Proposal: Personal Data Encryption (maybe SoC?)
sven-openmoko at sven.de
Thu Mar 22 11:31:15 CET 2007
Flemming Richter Mikkelsen wrote:
> > There is many good solutions out here.
> > From my point of view, I would like something like this:
> > - launch apps->security
> > - check the check boxes you like:
> > x encrypt phonebook
> > [...]
> > I think this would be possible since each of these groups is stored in
> > separate places.
> > Usually the user should not need to encrypt more than 100MB.
Oops.. "640k is enough for everyone", right? ;)
> > With a 512MB SD card,
> > we have enough space to make an encrypted partition (maybe inside a
> > file) if we want but
> > I don't know if this is a good solution or not.
What I'd like to see is an easy way of storing *all* important data
(phonebook, SMS, addresses, pictures, music, you name it) on the microSD
card instead of the internal flash.
Then I can just make one large encrypted 2GB LUKS partition on the microSD
card and everything is encrypted. When the phone is rebooted or the microSD
card is removed, the data is safe until the passphrase is provided.
One remaining question is if the user manually wants to lock the phone
during use (usually with a PIN). We can't really unmount the microSD card
because then the phonebook is unavailable and incoming calls can't tell who
is calling (and thus how to treat the call). So I guess it remains mounted
all the time, which considerably lowers security of course. Perhaps the
phone should unmount the card after you enter the wrong PIN a few times, or
enter a special PANIC-PIN.
More information about the community