UI security topic: UI for private activities
Thomas Pfeiffer
colomar at autistici.org
Tue Jan 17 13:24:52 UTC 2012
> -----Original Message-----
> Hi there,
>
> In the last days we had a lot of discussions about the security topic.
> In my team we already had a look how the UI dialogs could look like and
> in last fridays telco we talked about that as well.
>
> So here my current findings presented in a flowchart regarding "private"
> (means encrypted) activities:
>
http://share.basyskom.com/contour/UIDesign/flowchart_PrivateActivities.pdf
Great to have already such an advanced version already available!
> Asumptions:
> - Mark Activity as private: toggle Button in "Create new activity" and
> "Activity Configuration" Dialog; details see flowchart
Why ist the password needed to switch to non-private again? You can't
access the activity without the password anyway, so you have already
entered it when you get to the configuration screen. And once you have
access to an activity, switching private mode off isn't so much of a
further
risk. If the purpose is to prevent accidental de-activation, I'd just use
a
confirmation, not password entry.
> - Open Private Activity in switcher: after tap a pw dialog appears
> (similar to delete dialog); see validation details again in flowchart;
I'd use either "switch" or "open" as a label, "go" seems too generic.
> 3a- after manual or automatical screen lock while private activity is
> running: pw dialog in lockscreen is required to open the current private
> activity. Unlock with normal activity running doesnt require any pw, it
> behaves like Plasma Active currently does.
> 3b- there has been the idea that after locking, PA encrypts all private
> activities again and just shows the last "normal" activity as a
> fallback. What I dont like here, that the last normal activity can be
> completly random, so that for the user that wouldnt be a benefit, as he
> has been just working on the private activity.
> 3c- Another option would be that the uncrypted fallback is always the
> introduction activity, which can therefore be never private and can
> never be deleted. This would assure that we have at least one
> "normal/not private" activity in the system we can always fallback to. I
> dont like this option that much neither, because we would introduce some
> kind of homescreen, that we just wanted to get rid off ;)
My order of preferences (most to least preferred): a, b, c
> - With all these passwords coming now into PA, I suggest having a
> security tab in our settings app with these options:
> - device pw after shut down: toggle on/off; on is default (needs then to
> be entered in first introduction activity)
> - edit pw for device pw
> - device pw after lock screen: toggle on/off; off is default
I agree with Marco and Ivan on the "false sense of security" point.
On the other hand, laptops usually have a login password as well even
though
this does not offer more security if it's stolen either.
Difficult matter...
More information about the Active
mailing list