Hi, I have followed the discussions about elaborate schemes for theft protection on this list, but I think most of them shoot in the wrong direction. Sure, it is desirable to get your phone back, but in reality that is normally not the case.
So while we aren't really able to protect the phone from being stolen, we should try our best to protect the data the user has on the phone from being of any use to the thief. What I'm proposing is a user-friendly encryption scheme of the data the user stores in his phone, so any illegitimate user will not be able to get personal data about the owner of the phone. Implementation: I'm thinking about using either encfs (needs fuse, maybe not such a good idea) or ecryptfs (in-kernel, can make use of the kernel crypto-api) for transparent encryption of the user's data. Different modes: 1. No encrytion - this will be the mode the phone will be in when the user receives it. All data is stored unencrypted. 2. "SIM-binding" - this retrieves/stores a secret on the SIM card, that can only be accessed when the correct PIN for the SIM was entered. The secret is retrieved from the SIM card and used as a key for encfs/ ecryptfs to decrypt the users data 3. "Paranoia mode" - the user will be able to set his own pass phrase for the encrypted data. This may save the SIM PIN code in the encrypted area to still be able to operate the phone with only one secret. Switching between these modes should be transparent to the user. It should be possible to create a "master key" the user should store in a secret place, so that he can retrieve his data when he forgets his pass phrase. This could be of help even in mode 2, when the SIM gets locked or damaged. When the phone is locked and in stand-by, the user should be able to take calls without entering the secret, but for total unlocking, the secret must be entered. Remote access to the phone should be disabled while it is locked to not compromise security. Summer of Code? Since I really think this is a desirable feature for a mobile phone, I'd like to implement it as a Summer of Code project. I have experience in most modern (and some ancient) programming languages, including C, C++, Java, Python, Perl, Ruby. I have already worked with GTK+ and think it is a very good toolkit. If someone would be willing to mentor me, I'd love to apply. Greetings, Tobi -- GPG-Key 0xE2BEA341 - signed/encrypted mail preferred My, oh so small, homepage: http://portfolio16.de/ http://www.fli4l.de/ - ISDN- & DSL-Router on one disk! Registered FLI4L-User #00000003 _______________________________________________ OpenMoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community