On Tue, 20 Mar 2007 2:08, Jim McDonald wrote:
> Tim Newsom wrote:
>> The best part is that if you don't want it, you
don't use it. And
>> those that do want it, can use it and its all
completley transparent
>> to the applications.
> But not at all transparent to the end user. Again
assuming that there
> is some sort of key caching going on, what is the real
consumer benefit
> to having multiple ways of categorising data to
different levels of
> security versus having a simple "protect my data
against unauthorised
> access" checkbox somewhere that blanket-enables
encryption?
>
> (Alternatively there could be some way in which these
configuration
> settings are pluggable and people with the more complex
requirements
> could download the advanced settings plugin and leave
normal users with
> a simple yes/no choice.)
>> --Tim
>
> Cheers,
> Jim.
>
I don't think you want security which is transparent to the
user.. If
the user does not know it exists then they won't know they
are using
it.. And then they might do something which causes problems
later on.
The user should have full knowledge of what they are doing.
That
doesn't mean it has to be difficult or have 200 commands at
the prompt
to set up. It can be easy and guided.. And possibly just an
advanced
menu somewhere which contains the necessary jump points into
the
security configs.
Remember, most users (the average mom and dad) will not use
the security
features anyway. Some because they don't know how, some
because they
don't think of it and some because they just can't be
bothered to set it
up.
Now, the ones that don't know how may at some point try to
learn, so it
needs to be able to help them through it. More advanced
configs don't
have to be set up by the average person either. Its the
flexibility
that is desired. Maybe it ships with password / gesture
providers by
default and someone can 'load new security providers' where
it connects
to a trusted source for signed openmoko security engin
plugins
(providers being easier to say).
Once connected they could read descriptions of available
providers,
install them and during the install it asks some questions
about how
they want it initially configured. If they have not set up
any security
before, maybe it asks them the 'first time questions'...
It can educate them on potential dangers without spreading
FUD and open
their eyes to the awesome potential that is the openmoko
platform.
Lets also not forget that openmoko is not just for phones..
But also
other devices. This scheme could be used by anything...
From a laptop
with someones fingerprint reader and using a fingerprint
security
provider or some not thought of security mechanism to the
next hand held
multimedia player device (though why you would want security
on it is
your guess... Maybe security camera videos of a sensitive
nature?)..
Lets think universal and try to apply what we are creating
to a larger
set of devices.
--Tim
--Tim
_______________________________________________
OpenMoko community mailing list
community lists.openmoko.org
http://lists.openmoko.org/mailman/listinfo/community
|
