UI security topic: UI for private activities

Shantanu Tushar Jha jhahoneyk at gmail.com
Tue Jan 17 04:27:22 UTC 2012


Hi,

On Mon, Jan 16, 2012 at 9:39 PM, Fania Bremmer
<fania.bremmer at basyskom.com>wrote:

> Hi there,
>
> In the last days we had a lot of discussions about the security topic.
> In my team we already had a look how the UI dialogs could look like and in
> last fridays telco we talked about that as well.
>
> So here my current findings presented in a flowchart regarding "private"
> (means encrypted) activities:
> http://share.basyskom.com/**contour/UIDesign/flowchart_**
> PrivateActivities.pdf<http://share.basyskom.com/contour/UIDesign/flowchart_PrivateActivities.pdf>
>
> Asumptions:
> - Mark Activity as private: toggle Button in "Create new activity" and
> "Activity Configuration" Dialog; details see flowchart
>

What about having a password confirmation or "show password" option so the
user can be sure that she typed the correct password while creating the
activity. Chances of typos on the virtual keyboard is even more. Or am I
wrong?

- Open Private Activity in switcher: after tap a pw dialog appears (similar
> to delete dialog); see validation details again in flowchart;  currently we
> still have a resize issue here, see https://bugs.kde.org/show_bug.**
> cgi?id=288426 <https://bugs.kde.org/show_bug.cgi?id=288426>
> - Most discussed topic has been the re-encryption of private activities in
> case of shutdown and lockscreen. My suggestion is the following:
> 1- after changing activity: last private activity encrypts again, requires
> again pw if switched back
> 2- after shut down: all private activities encrypt again, pw needed for
> every private activity
> 3a- after manual or automatical screen lock while private activity is
> running: pw dialog in lockscreen is required to open the current private
> activity. Unlock with normal activity running doesnt require any pw, it
> behaves like Plasma Active currently does.
> 3b- there has been the idea that after locking, PA encrypts all private
> activities again and just shows the last "normal" activity as a fallback.
> What I dont like here, that the last normal activity can be completly
> random, so that for the user that wouldnt be a benefit, as he has been just
> working on the private activity.
> 3c- Another option would be that the uncrypted fallback is always the
> introduction activity, which can therefore be never private and can never
> be deleted. This would assure that we have at least one "normal/not
> private" activity in the system we can always fallback to. I dont like this
> option that much neither, because we would introduce some kind of
> homescreen, that we just wanted to get rid off ;)
> - With all these passwords coming now into PA, I suggest having a security
> tab in our settings app with these options:
> - device pw after shut down: toggle on/off; on is default (needs then to
> be entered in first introduction activity)
> - edit pw for device pw
> - device pw after lock screen: toggle on/off; off is default
>
> So, feedback welcome to this subject.
> Fania
>
>
>
>
>
> ______________________________**_________________
> Active mailing list
> Active at kde.org
> https://mail.kde.org/mailman/**listinfo/active<https://mail.kde.org/mailman/listinfo/active>
>

Cheers,
Shantanu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/active/attachments/20120117/9c5e5326/attachment.html>


More information about the Active mailing list