asked 2013-12-25 13:21:14 +0200
It would be nice to have a secure keychain linked to one or more TOH. In turn, the keychain would contain one or more identities (could even be linked to multiple keychains), and these identities could link to settings/apps/synced accounts/passwords/etc...
this, to make a real, secure split work/private separation with the use of TOH.
answered 2013-12-30 19:21:00 +0200
One quite a safe way to achieve this (if the content is not wanted to be saved on phone) would be writing a cloud access with wanted parameters (and encryption keys) to the TOH, and save the server address (encrypted) and pair for the keys to the phone. Like this, the phone (and no other phone) would get the content from the cloud only when TOH is attached. NFC would be programmed so, that when the TOH is removed, all the changed content is uploaded, and all the downloaded/changed content is then erased from the phone.
Solution with no connection needed would be: All content encrypted in the phone, only the private key and a launch command saved to TOH. Also in this option, the TOH would launch the content only with a certain phone (with key pairing procedure). Removing the TOH would launch an encryption+save process, so the updated content would remain behind the key again.
I can't believe you're using the words safe and cloud in the same sentence... i didn't read any further, i'm just horrified and appalled...
The idea is to have control over things yourself and not having someone else have access to your stuff... this is stupid and ludicrous. you're not paranoid enough!
AL13N ( 2013-12-30 20:38:03 +0200 )editmaybe i overreacted a bit... but cloud is inherently trusting a provider, and when dealing with keychains, it's not really a good idea. This kind of integration will not be possible except for Jolla themselves, and they (since the have the existing code) are more quited to know how to accomplish it.
AL13N ( 2013-12-30 21:33:18 +0200 )editAsked: 2013-12-25 13:21:14 +0200
Seen: 666 times
Last updated: Dec 30 '13
Oh, great idea. I'd love that.
Swl ( 2013-12-25 13:24:10 +0200 )editwould be even nicer to have smartcard hw on TOH containing those keychains/credentials.
Nirkus ( 2013-12-26 23:02:09 +0200 )edit@Nirkus or a TOH with a security chip on it; but well, when we have this, adding the security chip into it, will not be much extra work...
AL13N ( 2013-12-26 23:02:56 +0200 )edit@AL13N "smartcard hw on TOH" is intended to mean the same as "TOH with a security chip on it" :o) Also, you would need a user-controlled security chip on each TOH used for this purpose.
Nirkus ( 2013-12-27 22:33:16 +0200 )edit@Nirkus of course :-)
AL13N ( 2013-12-28 00:46:51 +0200 )edit