Quote:
|
Originally Posted by TadW
But it seems iRex is closely watching us and trying to make our lives miserable by fixing any potential security exploit on the iLiad.
|
I would be surprised and quite a lot disappointed if the 2.5 fixes are based only on what has appeared in this forum: that would indicate that iRex itself has no sense of security, as well as none of its B2B customers.
I do expect that some B2B customers have made their own security assessments, and reported their findings to iRex. And I do very much expect iRex to have asked a third party to do a full independent assessment by now: it's just the thing to hand over to propsective customers concerned with security. It tends to be that way: a service is developed, prospective customers want assurance that the service is secure, and the developers call in independent experts to do that evaluation. If everyone are serious, vulnerability reporting is made -- and I have been looking very eagerly for the first Bugtraq or Secunia report about the iLiad. As none has appeared, I suspect that noone involved here has made any vulnerability reports to iRex. But I may be too hasty.
Quote:
|
But it seems it's our better chance to stand against current and future iRex efforts to sabotage our work.
|
From iRex's point ov view, and that of their customers (in which group I only include B2B customers), it probably appears the other way around. Personally, I can't help wondering if describing attempts to subvert a mobile device really is in the intererest of mobile reading in general. That it may be interesting, I'm sure of ... but I would rather see that the results were handed over to iRex than published here (see
http://www.oisafety.org/guidelines/G...nse%20V2.0.pdf for some related information.)