Activity encryption (was: activities save and restore)

Ivan Čukić ivan.cukic at kde.org
Fri Dec 21 21:57:34 UTC 2012 

> yep, i like it too.
> tough I'm not sure is the right level to do it, besides adding complexity,
> is pretty hard to ensure that all the information doesn't leak somewhere
> (and as for now really only files can be moved in an encrypted area)

Yes, the idea of an encrypted activity turned out to be impossible (nepomuk 
data, thumbnails, caches etc.)

> one thing that may be done is to change the concept in a more lightweight
> version, ie a simple ui for encrypted folders, and would be those encrypted
> folders a resource connected to the activity, wouldn't be the whole activity
> to be "encrypted" (because isn't really anyways). Could be in that way

For the desktop version, this could be done easily - guessing that the users 
would like to have even more folders encrypted than just one, but in that case 
it would be totally separated from activities.

One possibility would be to keep it connected to the activity, but mount the 
encrypted partition only when the user tries to access the files (via some 
kio). This would remove the complexity of cancelable activity switching, it 
would remove the UI parts from KAMD and such.

But, I don't know what it would look like in Active - it is not like the users 
over there have a notion of directories. Maybe the action to move something 
into the /treasure chest/ could be in SLC somewhere, and the data would be 
accessed from a dedicated application / dedicated file-based part of the file 
manager.

> become a bit less invasive in kactivitymanagerd? (or be even separed from?)

IMO, separation is the way to go.

> for actual data safety of everything i really don't see much other ways than
> real multiuser with encrypted home...

Encrypted home is a security feature only when the device is off. So, it 
really is not sufficient in our case.



Ch!


-- 
You know, there are many people in the country today who,
through no fault of their own, are sane. Some of them were born sane.
Some of them became sane later in their lives...
  -- Monty Python's Flying Circus

More information about the Active mailing list