Re: Concrete ideas for the December-March OPW?

From: Tobias Mueller <muelli cryptobitch de>
To: Michael Catanzaro <mcatanzaro gnome org>
Cc: Safety and Privacy Team <safety-list gnome org>
Subject: Re: Concrete ideas for the December-March OPW?
Date: Wed, 29 Oct 2014 14:10:18 +0100

Hi.

On Tue, Oct 28, 2014 at 01:33:32PM -0500, Michael Catanzaro wrote:

Yes, this seems like a good starting point, but I would expect more than
just this much from an OPW project.

I wouldn't. There is enough room to play even with the simple idea.

So for the non-lock screen case:
nowadays a malicious USB storage device will identify itself as a
keyboard or network device or a USB hub to the operating system. I
wonder if it would be feasible to protect users against this, e.g. by
popping up a dialog with a big picture of a storage drive opposite an
image of a keyboard and asking "What did you plug in?"

Interesting idea.  I like it! I would advise against popups though. Especially
those which are security relevant.
Another approach could be a tool which you need to open in order to activate
your plugged in device.
In that tool you see the device and its types. Then you press a toggle button
in order to activate (or deactivate) the device.


Cheers,
  Tobi

Follow-Ups:
- Re: Concrete ideas for the December-March OPW?
  - From: Michael Catanzaro

References:
- Concrete ideas for the December-March OPW?
  - From: Federico Mena Quintero
- Re: Concrete ideas for the December-March OPW?
  - From: Tobias Mueller
- Re: Concrete ideas for the December-March OPW?
  - From: Michael Catanzaro

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]