Activity encryption (was: activities save and restore)
Ivan Čukić
ivan.cukic at kde.org
Fri Dec 21 21:57:34 UTC 2012
> yep, i like it too.
> tough I'm not sure is the right level to do it, besides adding complexity,
> is pretty hard to ensure that all the information doesn't leak somewhere
> (and as for now really only files can be moved in an encrypted area)
Yes, the idea of an encrypted activity turned out to be impossible (nepomuk
data, thumbnails, caches etc.)
> one thing that may be done is to change the concept in a more lightweight
> version, ie a simple ui for encrypted folders, and would be those encrypted
> folders a resource connected to the activity, wouldn't be the whole activity
> to be "encrypted" (because isn't really anyways). Could be in that way
For the desktop version, this could be done easily - guessing that the users
would like to have even more folders encrypted than just one, but in that case
it would be totally separated from activities.
One possibility would be to keep it connected to the activity, but mount the
encrypted partition only when the user tries to access the files (via some
kio). This would remove the complexity of cancelable activity switching, it
would remove the UI parts from KAMD and such.
But, I don't know what it would look like in Active - it is not like the users
over there have a notion of directories. Maybe the action to move something
into the /treasure chest/ could be in SLC somewhere, and the data would be
accessed from a dedicated application / dedicated file-based part of the file
manager.
> become a bit less invasive in kactivitymanagerd? (or be even separed from?)
IMO, separation is the way to go.
> for actual data safety of everything i really don't see much other ways than
> real multiuser with encrypted home...
Encrypted home is a security feature only when the device is off. So, it
really is not sufficient in our case.
Ch!
--
You know, there are many people in the country today who,
through no fault of their own, are sane. Some of them were born sane.
Some of them became sane later in their lives...
-- Monty Python's Flying Circus
More information about the Active
mailing list