What kind of tag opens a website? In my opinion, the problem there is that we should stop the second problem, not just the first.
Kris On Thu, Dec 6, 2012 at 2:16 PM, Łukasz Sanek <sane...@gmail.com> wrote: > Hi John, > How do you want to protect users against unintentional unlocking? If there > is no such protection an attacker could first unlock the device and then, > with another tag, open some malicious website exploiting user's browser > (without even the victim taking his phone out of the pocket). > > Cheers! > Lukasz > > W dniu czwartek, 6 grudnia 2012 17:43:50 UTC+1 użytkownik John McLear > napisał:to > ) > >> I'm proposing a method of unlocking the device by using an NFC >> transponder. NFC is becoming more widely adopted on handsets and as >> some NFC transponders have built in security features ergo "unlock >> with NFC" seems to be an obvious next step. >> >> When the Android community talks about "unlocking" a phone is the >> assumption that this is the user stage of unlock IE what you do when >> you take the phone out of your pocket each time you use it? >> >> NFC fails to read quite frequently so the patch would need to include >> code to do fallback onto a secondary unlock mechanism IE a pin. My >> work is partly in the area of improving read reliability so as we move >> forward this will become less of an issue. Is unlock fallback >> something that has been considered or is due in a future version? >> >> I basically need to make a decision between writing a decent app to or >> submitting a patch and was hoping the community could advise. >> >> Once we have fleshed out some of the security implications I will post >> on android-contrib. >> >> If it helps I can ask some NFC forum advisers to share their thoughts >> on security on this thread but I feel I should get a general opinion >> on new unlocking mechanisms from the Android Security community first. >> >> Thanks >> >> >> >> >> >> John McLear >> >> Originally posted here: >> >> https://groups.google.com/group/android-platform/browse_frm/thread/48876689f8814e41/49a8d8658b21fb3d?lnk=gst&q=nfc+unlock#49a8d8658b21fb3d > > -- > You received this message because you are subscribed to the Google Groups > "Android Security Discussions" group. > To view this discussion on the web visit > https://groups.google.com/d/msg/android-security-discuss/-/a4ntiIPWQL0J. > > To post to this group, send email to > android-security-discuss@googlegroups.com. > To unsubscribe from this group, send email to > android-security-discuss+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/android-security-discuss?hl=en. -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to android-security-discuss@googlegroups.com. To unsubscribe from this group, send email to android-security-discuss+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
