[Owncloud] comment on the encryption proposals
guillermo berlin
guillermoberlin at gmail.com
Mon Feb 7 01:47:07 UTC 2011
hi,
I was reading the encryption proposals and I notice the usage of cookies
to avoid typing passwords so many times, this is a great function but
implies a security risk in mobile devices such smartphones because they
can be stolen or lost and could give third parties access to information
stored in our owncloud that we do not want to be seen by others.
I think it will recommended or necessary to have a way to identify which
devices are connected ( like a unique ID), and from the server
administration panel can be added to a blacklist and so prevent access
to information stored in the cloud that was visible from the mobile
device by other people.
I say this as a constructive comment, because the theft of mobile phones
and other devices in my country are quite common and this may be a risk
to the data stored on the servers if there is any option like many
mobile applications that remember the username and password (which is a
useful function that saves time especially in this type of device)
I hope not to anger anyone
regaards,
Guillermo
More information about the Owncloud
mailing list