't the case on android systems, and linux systems.
But, a firewall on a device, like an android device, is useless, since there is nothing to attack. To prove this, you can run a port scan with software like nmap against your machine, to find open ports. There are 49151 ports available to any service to open and wait for a connection.
I understand your fear on lets say Mcdonalds networks. First, each computer is seperated via the wireless access points, so yes you are behind a firewall via the access point. And most hotel access points do the same. You can ask their IT Support dept. if they perform guest access seperation. Anywhere else, I understand the concern, if they do not perform that guest access seperation. But again, there's nothing to attack on an android device.
Now, as far as a rouge app, or virus. The way android is built, each app installed has it's own user process. It has no access to other app data, (assuming you aren't rooted) it doesn't have permissions to modify or read other components/data of other apps. Also the system partition can not be touched by any app (again assuming you have not rooted your device), it's locked, nothing can touch it. Which is the reason people root their devices, because they want to modify that system partition. Unless you specify to an app they can modify other items, they can't. This falls on you if you choose to install a virus app, pay attention to user comments, thats your choice.
And a virus app can't be installed without your knowledge. It's the way android was made, to intentionally make you choose to install this stuff. Not allow everything and you can try to remove it. (This isn't windows.)
Also, none of this is my opinion, this is the way it works. I've seen it, I've worked on it, I've built (parts of) it. The system itself is designed protected first. This is why there are no need for firewalls. Hell I'm sure there are probably apps out there that will act as a firewall, but it's merely doing nothing but notifying you that something is attempting to attack you... but there's nothing open to attack.
Think of it; Like trying to use a key on a brick wall, trying to find a door. But on this wall, there are no doors.
In winodws there's a few doors, spaced far apart, and thats when you have a firewall behind the door.
Again, this is not opinion, this is just facts. You can take it or leave it, but if you want to know more, I'll be happy to give you more info. Just ask.
10-04-2011 03:35 PM
That's all you got from that? I spent my time, trying to explain how these things work, because you're paranoid; and you don't even take the time to say something nice?
10-04-2011 03:36 PM
...as you must know by now, the Toshiba forum ignores that and just puts your post where ever.
The forum really maintains the conversational structure of post but (who knows why??) the default view lists all messages sorted by time of post. If you prefer to see the conversational structure do what I did and change it in your profile.
My Settings / Preferences / Display / Format for displaying posts: Show all posts in a topic
Good luck figuring that out on your own! It took me quite a bit of experimenting.
10-05-2011 07:32 AM
You haven't helped me, except tangentally, and paranoia is in the eye of the beholder. After earning my IT MS in '74 (yes, we did have computers back then, and yes, I'm recently retired and am not keeping up on each and every OS and platform any longer), I worked gov't systems for a number of years, specifically in security issues on a number of platforms. The overriding issue is that nothing is secure, only how long you can prevent hostile attacks from succeeding. You've pointed out serious weakness in the mentality of those working on non-MS platforms in re security, which in the end will lead to a false sense of security by users and regret. I appreciate that, and now know what the system limitations are. There is no mention of security issues in the Toshiba manual, a glaring fault. The bottom line, I gather from you and others posting here, is to put no data on your Thrive which has any value to you or a hacker.
10-05-2011 07:56 AM - edited 10-05-2011 07:58 AM
The bottom line, I gather from you and others posting here, is to put no data on your Thrive which has any value to you or a hacker.
No John, the bottom line is, I treat this device as a toy. I have no sensitive data on it. But you clearly have no idea, or care for what I had wrote, or even know what you're talking about. If you truely understand security in technology, you would've understood what I had said.
To me, you have a MS in something that you have no knowledge of how it works in the real world. If you spent any time outside the Microsoft Box, you'd understand the methods that linux keeps things safe, let alone android which goes beyond standard linux.
You've probably never spent any real time with programming or ever cared to delve deep into it.... nor does it sound like you've ever taken the time to understand security in technology.
Realistically, Toshiba doesn't have to say anything in a manual about security, thats the end users descision. They provide a free tool, Kapersky (for antivirus), but ultimately that's not toshiba's responsibility.
If you really think you need a firewall, and an antivirus, and antispam on a tablet; just so you can browse the internet at a hotel, or McDonalds. Then you clearly are paranoid. But in the end, you really shouldn't be connected to the internet in the first place, because who's to say that McDonalds IT people aren't sniffing the traffic you pass in the first place. (Which if you're using wireless in an unsecure location, every byte of data is unencrypted, that anyone can store. And for traffic that is encrypted, it can be decrypted.)
If you're that worried someone will get into your precious personal information, then you should never use wireless...
10-07-2011 08:32 AM
Antivirus John, like I told you three times.
01-25-2012 10:10 AM
A Christmas story
In the days before Xmas I decided to buy myself a slate/tab/i-pad- I deserved it.
So, I started to evaluate the different models out there and in the end the Toshiba AT 105 was my preferred option. The slate does not have phone capability (3 or 4 G) but has several ports (USB, HDMI, XD etc.) which I valued very highly and is a BIG plus. I ordered the slate through Amazon.com US to be delivered to my son in Kalamazoo, USA, so he could bring it home for Xmas- “santason is coming to town”.
The slate arrived in Kalamazoo and was brought back to Stavanger- come to daddy....
My brand new slate was opened the day after arrival at Sola International Airport- as I was waiting for a delayed plane going to Ålesund to visit my parents.
After unwrapping the slate I enjoyed the cool touch on real hardened plastic including the feel of being connected to the world. Little did I know…
Turning the slate on for the first time, I started to look at the different preinstalled Apps. The contact App had one contact. Interesting, who could that be?
I expected to see a Joe Doe name with "made up" personal data.
But that was not to be, the contact name was a work colleague of mine, with a phone number attached. I call the number and he answers, he was home in the UK and had been there for a week.
(I work in a big international company with several nationalities working in Norway, )
I know my colleague from having lockers next to him in the gym at work, we do not work together on the same projects (he is in finance and I am in engineering)- I seen him sweaty , but never from work… And, I do not have his number on my mobile.
Weird, how did his name and phone number turn up on my slate?
Did Toshiba use “used memory chips” and forgot to erase the memory? Personally, I think it is great if we can reuse electronics, but Toshiba would be lining themselves up for massive lawsuits if their QC slips up like this..... I would have loved to get the phone number for Elvis…
Another theory could be that the slate was second hand and the previous owner knew my colleague. What is the likelihood of that? Assuming the slate was bought and returned in US, what is the chance that somebody in the US knows my colleague, enters his name and Norwegian mobile phone– without Norwegian prefix numbers (a local number), and that I should know him from the locker room… Words like “when hell freezes over” comes to mind.
The more interesting theories involve spies, industrial espionage and big brother sees you...
Stavanger, being the oil capital of the North Sea, attracts a lot of BIG business and it would be naïve to not think that there is some espionage going on here.
Could it be that at Sola Airport there is roaming a stealth spyware that connects to Android operating system, reads the contacts and other data, and in my case left a finger print by accident. The spyware could maybe use a “back-door” on one or more of the popular Apps that are downloaded for free or next to nothing (what is the quality control on the security for all the Apps out there?).
Android, being the last and probably the most open of the mobile operative systems is probably the least secure operating system with respect to software “glitch”, maturity and security. Every man and his dog are now uploading “home-made” Apps in attempt to be the new Steve (the race for the title is still open)
With the increasing numbers of Android operated slates and advanced mobile phones with sensitive e-mail and documents- where would you “hack-in” to get sensitive information?
The easiest would probably be at the airport, where most of the people holding sensitive information pass through with their slates and mobiles with limited security. You may not be able to hack the office network, but why bother, when you can hack the mobile at the airport and get the information you’re after anyway, safer and easier!?
So maybe we should be afraid of the stone beds and waste bins in the airports.
Being an engineer and looking at the probabilities for the above theories, I’ll go for the latter, it’s sexier and much more plausible- YES it is - I like to think as myself as James Bond… involved in high level espionage, saving the world from evil, but where are the girls and the Martini…
Anyway, if you can come up with a more interesting theory for why my colleagues name and phone number appeared on my brand new slate I look forward to hear it.
In the meantime, be careful out there with your Androids, I might have stumbled on to something…
…or is there a ghost in the machine…
01-25-2012 12:36 PM
After going through the initial setup, the Android OS syncronizes your information with Google. Most likely, it was in your Google contacts. If you use GMail, a lot of contacts will be added automatically by Google to your contacts we you e-mail them.
Copyright © Toshiba America Information Systems, Inc. All rights reserved.