Fwd: Unlocking for Plasma Active 2

[Thomas Pfeiffer]

On Sunday 09 October 2011 10:18:59 Ivan Cukic wrote:
> All those are not really security systems, but rather a fun way to unlock
> stuff.

Unless the whole disk is encrypted, if someone steals your device, he will get 
your data anyways. So unless we do encryption, the only purpose of the lock 
would be to keep someone from peeking at your personal data while you're in 
the bathroom (which I think is still something useful). So we're not talking 
about someone who has an hour to figure out your PIN.
 
> At first, you think, ok we have 9 digits, so it should be safe enough -
> there are *a lot* combinations you can achieve with 9 digits.
> 
> But the problem is that the users will not remember the digits, but the
> shapes - there are a lot less sane shapes than the combinations. Join that
> with the fact that it is a touch screen and that your finger leaves trails
> when dragging, and you have a disaster. :)

See above, we're not talking about serious hacking there.
And I don't think the trails are too much of a problem. After a few minutes of 
usage, the touchscreen us so smeared that you won't be able to guess a PIN 
from trails (unless you're using forensic methods which, again, won't happen 
while you're on the toilet).
Besides, image passwords seem to become quite popular these days, so I guess 
we're not the first ones evaluating the risks.

I don't say the method of connecting digits is the best one, but I don't think 
we really need high-security stuff here.

I suggest making unlocking quick and easy while still maintaining minimum 
protection from unauthorized people checking out your data without you even 
noticing is what we should achieve.

If later on we want to make users with high security needs happy, we need to 
rethink the whole thing anyways.

Cheers,
Thomas