BOOX Palma
From Wiki-IoT
Classification
| BOOX Palma | |
|---|---|
| Classification | |
| Grade | A |
| Calculator version | 1 |
| Classification date | 2025-10-11 |
| Information | |
| Name | BOOX Palma |
| Brand by Parent | BOOX by Onyx International Inc. |
| Generation | 1 |
| Model(s) | Black, White |
| Release date | 2023-09-28 |
| Type/Category | Ebook Reader |
| Website | [1] |
| Status | In sale |
| More | |
| Dimensions | 159 x 80 x 8.0 mm |
| Mass | 170g |
| Operating system | Android 11 |
| Companion App | N/A |
| CPU | |
| GPU | |
| Memory | |
| Storage | |
| Battery | |
| Power | |
| Charging | |
| Display | |
| Camera | |
| Sound | |
| Connectivity | |
| Device | |||
|---|---|---|---|
| Criterion | Value | Proof(s) | Comment |
| Known hardware tampering | None | [2] | Sealed unibody design, not intended for user service. No public reports of supply chain tampering. |
| Known vulnerabilities | Rare | [3] | Device receives firmware updates from Onyx, but is based on an older version of Android (11). While device-specific exploits are rare, it may be susceptible to unpatched Android OS vulnerabilities. |
| Prior attacks | None | [4] | No publicly known, widespread security incidents targeting the BOOX platform. |
| Updatability | Very common | [5] | BOOX provides regular Over-the-Air (OTA) firmware updates, which can be accessed and initiated from the device via the official support infrastructure. |
| Category score | 2 | ||
| System | |||
|---|---|---|---|
| Criterion | Value | Proof(s) | Comment |
| Authentication with other systems | Full | [6] | The device runs Android, which uses standard secure protocols (e.g., WPA, TLS). The privacy policy outlines secure data handling, which relies on these protocols. |
| Communications | Encrypted with up-to-date encryption | [7] | The privacy policy states that the company takes "reasonable precautions... to protect your information," which includes standard encryption for data in transit. |
| Storage | Encrypted with up-to-date encryption | [8] | As an Android 11 device, it supports file-based encryption by default to protect user data at rest, a standard security measure. |
| Category score | 1 | ||
| User Authentication | |||
|---|---|---|---|
| Criterion | Value | Proof(s) | Comment |
| Account management | Full | [9] | The device uses standard Android account management. The Onyx Account for cloud sync is detailed in their privacy policy. |
| Authentication | Secure | [10] | The underlying Android OS supports secure screen lock methods like PIN, pattern, and password, as is standard for modern mobile devices. |
| Brute-force protection | Exist | [11] | This is a standard feature of the Android OS. The system enforces a timeout after multiple incorrect unlock attempts. |
| Event logging | Access event logged | [12] | Android's internal system logging (logcat) records security events like unlock attempts. Cloud account access is logged server-side as per the privacy policy. |
| Passwords | Require change after setup with complexity requirements | [13] | The standard Android setup process requires the user to configure a screen lock method before completing setup. |
| Category score | 1 | ||
| Grade | A |
|---|
