Results 1 to 19 of 19
  1.    #1  
    Why can't you just leave developer mode "on" on the pre to save urself from booting up everytime? Is it not safe to have it on or something?
  2. #2  
    Developer mode opens up the linux iptables firewall on the phone. If someone who knew what they were doing had this information, they could take over your phone through the root account.

    It's highly unlikely, though. Still, I keep mine turned off.
  3.    #3  
    Oh ok thanx for ur reply
  4. #4  
    Why can't you leave it on? Mine is always on.
  5. #5  
    Quote Originally Posted by Kasracer View Post
    Why can't you leave it on? Mine is always on.
    Did you read what I posted?
  6. groovy's Avatar
    Posts
    941 Posts
    Global Posts
    955 Global Posts
    #6  
    I know there's a theoretical danger but I've had mine on for the last several days.
  7. #7  
    I leave mine on at all times, who cares. My IP address changes every time I USB Sync, or make a phone call, or reboot the phone, so really, what does it hurt? The chances of someone even knowing how to access my phone are next to none, the chances of them finding out my ip are virtually none, the probability of something taking over my phone because I leave it in developer mode is such an astronomical number, who cares?
  8. russellpr's Avatar
    Posts
    32 Posts
    Global Posts
    59 Global Posts
    #8  
    Just use the DevMode launcher app...then gettin in and out of developer is a cinch.
  9.    #9  
    Quote Originally Posted by russellpr View Post
    Just use the DevMode launcher app...then gettin in and out of developer is a cinch.
    tru....but u still have to go thru the 2 minute reboot which is a b***h
  10. #10  
    Quote Originally Posted by Elysian893 View Post
    I leave mine on at all times, who cares. My IP address changes every time I USB Sync, or make a phone call, or reboot the phone, so really, what does it hurt? The chances of someone even knowing how to access my phone are next to none, the chances of them finding out my ip are virtually none, the probability of something taking over my phone because I leave it in developer mode is such an astronomical number, who cares?
    Security through obscurity is not security.

    Moreover...

    Nothing is showing up in /var/lib/dhcp, so I'm having trouble finding lease information, but I can tell you empirically that my IP does not renew on every network (re)connect (i.e., after every phone call, USB sync, reboot, etc.). In a quick test of 10 reset-like events, I got my same IP back twice.

    Even so, it would only take a minute (maybe less) to cron a script that would grep out your IP address from an ifconfig, and have that script send me your current IP any time it changes.

    If you've configured your Pre to run dropbear ssh services, and if you've configured dropbear to accept connections via the EVDO interface, and if you've not taken steps to prevent direct root connections, leaving your phone in dev mode for any length of time would be foolhardy at best.

    On the other hand, if you're only allowing connections via WiFi (and you're not connecting to a public WiFi access point), or if you've locked things down a bit, there's probably no harm in leaving your phone in dev mode.
  11. #11  
    Use file coaster no developer mode necssary
  12.    #12  
    Quote Originally Posted by Warblad13 View Post
    Use file coaster no developer mode necssary
    wut does that do?
  13. #13  
    Why don't you run your Windows PC without a software or hardware firewall? Same thing.
  14. #14  
    Quote Originally Posted by jeffro77 View Post
    Security through obscurity is not security.

    Moreover...

    Nothing is showing up in /var/lib/dhcp, so I'm having trouble finding lease information, but I can tell you empirically that my IP does not renew on every network (re)connect (i.e., after every phone call, USB sync, reboot, etc.). In a quick test of 10 reset-like events, I got my same IP back twice.

    Even so, it would only take a minute (maybe less) to cron a script that would grep out your IP address from an ifconfig, and have that script send me your current IP any time it changes.

    If you've configured your Pre to run dropbear ssh services, and if you've configured dropbear to accept connections via the EVDO interface, and if you've not taken steps to prevent direct root connections, leaving your phone in dev mode for any length of time would be foolhardy at best.

    On the other hand, if you're only allowing connections via WiFi (and you're not connecting to a public WiFi access point), or if you've locked things down a bit, there's probably no harm in leaving your phone in dev mode.
    I've gone the dropbear route, configured so you can't login with root access, and allowed it to work through EVDO. Use it at work often. You'd have to get access to my phone first in order to creat that script, good luck with that
  15. #15  
    Quote Originally Posted by temperamentalman View Post
    Why don't you run your Windows PC without a software or hardware firewall? Same thing.
    I run my Windows PC without a software or hardware firewall But again, I'm not worried about someone hacking my setup, nor do I have anything worth hacking on my system. I also run avast in the background, so no trojans or anything taking over for me. Security through obscurity has worked for years for me.
  16. #16  
    Probably the biggest issue would be identity theft. If by leaving the door open someone could possibly install or do things without the owners knowledge then it would be risky to leave the door open. I know some people who live in the city of detroit they have lived there for decades they leave their door unlocked all the time even when nobody is home for long periods of time and never get robbed does this mean that they should leave their door open simply because nobody seems to care to try and rob them? It is wiser not to run the risk that to run the risk and have something happen. There was a news story not to long ago over here where someone got some sort of stuff installed on their dumbphones that allowed the 3rd party to use the phone like a bug and listen in on everything that was going on even when the phone was not on an active call. They had no idea how the software got onto their phones and their lives became nightmares as a result of it. Now I'm not saying this will happen to many but it is obvious it can happen and personally I wouldn't want to make this kind of thing easier to do remotely. Now it is my understanding in the case I described is that physical access to the phone was needed but if there is a way to do this sort of stuff remotely it isn't a good idea to not have security.
  17. #17  
    Quote Originally Posted by jeffro77 View Post
    Security through obscurity is not security.

    Moreover...

    Nothing is showing up in /var/lib/dhcp, so I'm having trouble finding lease information, but I can tell you empirically that my IP does not renew on every network (re)connect (i.e., after every phone call, USB sync, reboot, etc.). In a quick test of 10 reset-like events, I got my same IP back twice.

    Even so, it would only take a minute (maybe less) to cron a script that would grep out your IP address from an ifconfig, and have that script send me your current IP any time it changes.

    If you've configured your Pre to run dropbear ssh services, and if you've configured dropbear to accept connections via the EVDO interface, and if you've not taken steps to prevent direct root connections, leaving your phone in dev mode for any length of time would be foolhardy at best.

    On the other hand, if you're only allowing connections via WiFi (and you're not connecting to a public WiFi access point), or if you've locked things down a bit, there's probably no harm in leaving your phone in dev mode.
    Personally, I have the phone rooted and able to ssh via evdo. I do turn off dev mode, but curious what other steps you wod take to lock down the phone. I debated on the idea of using evdo, but thought maybe in a pinch it would be useful... So any ideas on how to tighten things up would be helpful. I am new to linux, but rooted for access to mytether. So far no issues, but please share safety tips.
  18. #18  
    Anybody notice any reboots or slowdown/instability by leaving dev mode on? Does turning on dev mode enable more extensive debugging or some other processes? I just turned off devmode and the phone seems much more responsive. With dev mode on, it's reset itself while sitting on my coffee table almost the same time both weeks - Saturday evening. This never happened with even earlier firmware versions without dev mode enabled. I've disabled dev mode and am going to see if it improves stability.
    "There are 10 types of people in the world, those that understand binary and those that don't"
  19. #19  
    Quote Originally Posted by mobilehavoc View Post
    Anybody notice any reboots or slowdown/instability by leaving dev mode on? Does turning on dev mode enable more extensive debugging or some other processes? I just turned off devmode and the phone seems much more responsive. With dev mode on, it's reset itself while sitting on my coffee table almost the same time both weeks - Saturday evening. This never happened with even earlier firmware versions without dev mode enabled. I've disabled dev mode and am going to see if it improves stability.
    I've acidentally left it on before. I think I may have noticed a tiny bit slower responses from interacting with apps and such. But I haven't experienced instability. I'm sure there are debugging tools running and a routine to allow privileged access that normally isn't allowed when it is off. Unless you add an account to ssh with putty or access the file system with winscp. When I used a blackberry I had to reboot it once a week because it would become unstable and lock up if I didn't. I think the nature of smartphones being computers in your pocket you sort of have to regularly reboot them or expect instability. It is possible a particular combination of apps or update to one, your usage, and the newest webOS update resulted in a memory leak that wasn't there before. Having dev mode on all the time may be a factor in that equation too. The more complexity the greater the possible issues and even issues unique to one or a small group out of the whole user base. I've been stumped a few times with reading an issue one or a few are having that appears to not happen testing for the very thing on another.

Posting Permissions