On Thursday 22 March 2007 20:48:44 Joe Pfeiffer wrote:
It's not necessary (which was one of my goals) -- if the pefs is
mounted, any time the application reads or writes an encrypted file
the Right Thing Happens. An encryption-aware application can request
its databases be saved encrypted;
Gabriel Ambuehl writes:
Can't you just use encfs (I gather you don't want LUKS because it needs
setting Filesystem size in advance and I can see why one would want to avoid
that [1]) and tell the apps to either use the encrypted tree or not? Then any
app can be made to use the encryption
On Friday 23 March 2007 17:17:50 Joe Pfeiffer wrote:
avoid that [1]) and tell the apps to either use the encrypted tree or
not? Then any app can be made to use the encryption features by virtue of
providing it with proper paths.
Yes, but I want to be able to have both an encrypted
Gabriel Ambuehl writes:
On Friday 23 March 2007 17:17:50 Joe Pfeiffer wrote:
avoid that [1]) and tell the apps to either use the encrypted tree or
not? Then any app can be made to use the encryption features by virtue of
providing it with proper paths.
Yes, but I want to be able to have
On Friday 23 March 2007 18:01:09 Joe Pfeiffer wrote:
~/file1
and ~/encrypted/file2
seems a lot easier to implement AND use to me...
Implement, yes (since it's already been done). Use? I don't think
so.
You can actually use it right now, with almost every app (except for those
broken
Gabriel Ambuehl writes:
On Friday 23 March 2007 18:01:09 Joe Pfeiffer wrote:
~/file1
and ~/encrypted/file2
seems a lot easier to implement AND use to me...
Implement, yes (since it's already been done). Use? I don't think
so.
You can actually use it right now, with almost every app
Flemming Richter Mikkelsen wrote:
There is many good solutions out here.
From my point of view, I would like something like this:
- launch apps-security
- check the check boxes you like:
x encrypt phonebook
[...]
I think this would be possible since each of these groups is
Flemming Richter Mikkelsen wrote:
There is many good solutions out here.
From my point of view, I would like something like this:
- launch apps-security
- check the check boxes you like:
x encrypt phonebook
[...]
I think this would be possible since each of these groups is stored in
On to, 2007-03-22 at 11:31 +0100, Sven Neuhaus wrote:
One remaining question is if the user manually wants to lock the phone
during use (usually with a PIN). We can't really unmount the microSD card
because then the phonebook is unavailable and incoming calls can't tell who
is calling (and
On Thu, 22 Mar 2007 10:17, Joe Pfeiffer wrote:
Thoughts?
From what I remember of the discussions so far, that seems to meet the
majority of requirements for encrypted file storage and also manages
many of the things related to authentication that we have been
discussing. Now, if we can
Tim Newsom writes:
On Thu, 22 Mar 2007 10:17, Joe Pfeiffer wrote:
Thoughts?
From what I remember of the discussions so far, that seems to meet the
majority of requirements for encrypted file storage and also manages
many of the things related to authentication that we have been
discussing.
On Thu, 22 Mar 2007 12:13, Tim Newsom wrote:
On Thu, 22 Mar 2007 10:17, Joe Pfeiffer wrote:
Thoughts?
From what I remember of the discussions so far, that seems to meet the
majority of requirements for encrypted file storage and also manages
many of the things related to authentication
Tim Newsom writes:
On Thu, 22 Mar 2007 12:13, Tim Newsom wrote:
On Thu, 22 Mar 2007 10:17, Joe Pfeiffer wrote:
Thoughts?
From what I remember of the discussions so far, that seems to meet the
majority of requirements for encrypted file storage and also manages
many of the things related
Hi,
Am Tue, 20 Mar 2007 13:31:56 +0100 schrieb Sven Neuhaus:
Tobias Gruetzmacher wrote:
Partitions are a major usability nightmare IMHO. That is the reason my
proposal focused on encfs/ecryptfs, which both are layered encryption
file systems. This removes the requirement to set a fixed size
Tobias Gruetzmacher writes:
It doesn't have to be complicated, check out this screencast
http://people.freedesktop.org/~david/crypto/ showing LUKS integration
into Gnome.
I know of this integration. I have setup many devices with LUKS
encryption. But I really don't want to ask the user How
On Wed, 21 Mar 2007 9:34, Joe Pfeiffer wrote:
Tobias Gruetzmacher writes:
Right -- these look like good approaches, but to a different problem.
/please excuse my direct manner.. Its just how I write (smile)
What do you mean by different problem? Maybe I don't fully understand.
The way I
Tim Newsom writes:
On Wed, 21 Mar 2007 9:34, Joe Pfeiffer wrote:
Tobias Gruetzmacher writes:
Right -- these look like good approaches, but to a different problem.
/please excuse my direct manner.. Its just how I write (smile)
Likewise -- it's hard to see somebody smile by email, and I never
On Wed, 21 Mar 2007 13:03, Joe Pfeiffer wrote:
Hope my notes above are helpful...
Hehe that's great. At least I am certain that you and I are on the same
page now. I thought from my very quick glance at truecrypt that it
could encrypt individual files also but I have not had a hard look
Tim Newsom writes:
I know there are many many solutions to encryption and it would be nice
to have a mechanism to install and use whatever the user wanted to setup
and configure.
That would be ideal! Right now I'm thinking about how to get it to
match what *I* want to do. Other users can
Andreas Kostyrka writes:
At the moment, I'm wandering around the source code for __libc_read() and
__libc_write() to see if there's a good way to hijack a program's
read() and write() calls, so if they are to a file that's marked as
encrypted the data can go through encrypt() on the way
On Wed, 21 Mar 2007 14:35, Joe Pfeiffer wrote:
But it has the encryption jail drawback.
So maybe one way to deal with these issues is to build out the framework
by constructing a new api for reading and writing data based on this
provider concept.. Including the authentication. Then deal
Hadn't seen unionfs -- that really warrants a further look. Thanks.
___
OpenMoko community mailing list
community@lists.openmoko.org
http://lists.openmoko.org/mailman/listinfo/community
On Wed, 21 Mar 2007 14:59, Henryk Plötz wrote:
Moin,
Plus: If you really want per-file encryption that would only need some
minimal modifications to the existing solutions. Or use unionfs.
That's very interesting and opens up lots of potential.
Your right, key management along with many
Tim Newsom wrote:
The best part is that if you don't want it, you don't use it. And
those that do want it, can use it and its all completley transparent
to the applications.
But not at all transparent to the end user. Again assuming that there
is some sort of key caching going on, what is
Tobias Gruetzmacher wrote:
Am Mon, 19 Mar 2007 12:28:28 +0100 schrieb Sven Neuhaus:
With regards to encryption - it'd be great if microSD cards can contain
dm-crypt'ed partitions. It's probably rather trivial to add this.
Partitions are a major usability nightmare IMHO. That is the reason my
On Tue, 20 Mar 2007 2:08, Jim McDonald wrote:
Tim Newsom wrote:
The best part is that if you don't want it, you don't use it. And
those that do want it, can use it and its all completley transparent
to the applications.
But not at all transparent to the end user. Again assuming that there
Tim Newsom wrote:
[Encryption options]
Yep I understand that there are lots of possibilities and options, I
just think that if something ships by default it should provide end
users with a very simple dialog that is basically an on/off switch for
'protection of personal data' (or something
On Tue, 20 Mar 2007 8:12, Jim McDonald wrote:
Tim Newsom wrote:
[Encryption options]
Yep I understand that there are lots of possibilities and options, I
just think that if something ships by default it should provide end
users with a very simple dialog that is basically an on/off switch
On Tue, Mar 20, 2007 at 03:06:18PM +, Jim McDonald wrote:
Yep I understand that there are lots of possibilities and options, I
just think that if something ships by default it should provide end
users with a very simple dialog that is basically an on/off switch for
'protection of personal
Joel Newkirk wrote:
Tobias Gruetzmacher wrote:
What I'm proposing is a user-friendly encryption scheme of the data the
user stores in his phone, so any illegitimate user will not be able to
get personal data about the owner of the phone.
I'd like a good gestural interface for
Moin,
Am Mon, 19 Mar 2007 01:16:30 +0100 schrieb Alexander E Genaud:
Secondly, many banks and corporations require authentication with the
assistance of a token. Some devices display a seemingly random number
every minute or so, while others accept pin codes and challenges. It
might be
Hi,
Am Mon, 19 Mar 2007 12:28:28 +0100 schrieb Sven Neuhaus:
With regards to encryption - it'd be great if microSD cards can contain
dm-crypt'ed partitions. It's probably rather trivial to add this.
Partitions are a major usability nightmare IMHO. That is the reason my
proposal focused on
Tobias Gruetzmacher wrote:
Hi,
Am Mon, 19 Mar 2007 12:28:28 +0100 schrieb Sven Neuhaus:
With regards to encryption - it'd be great if microSD cards can contain
dm-crypt'ed partitions. It's probably rather trivial to add this.
Partitions are a major usability nightmare IMHO. That is
On Mon, 2007-03-19 at 22:57 +0100, Marcel de Jong wrote:
From a user's standpoint:
I do not think I'd like to enter a passphrase or any other measures
just to open up my contacts list (which is after all a piece of
personal data). Also for opening my calendar and such actions on the
device,
Jonathon Suggs wrote:
One of the biggest mantra's I hear coming from the FOSS camp is choice
and so keeping with the whole practice what you preach ideal, I think
the level of encryption should be a user configurable preference.
I'd caveat that with comment that one of the biggest bugbears
Jim McDonald writes:
Jonathon Suggs wrote:
One of the biggest mantra's I hear coming from the FOSS camp is choice
and so keeping with the whole practice what you preach ideal, I think
the level of encryption should be a user configurable preference.
I'd caveat that with comment that one of
Joe Pfeiffer wrote:
[Encrypting data]
We certainly want a global scheme -- but I think we do want a
per-data-item granularity. I've certainly got things on my phone
whose protection I don't care about (shopping lists) and other things
that have legal implications (notes on how various
On 3/20/07, Jim McDonald [EMAIL PROTECTED] wrote:
continually asking the user to decide which data is to be encrypted and
which not.
There is the concept of folders which could be used :)
clare
___
OpenMoko community mailing list
Clare Johnstone wrote:
On 3/20/07, Jim McDonald [EMAIL PROTECTED] wrote:
continually asking the user to decide which data is to be encrypted and
which not.
There is the concept of folders which could be used :)
clare
True, but that's just another choice to be made when storing the data
On Mon, 19 Mar 2007 18:25, Jim McDonald wrote:
Clare Johnstone wrote:
On 3/20/07, Jim McDonald [EMAIL PROTECTED] wrote:
continually asking the user to decide which data is to be encrypted and
which not.
There is the concept of folders which could be used :)
clare
True, but that's just
Tim Newsom writes:
Ok.. Lets assume for a moment that there is an encryption / security
engine.. And its hooked through dbus somehow.. Lets also assume there
is a mechanism that handles all requests to save data from any
application... Will just call it the save data mechanism.. (Grin)...
So
Joe Pfeiffer wrote:
snip
It's also not clear to me that more than two levels of security
(open/password protected) are needed -- where password protected means
encrypted using whatever scheme we've got.
Personally.
Unencrypted:
Anything that you might want on display on the screensaver and
On Mon, 19 Mar 2007 22:09, Joe Pfeiffer wrote:
I like this -- except it doesn't quite match my sample-of-one user
study. My degree-of-security-wanted is by data, not by application.
The same app is used for things like VINs and tire sizes and oil
filters for cars (no security) and for student
Joel Newkirk wrote:
Tobias Gruetzmacher wrote:
What I'm proposing is a user-friendly encryption scheme of the data the
user stores in his phone, so any illegitimate user will not be able to
get personal data about the owner of the phone.
I'd like a good gestural
Jim McDonald wrote:
Joel Newkirk wrote:
I'd like a good gestural interface for authentication - a passphrase or
password would be a pain with a mini virtual keyboard, a pincode would
remain a pain in many situations, a personalized fingertip doodle would
be great. Present a virtual keypad but
Hello
On Sun, 2007-03-18 at 01:19 -0500, Joel Newkirk wrote:
Tobias Gruetzmacher wrote:
...
I'd like a good gestural interface for authentication - a passphrase or
password would be a pain with a mini virtual keyboard, a pincode would
remain a pain in many situations, a personalized
On Sun, 2007-03-18 at 12:19 +, Jim McDonald wrote:
Or perhaps some sort of voice recognition, perhaps a user-chosen
phrase?
I vote no on this one, primarily due to not being able to access this
information without nearby people hearing (Or possibly recording) the
pass phrase (Think about
Moin,
Am Sat, 17 Mar 2007 10:51:31 + (UTC) schrieb Tobias Gruetzmacher:
What I'm proposing is a user-friendly encryption scheme of the data
the user stores in his phone, so any illegitimate user will not be
able to get personal data about the owner of the phone.
I was thinking about
On Sun, 2007-03-18 at 18:57 +0100, Paul Wouters wrote:
Excellent idea. Let's ditch the passphrase/pin though, because once we
copy the data off phone to another device, brute forcing anything you
can type comfortable using a pin or keyboard will be trivial.
I wouldn't. Brute-forcing a
Moin,
Am Sun, 18 Mar 2007 18:40:26 +0100 schrieb [EMAIL PROTECTED]:
I would appreciate a fingerprint sensor - there are a lot of Asian
mobile phones / smart phones
with a fingerprint sensor...
Yeah, but a fingerprint sensor adds only convenience and no security
at all. starbug regularly
Hi,
Am Sun, 18 Mar 2007 18:24:31 +0100 schrieb Henryk Plötz:
What I'm proposing is a user-friendly encryption scheme of the data the
user stores in his phone, so any illegitimate user will not be able to
get personal data about the owner of the phone.
I was thinking about something similar
Henryk Plötz wrote:
Moin,
Am Sun, 18 Mar 2007 18:40:26 +0100 schrieb [EMAIL PROTECTED]:
I would appreciate a fingerprint sensor - there are a lot of Asian
mobile phones / smart phones
with a fingerprint sensor...
Yeah, but a fingerprint sensor adds only convenience and no security
at all.
Hi,
Am Sun, 18 Mar 2007 18:57:21 +0100 schrieb Paul Wouters:
I vote no on this one, primarily due to not being able to access this
information without nearby people hearing (Or possibly recording) the
pass phrase (Think about trains, planes, buses, business meetings,
etc). A user-defined
but if the passphrase involves cursing at the phone, you won't get anybody
to give you a second look. everybody is swearing at these things when
appointments get duplicated, calls dropped, etc.
Yes, think about the people sitting next to you in a bus or something.
They could think you're crazy
Using fingerprint sensors will make the phone look less good IMO
Can't a gesture-based authentication be used? I mean swipe a certain
pattern with your finger on the touchscreen.
Regards,
Hans
2007/3/19, Steven Milburn [EMAIL PROTECTED]:
Oh the fingerprint sensor FUD, what fun.
First,
Moin,
Am Mon, 19 Mar 2007 00:56:51 +0100 schrieb Hans Bakker:
Can't a gesture-based authentication be used? I mean swipe a certain
pattern with your finger on the touchscreen.
Yes. That gives probably at least enough entropy to replace the SIM's
PIN and something we definitely should look
Moin,
Am Sun, 18 Mar 2007 22:15:57 + (UTC) schrieb Tobias Gruetzmacher:
If it is possible to store another secret using the PIN2, you could
implement private records (as Joe Pfeiffer suggested) using the
PIN2. But if we are talking about about generic encryption of user
data, maybe a
On Sun, 18 Mar 2007, Steven Milburn wrote:
First, if one concedes that the typical sensor can be easily fooled, I still
think fingerprint sensors tend to add security to most phones. That's
because I think most users cannot be bothered to hide data behind a decent
pass phrase they would have
That still requires two hands just to make a phone call. I don't know if
it's as bad everywhere else, but American drivers are way too likely to
attempt this while driving 80mph in traffic and eating a big mac. The main
reason I like the fingerprint sensor concept is that it enables one-handed,
On Sun, 18 Mar 2007 18:05, Henryk Plötz wrote:
Moin,
/snip
Some feedback will be necessary so the user can see that the gesture
was correctly detected before sending the PIN to the SIM. I propose
some
sort of bubblebabble-digest.
--
Henryk Plötz
Grüße aus Berlin
~ Help Microsoft fight
Knight Walker wrote:
On Sun, 2007-03-18 at 18:57 +0100, Paul Wouters wrote:
I really like the custom drawn symbol idea. It introduces a lot of
variables. Not only the lines, but also the timestamps on when scribbling
it.
Yes, lots of variables, like fuzzy-matching the symbol, because I
Joel Newkirk writes:
My proposal was simply to have the ability to use my fingertip to trace
a shape to substitute for a 'pin' for unlock purposes.
Left-right-left-circle-down, or up-down-up-down-up-down-right-up, or any
of millions of other possible freehand strokes that can be readily
Tobias Gruetzmacher wrote:
What I'm proposing is a user-friendly encryption scheme of the data the
user stores in his phone, so any illegitimate user will not be able to
get personal data about the owner of the phone.
Greetings, Tobi
I'd like a good gestural interface for authentication
63 matches
Mail list logo