logins? access to private data on the phone

[Heilpern, Mark]

Sounds like what you really want is a secure way to log in that's more
convenient than a password -- something like a fingerprint sensor. 

-----Original Message-----
From: community-bounces at lists.openmoko.org
[mailto:community-bounces at lists.openmoko.org] On Behalf Of Joe Pfeiffer
Sent: Sunday, January 14, 2007 9:34 PM
To: community at lists.openmoko.org
Subject: logins? access to private data on the phone

After spending a few minutes today being annoyed again by my Palm
Pilot's idea of security, I'm wondering how logins and security will be
handled by openmoko (and how they're handled by existing Linux PDAs).

What I'd like to see would be for most functions to be available without
the need for any sort of login.  I don't want to have to enter a
password to answer my phone or listen to an MP3!  However, when I access
data I've marked as private, I should have to enter a password; having
looked at some private data, I'd like to be able to keep looking at
private data for some time -- sort of like how sudo on my desktop
doesn't ask for my password for every command I execute, but if I don't
execute a sudo command for a while, it decides to ask for a password
again.

What I *don't* want is what Palm does:  they've got the first part of
wishes right -- unless I lock the device, I can do things like dial the
phone without a password.  Where they screw up is with their handling of
private records:  I can mark a record as private, and then I can set
security on the phone to either view or hide private records.  If I ask
to view private records I enter a password -- at which point I can see
all private records on the phone, from then until I manual hide them all
again.  The result is that I all-too-often discuver I've been walking
around for days with various private databases exposed to the world....

_______________________________________________
OpenMoko community mailing list
community at lists.openmoko.org
http://lists.openmoko.org/mailman/listinfo/community

NOTE: The information in this message is intended for the personal and confidential use
of the designated recipient(s) named above. To the extent the recipient(s) is/are bound
by a non-disclosure agreement, or other agreement that contains an obligation of
confidentiality, with AuthenTec, then this message and/or any attachments shall be
considered confidential information and subject to the confidentiality terms of that
agreement.  If the reader of this message is not the intended recipient named above, you
are notified that you have received this document in error, and any review, dissemination,
distribution or copying of this message is strictly prohibited. If you have received this
document in error, please delete the original message and notify the sender immediately.
Thank you.

AuthenTec, Inc.  http://www.authentec.com