[Greg Jones]

Quote:

Originally Posted by CatOne

Brian did answer it pretty clearly above.

He's a spammer/spam bot-just registered today. Look at the 'hidden' link in all his posts that only displays when his posts are quoted in a reply.

[CatOne]

Quote:

Originally Posted by Greg Jones

He's a spammer/spam bot-just registered today. Look at the 'hidden' link in all his posts that only displays when his posts are quoted in a reply.

LOL. That's a new one.

[Venture]

Quote:

Originally Posted by whpalmer4

I know plenty of people who do stupid things. I do some myself. It doesn't make those things be any less stupid, just because they are more convenient than the less stupid alternative.

I don't know if CatOne was joking or not (I think not). I know I'm not joking. If you don't trust someone with your data, don't give them unsupervised access to a device that contains it. If you can't control the device because it belongs to your employer, don't put your private data on it. I agree it's a bit myopic, though; I wouldn't lend my laptop to someone I don't trust with my data, either!

I do appreciate that these forums, unlike others, seem to have thoughtful debate. I also appreciate that you recognize that although you wouldn't want your kids or family to use your device, you recognize (hopefully I'm not reading into your post) that for some of the thousands or millions of other users users out there, it isn't "stupid." I'm thinking of a lawyer friend of mine. He has a personal iPad, that his child plays around with on plane rides (anyone with a young child knows what a pacifier that can be in an otherwise horrible situation). He might like to use OmniFocus. Maybe the data in it isn't even that big of a deal, but he knows that technically he should be taking steps to secure it. That leaves him with three choices - spend $500 on a second iPad for that limited use, hope that OmniFocus can be password-protected, or don't use OmniFocus.

Anyway, that's the use case I can think of, although with all the users out there, I'm sure there are many more.

[raedesnoy]

Quote:

Originally Posted by Amilius

Apple used to be very secure on Unix and PowerPC, then went to Intel and now using iOS. Seems like things keep getting more and more diluted and weak. Of course Apple doesn't want to reveal this truth cause that would destroy the myth. So they ploy their users with diversions like Twitter/Facebook integration and Game Center built right into the system to keep the shell game going.

So much for security...

I have an easy solution. Buy an attack dog, and chain the device to the dog, and then not one but three home security systems and attach them to the dog... this dog. Security problem solved.

[jdh]

Personally, I don't want to see yet-another-passcode option on the device, but at the same time there are a great many other apps that have this option, so I can't see the harm in adding it as an option. I don't bother with passcode locks on anything -- even things like Mint, Evernote and Dropbox, which in some cases do have considerably more sensitive data, as i rely on my on-device passcode lock and remote wipe capabilities.

OmniFocus is actually the least of my worries... I have used it for confidential/NDA projects in the past, but the reality is that there's an easy way around that problem for me -- the tasks are rarely confidential to the point where it matters what's in OmniFocus. I don't store documents or photos in there, and in those few cases where I"ve been working on something that I might be under a legal or contractual obligation to keep confidential, I simply word my tasks carefully, since all they need to be is a reminder to jog out information that should already be in my head.

It's also worth keeping in mind that the idea that data on the device is already encrypted is technically correct, but is actually a fallacy from a privacy and data protection point of view. The standard hardware encryption in iOS exists to support a fast remote wipe and can otherwise be easily overcome with most simple jailbreak tools that bypass the password. Data Protection is another story, but an app has to specifically enable that, and OmniFocus doesn't.

So the bottom line is that a passcode lock on OmniFocus would protect you against casual intrusion, but only Data Protection or Omni's own encryption algorithms are going to do you any good in terms of actually protecting your data.

[whpalmer4]

That's an excellent point about the tasks themselves often not being sensitive information, even though they may deal with sensitive material.

If you store the project reference data in something like DevonThink To Go, you skip the part about sensitive data going to someone else's server, but still can have links to it embedded in OmniFocus that will sync successfully. You still need to secure the device, of course, but you don't have to worry about theft of the data from someone else's server.