ivi does not require the same level of security as the
potential damage of someone who is SITTING in your care and using the ivi
system (hey are trusted enough to sit in your car), vs someone outside of
your car, at 3am when you are asleep trying to break in to steal the car. vastly
different level of consequences due to a security breach, thus likely need
vastly different amounts of attention security-wise.
I was planning to construct ecryptfs home directory encryption key
using the key fob or NFC. I can also support multiple authentication
methods for the same storage, such as keyfob, NFC tag or passphrase.
Usually my goal has been that even if you desolder the flash chip from
the hardware and NSA puts it on their hacking bench they cannot get
the data out.
factory reset from bootloader then re-setup account login+pw for
play/market and u can get all your apps back... :) in fact android
handsets, last i played,
That's equivalent of buying a new device, it's not a recovery, it's a
it's not the equivalent. you don't spend another $500 or $1000. very far from
it. :)
complete device wipe. Btw, do you know how to make a factory reset
from bootloader? Manual doesn't say anything.
yes. a quick googling will show you how for many models of phone etc. no i'ts
not in the manual they give you in the box, but it's documented.
Yeah, I can reinstall applications, but all my data is gone. I don't
worry about applications, I have something like five of them.
not if data has been backed up. as most peolpe just hand their data to google
etc. all their emails are there. all their facebook messages are there. their
contacts are synced to gmail. they already gave their private info away for
free and they just get it back. :) ok - i lose my call log and sms's - not used
that
much anymore. :)
- it could just reset screenlock mode on the host. as long as it can
get fs access to the internal storage. if it's encrypted and you
forget your encryption key... then you're in trouble. factory reset
method then for you. :)
If there's a way to get past the device lock code, it's a really bad
security bug.
Who wouldn't have their device encrypted these days?
quick survey of me and 2 other engineers next to me. 0% use encrypted
filesystems. i can tel you no one in my family uses them either. sol add a few
more there. i actually personally know no one who uses this feature on their
phones (that has in any way indicated they do - they may or may not use it,
but they haven't said so), so my really quick survey of ENGINEERS around me
says...
this is not commonly used. you're likely not in the majority. :)
http://consumerreports.org/privacy0613
"Almost 40 percent in our survey didn’t take even minimal security
measures, such as using a screen lock, backing up data, or installing an app to
locate a missing phone or remotely erase data from it."
extrapolate that. if they don't even bother locking their scree.. do u think
most people encrypt their filesystems? just remember. you're not in the
majority. not by a long shot. :)
yeah. the nsa agrees with you. :) but most people disagree. everyone
who uses facebook or any google services are giving their data away
for free all day in return for a service, and if they paid for the
service, it'd be fairly cheap to
Using Facebook or Google still doesn't mean giving up all your data.
Facebook app for Android is asking for too much permissions and that's
why I don't have it installed. I use it through browser instead.
but 100's of millions of peolpe do have it installed. they give up that privacy
for their "drug" (access to friends/social network). they rate their social
network access as higher importance than privacy. MOSt people are not you.
you of course are different, but most people seem to disagree. :)
On iOS I can control what kind of access it has.
My point is that if someone steals your car, he shouldn't have a way
to get his hands on your Google Wallet or personal data through some
stupid backdoor in the system.
i would argue.. they shouldn't be able to steal your car to begin with! :) if
you've protected the ivi system and google wallet which maybe can cause
them to lose $1000 before the account is blocked, OR you cause them to lose
their
$80,000 dollar car... because security was focused on for ivi but left lax for
the
door/ignition access... i'd say priorities are wrong. :)
--
Carsten Haitzler (The Rasterman) <[email protected]>
_______________________________________________
Dev mailing list
[email protected]
https://lists.tizen.org/listinfo/dev
