Maemo 6 New Security Model

One of the surprises from Maemo Summit 2009 was Nokia’s announcement of new closed down mode for Maemo 6 to support mainstream commercial content protection requirements from content owners. Speculation of how secure this can be, why Nokia is in the first place doing this, what are the implementation details and practical implications for normal user started immediately and have continued.

I don’t think people looking to Maemo as their mobile operating system should be surprised by this. I think Nokia’s and others pushing of Maemo as open source has somehow clouded peoples’ thinking that no evil DRM style technology will ever come to Maemo. Thruth is that Maemo has always had at least 20% of its software stack under closed source, kept only to Nokia. This is truth for Maemo 5 and will be same for Maemo 6. Nokia needs to assure mobile operators that certain use cases and parts of the device are protected for them to allow these devices to operate at their networks and of course Nokia itself wants to protect some of their investment & innovation to Maemo OS. Nokia itself gives these use cases as driver for closed mode, DRM enabled mode:

• Commercial applications use via any mechanism, download, memory card etc
• Ovi Store and commercial content (apps, ringtones, themes etc) downloading & use
• Commercial games use cases
• Comes with Music from Nokia on Maemo (now using Windows PlayReady DRM)
  • Nokia specifically mentioned Microsoft Windows PlayReady DRM support in Maemo 6

I wanted to show to you all how much and what components of the Maemo OS are closed source even though image below is huge. All red ones are closed components, Nokia only territory. I hope we don’t have that A’HA-OMG feeling that Android community had few weeks ago when they realized parts of the Android OS are very similarly closed Google source.

Link to the big image to see it much better.

Technically this trusted, closed, DRM-enabled (yep, it will have many names) is based on hardware and software changes to Maemo devices and Maemo OS. Nokia is planning to use at HW level ARM’s Trusted Zone technology that protects certain pieces of key data like certificates, licenses, checksums. On the SW side of things it does not look that bad. Nokia is following least privileges principal where applications are by default able to access only minimal set of safe functionality, when they need access to secured ‘things’ they need to ask it via declaring already in the SW package what resources it requires. In addition good thing is that seems like Maemo will not go security API crazy and instead rely on apps asking for access to secure parts via manifest files, SW package level text files.

See Nokia’s slides on the topic.