On Mon, Feb 23, 2015 at 9:01 AM, Gervase Markham <[email protected]> wrote:
> Cory Doctorow: > > "Imagine a user-centric, data-centric, freedom-centric version of this > security measure: all devices would have to be sold with encrypted > filesystems by default, so that users whose phones are lost or stolen > can be sure that their data is intact, that their bank accounts won’t be > raided, that the correspondence with their lawyers and doctors and > lovers won’t be read, that their search history and photos won’t be > exposed. > > OSes would invite users who were worried about deterring physical theft > to initialize their devices with a secret — a key or passphrase — that > can be entered into a website, which signs it and transmits to the > phone, ordering it to wipe itself down to the BIOS. In that scenario, a > phone could only be bricked if both the customer and the carrier > cooperated." > > http://radar.oreilly.com/2015/02/an-internet-of-things-that-do-what-theyre-told.html > > Does the Find My Phone feature in Firefox OS technically allow Mozilla > or carriers to wipe Firefox OS phones without the consent of the owner? > > If so, should we switch to a model like the one Cory proposes? > > Gerv > _______________________________________________ > dev-b2g mailing list > [email protected] > https://lists.mozilla.org/listinfo/dev-b2g > Is your question whether the authentication of the wipe request happens on the client or the server? - Kyle
_______________________________________________ dev-b2g mailing list [email protected] https://lists.mozilla.org/listinfo/dev-b2g
