We have moved to a new Sailfish OS Forum. Please start new discussions there.

Keychain linked to TOH

asked 2013-12-25 13:21:14 +0300

AL13N gravatar image

updated 2014-01-19 21:36:05 +0300

lk gravatar image

It would be nice to have a secure keychain linked to one or more TOH. In turn, the keychain would contain one or more identities (could even be linked to multiple keychains), and these identities could link to settings/apps/synced accounts/passwords/etc...

this, to make a real, secure split work/private separation with the use of TOH.

edit retag flag offensive close delete


Oh, great idea. I'd love that.

Swl ( 2013-12-25 13:24:10 +0300 )edit

would be even nicer to have smartcard hw on TOH containing those keychains/credentials.

Nirkus ( 2013-12-26 23:02:09 +0300 )edit

@Nirkus or a TOH with a security chip on it; but well, when we have this, adding the security chip into it, will not be much extra work...

AL13N ( 2013-12-26 23:02:56 +0300 )edit

@AL13N "smartcard hw on TOH" is intended to mean the same as "TOH with a security chip on it" :o) Also, you would need a user-controlled security chip on each TOH used for this purpose.

Nirkus ( 2013-12-27 22:33:16 +0300 )edit

@Nirkus of course :-)

AL13N ( 2013-12-28 00:46:51 +0300 )edit

1 Answer

Sort by » oldest newest most voted

answered 2013-12-30 19:21:00 +0300

simo gravatar image

updated 2013-12-30 19:24:23 +0300

One quite a safe way to achieve this (if the content is not wanted to be saved on phone) would be writing a cloud access with wanted parameters (and encryption keys) to the TOH, and save the server address (encrypted) and pair for the keys to the phone. Like this, the phone (and no other phone) would get the content from the cloud only when TOH is attached. NFC would be programmed so, that when the TOH is removed, all the changed content is uploaded, and all the downloaded/changed content is then erased from the phone.

Solution with no connection needed would be: All content encrypted in the phone, only the private key and a launch command saved to TOH. Also in this option, the TOH would launch the content only with a certain phone (with key pairing procedure). Removing the TOH would launch an encryption+save process, so the updated content would remain behind the key again.

edit flag offensive delete publish link more



I can't believe you're using the words safe and cloud in the same sentence... i didn't read any further, i'm just horrified and appalled...

The idea is to have control over things yourself and not having someone else have access to your stuff... this is stupid and ludicrous. you're not paranoid enough!

AL13N ( 2013-12-30 20:38:03 +0300 )edit

Instead of commenting like that, how about offering another answer as an option? There is also solution with no connection needed included. All safety of any moving content depends only on man made encryption - words "safe" and "quite a safe" have a difference.

simo ( 2013-12-30 21:21:40 +0300 )edit

@AL13N A cloud can also be local, separated from other networks (servers inside). In mobile use it still relies on WLAN encryption, so never 100% either. But "quite a safe".

simo ( 2013-12-30 21:29:34 +0300 )edit

maybe i overreacted a bit... but cloud is inherently trusting a provider, and when dealing with keychains, it's not really a good idea. This kind of integration will not be possible except for Jolla themselves, and they (since the have the existing code) are more quited to know how to accomplish it.

AL13N ( 2013-12-30 21:33:18 +0300 )edit

@simo quite unsafe IMHO... though a real cloud consists of quite some infrastructure, a bunch of servers isn't really a cloud. plus there's no need to store off-phone (except for backups) cause it's not that big in size anyway.

AL13N ( 2013-12-30 21:36:33 +0300 )edit
Login/Signup to Answer

Question tools



Asked: 2013-12-25 13:21:14 +0300

Seen: 615 times

Last updated: Dec 30 '13