Thread: PASSWORD/DATA PROTECTION REQUEST (Please Sign)
View Single Post
CatOne
Member
2012-02-20, 04:49 PM
Quote:
Originally Posted by Amilius View Post
Thanks for your reply CatOne, but not constructive. I asked for co-signs on those that were interested in it and not in shooting holes in the idea. (I'm trying to get something positive done).
Looks like you're 0 for 2, so far. Good luck with your "constructive" approach, though… you could always put this in as a feature request via OF support as they recommend. The Omni folks take all the requests and prioritize them as they see fit. Or I guess this could be your attempt to "rally the troops" if they already said they'd put it in the queue.

Whatever… calling the default iOS security a "pacifier" is silly. Just so you know, there's this little thing called "data protection" on iOS which makes it pretty much impossible to access application data on an iOS device, if it's implemented in an app. So the most secure option the Omni Group would have would be to implement data protection in OF (I don't know whether they've done this; I suspect not, as it would prevent things like notifications when the phone is locked).

As for your other analogies, I disagree that belt and suspenders are necessary and that "more security is always better." It's a trade-off. As a WAG, let's say they implement something like this and 3% of users leverage it. What percentage of them call the Omni Group at some point because they forgot their PIN, which is different to the main iPhone PIN? And if they can't recover their data, how upset are they?

Not to mention, of course, the data is located in other areas, (i.e. servers) which, statistically, are probably more likely to be compromised.

A much better option is to use a strong passcode on your iOS device. And on your Mac, if you're not using FileVault 2 this whole thing is a fool's errand. There's no reason the Omni Group should have to implement in-app encryption for the data file when you can do it for the entire OS at the click of a button. And the disk is locked and encrypted the second you sleep it.

I really think you're barking up the wrong tree here. You can say I'm being "non-productive" but I'm just pointing out there are more than one viewpoint, and it really seems like you've not considered a number of things which are actually quite important. Worse than being insecure, is false security.
Post 5