Rockbox Development > Feature Ideas
OTP
OTP:
--- Quote from: saratoga on January 27, 2013, 11:26:44 PM ---
--- Quote from: monoid on January 27, 2013, 11:12:30 PM ---That's right. On the oher side, the phone might be even much more insecure, if it is smartphone with internet connection. Viruses, troyans, worms... sooner or later.
--- End quote ---
Unless there is some flaw in the phone, there is no way for something like that to access the key though.
--- End quote ---
Most phones are online 24/7 and many indeed always have flaws (jailbreak, exynos etc. and those are just the high-profile -- OTA firmware updates and silent sms-es not even being mentioned: the possibilities are many, including bluecoat tools). Disconnected fobs do not seem too bad in comparison.
[Saint]:
The fact that it may or may not be possible to compromise a secure platform (which, generally speaking, is only done by pen-testing experts as there is virtually no need to do so in the wild...there are plenty of users stupid enough to install an application without reviewing the permissions it requests) doesn't justify using insecure methods on an insecure platform.
[Saint]
monoid:
Again, in my opinion OTP on mp3 player with secured seed (by password/PIN e.g. choosing certain song or combination of several songs) and secured access (again by password/PIN) is more secure than physical dongle without password or cellphone with internet access.
Of course it is not 100% secure, but nothing is. Even many smart cards (electronic vallet), door systems, garage door systems, car remote keys are very insecure.
Skilled person may breake in within minutes to days, depending on system and apriori knowledge. End it may be done even without direct physical access. It is sufficient to be "near by". For car/garage tens of meters, for smart cards close to card (which is possible in crowds of people like public transport, queue, etc.)
I do not say, it would be good idea to implement it (if it is possible) in RB, but on the other side it is not bad idea (IMO). It depends how it would be implemented to awoid user's disbehaviour.
But OK, I am not expert on security, so I may oversee something important. ;)
torne:
Hardware tokens cannot be *copied*, only stolen; this is a significant difference. There's no password to protect the token, but if someone steals it you know it's gone and you can get a new token associated with your account.
Having to protect the software token with a specific PIN/etc makes it significantly less convenient to use :) There's no need to do this on a phone, because you can just lock the phone as you normally would, and modern phone OSes isolate apps from each other so they cannot steal data from each other.
Nobody is saying you can't do this, just pointing out that it's not particularly strong from a security POV. You'd be better off using your cellphone.
monoid:
It was not my idea to implement OTP in RB. I have no need to get it implemented. ;)
There are tokens, where PIN is needed. I had one. It was Citybank token.
Quite a lot of todays' smartphones have android. I do not know Linux, but I doubt applications are fully isolated. And if yes, than I do not understand why firewalls and virus-scanners are needed.
And I do not know anybody who locks telephone. But I know few cases that someone stole cellphone and before the owner managed to block it (within 2 hours or so), the telephone bill was equivalent of 500 US$ higher. :(
OK, if the token is implemented somewhere in SIM of telephone, then it would be almost equivalent to normal token. But SIM may by cloned, as far as I know. So, PIN for authorized access to application on SIM would be needed.
I do not see a security issue in using OTP on electronic device like mp3 player (if seed is encrypted and accessible only using proper password/PIN), but I doubt many people would use it.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version