Private data protection.
Christoph Fink
buffoon at buffoon.homelinux.org
Fri May 30 15:17:34 CEST 2008
Ilja O. wrote:
> 1) Auth using PIN number (this requires encrypted image presence in
> phone file system by it's boot time end -- not reallyl convenient if
> SD card is used).
>
IMO encrypting Data with the PIN Number is not such a good thing,
because the possibilities of different keys are definately not high (max
8 digits, only numbers). A better solution would be to save the PIN on
the encrypted storage and automatically read it.
> 2) Auth using key file accessible on network (when phone is connected
> to your computer or local network). This means that auth can be
> performed only in your place (home, work...).
>
Not such a good solution for a Phone IMO (if you're in holidays without
laptop for example)
> 3) Auth using presence of another bluetooth or WiFi device (the MAC
> address of this device is used as key). This means that phone fully
> unlocks when your bluetooth mouse or router are around. ;)
>
>
Same here...
The most secure Thing IMO would be to ask a passprase while booting
(maybe hack uboot for that, if it doesn't know that) or put data on
another device/partition then the OS and asking later for the passphrase
(maybe easier to implement)
More information about the community
mailing list