Results 1 to 7 of 7
Like Tree9Likes
  • 7 Post By pa28pilot
  • 2 Post By TJs11thPre
  1.    #1  
    I have never been one of these people who buys every phone on launch day, but I did for the original Palm Pre. I even jumped ship from my mobile carrier in order to do it, and I didn't regret it. Eventually, I went the way of the iPhone when Sprint proved to have feet of clay, and later to a Moto X. There is no denying that some of the Google user study work that went into the design of the Moto X made it (as launched in 2013 with KitKat) one of the most usable handsets ever manufactured.

    Still, something was missing. I have always wanted a hardware keyboard, and as comfortable as I am with QNX, I didn't want a BlackBerry. I'm a security guy by background, so it's not like I hadn't thought about it though.

    Now Motorola is Lenovo, and the Moto X, originally marketed around being able to fit in one's hand, has become yet-another gigantic slab of rectangular glass. To make matters worse, the original usability functions of the Moto X under KitKat have been broken in the process of harmonizing the handset with the Lollipop codebase.

    I'm fed up. So I just bought a Pre 3. I have no illusions about the work that it will take to make it usable enough to depend on it for business use, but that's what I'm going to do, if I can.

    Perhaps I should post this in the Open webOS discussion, but I hate to take up two threads, and I suspect most of the diehards are in here anyway, but there is one big open issue.

    Some of my colleagues in the security world observed some pretty serious oversights on previous webOS platforms. I'm wondering whether there is actual interest and openness in this community to someone taking some time to assess and report on the security situation of the platform.

    I don't have a lot of time, but I care about this platform and am willing to put some time in, and it just so happens that in my circle of friends, I can't swing a cat without hitting a penetration tester (which I used to do years ago).

    So there's my story. I just want to know that if I make a good faith effort to try to help us make the platform better, I won't be met with pitchforks and torches in the event I show up to the party with bad news. I think the good news is that some of the places where I believe there to be issues may be some of the easiest ones to fix, but you never know until you get there.

    I am a part of a number of dedicated communities trying to learn from the lessons of superior technologies that didn't quite make it in the market. In fact I have a sort of informal museum of technologies at home that fit this description. (Don't even get me started about OS/2 Warp Connect.)

    I want you all to know that this community, and the webos-internals crew as a whole are some of the most inspiring, professional people with whom I have ever had the pleasure of interacting.
  2. #2  
    welcome to the anarchy. any positive contribution is appreciated.

    most of the top contributors have gone to greener pastures, but there's still a few here who are actively working, helping the slightly greater few of us who won't give up their webOS device.

    while many of the active are focusing their sparse free dev time to the LuneOS project, a very limited few are contributing specifically for legacy webOS (2.x and 3.x) These forum heroes are pretty much the only support we have in response to the latest attempts to derail webOS functionality.

    A few have attempted to offer alternative App Cats, the Preware service from webosinternals is functional but hard to upload to? (so I've heard)

    Mostly we are discussing how to patch loss of service, particularly related to tighter security measures. We've been fighting the last few weeks to maintain valid google certificates that i heard have changed from SHA1 to SHA256.

    So if you'd like to contribute anything to maintaining webOS functionality, it is WELCOME. If you haven't already, but want to read to catch up quickly, focus on the PivotCE articles by Alan Morford, and user Preemptive's threads on the status of webOS. They are our best PRPRPR $sources$ $here$.

    any specific questions, feel free to ask. i'm no dev, just a webOS fan trying to keep a head above water. but the few of us left here are simply enthusiasts who'd love some fresh input.
    Sporting my 13th Pre device, a NOS unlocked ROW Pre3!
    KURT B and petbull like this.
  3. #3  
    Amen!
    Yes, that is a Britten super bike.
  4. #4  
    Quote Originally Posted by pa28pilot View Post
    I'm fed up. So I just bought a Pre 3. I have no illusions about the work that it will take to make it usable enough to depend on it for business use, but that's what I'm going to do, if I can.

    Perhaps I should post this in the Open webOS discussion, but I hate to take up two threads, and I suspect most of the diehards are in here anyway, but there is one big open issue.

    Some of my colleagues in the security world observed some pretty serious oversights on previous webOS platforms. I'm wondering whether there is actual interest and openness in this community to someone taking some time to assess and report on the security situation of the platform.

    I don't have a lot of time, but I care about this platform and am willing to put some time in, and it just so happens that in my circle of friends, I can't swing a cat without hitting a penetration tester (which I used to do years ago).

    So there's my story. I just want to know that if I make a good faith effort to try to help us make the platform better, I won't be met with pitchforks and torches in the event I show up to the party with bad news. I think the good news is that some of the places where I believe there to be issues may be some of the easiest ones to fix, but you never know until you get there.

    I am a part of a number of dedicated communities trying to learn from the lessons of superior technologies that didn't quite make it in the market. In fact I have a sort of informal museum of technologies at home that fit this description. (Don't even get me started about OS/2 Warp Connect.)

    I want you all to know that this community, and the webos-internals crew as a whole are some of the most inspiring, professional people with whom I have ever had the pleasure of interacting.
    In the light of 'recent hacks' of systems & websites (I won't specify as there have been many and this phrase won't be out of date any time soon), I'm sure we'd all be very interested in any issues the webOS platform may have. No doubt webOS Ports will also want to know of any issues that have passed into LuneOS, though there has been significant re-engineering.

    Many of the popular eco-systems seem to have issues with systems not designed for modern connectivity or simply sacrifice security in favour of ease of use and data harvesting. The potential consequences of this may lead consumers to seek more secure operating systems and apps. Perhaps LuneOS could be one of those options.

    I assume you know about bypassing the activation and setting up the device. Some links of interest are in the signature below.
  5. #5  
    Welcome to the club

    The most obvious security liability is the (old) openssh implementation on 2.x (and 3.x)
    A 2nd possible liability could lurk in the outdated devkit, I suppose.

    May I ask why you ruled out qnx ? ... and if you ever want to complain about os/2 destiny, feel free... bought it since early v2, including devcon subscription.
    (then we can shift to the unixes that got killed, and on vms)
  6.    #6  
    Quote Originally Posted by mazzinia View Post
    Welcome to the club

    The most obvious security liability is the (old) openssh implementation on 2.x (and 3.x)
    A 2nd possible liability could lurk in the outdated devkit, I suppose.

    May I ask why you ruled out qnx ? ... and if you ever want to complain about os/2 destiny, feel free... bought it since early v2, including devcon subscription.
    (then we can shift to the unixes that got killed, and on vms)
    I don't want to post too much that's off-topic in the Pre 3 forum, but I'll try to answer your question. It wasn't so much that I'd rule out QNX, as that Blackberry required the extra step of tunneling everything through a BIS or BES, which I gather they've dropped in version 10 of their OS. The most recent Blackberry devices were also gigantic slabs, which even with a keyboard don't float my boat.

    I'm curious to see where they're headed. I have interacted with those folks on security-focused projects before, and they used to have a fair talent base of folks who might have been able to make a go of trying to harden Android. I'm not sure how many of those people are still there. I haven't taken a close look at their v10 OS, so I don't know how tight it is compared to their previous versions, either.

    The sad fact is that my all-time favorite Blackberry was one that used the Mobitex network and wasn't a phone at all. The standby time was measured in days or weeks, and it worked at times when nothing else did. When they made them all phones as well, the battery life plummeted, and the things got physically bigger.

    Right now, if I had to buy another device, it might be a Blackphone 2. I know some of the developers, and their CTO, and I was pleased to see that they've apparently gained a license to use the modern Google APIs.

    That is no small feat if you look at the histories of other companies that tried to fork the open source Android codebase and actually make a phone handset. My understanding is that Amazon talked to 11 manufacturers before they could find one to build the Fire Phone, because if you have a real license for Android, and you're a handset manufacturer, you're constrained from building a device based on forked AOSP. The consequence of this is that most handset manufacturers who try to build a product based on forked Android are forced to use things like crappy v1 Google Maps APIs, which barely work these days.

Similar Threads

  1. Returning to the webOS Fold!
    By MadManMoon in forum Palm Pre 2
    Replies: 32
    Last Post: 10/21/2011, 09:53 AM
  2. All sorts of help for Treo 700w
    By doctreo in forum Palm Windows Mobile Devices & Apps
    Replies: 4
    Last Post: 12/11/2006, 08:58 PM
  3. Treo 600 Having all sorts of problems...please help.
    By lyteedge in forum Palm OS Devices & Apps
    Replies: 9
    Last Post: 01/28/2005, 04:13 PM
  4. Returning to the fold, & the Jornada 567
    By dorelse in forum Other OS's and Devices
    Replies: 1
    Last Post: 10/22/2001, 11:21 AM
  5. New Handspring Info of all sorts!
    By jeremyf in forum General News & Discussion
    Replies: 3
    Last Post: 10/15/2001, 07:10 PM

Tags for this Thread

Posting Permissions