Re: Would an "unlock phone via nfc" patch be considered?
134 views
Skip to first unread message
Jean-Baptiste Queru
Nov 26, 2012, 1:19:17 PM11/26/12
to android-...@googlegroups.com
You can discuss potential contributions on android-contrib, where you
might get more attention. Also, the potential security implications
could be discussed on android-security-discuss first.
JBQ
On Tue, Nov 20, 2012 at 4:46 PM, John McLear <john...@gmail.com> wrote:
> NFC fails to read quite frequently so the patch would need to include code
> to do fallback onto a secondary unlock mechanism IE pin.
>
> Is unlock fallback something that has been considered or is due in a future
> version?
>
> I basically need to make a decision between writing a decent app to or
> submitting a patch and was hoping the community could advise.
>
> Thanks
>
>
>
> John
>
> --
> You received this message because you are subscribed to the Google Groups
> "android-platform" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/android-platform/-/Pfshi2XYqEkJ.
> To post to this group, send email to android-...@googlegroups.com.
> To unsubscribe from this group, send email to
> android-platfo...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/android-platform?hl=en.
--
Jean-Baptiste M. "JBQ" Queru
Technical Lead, Android Open Source Project, Google.
Questions sent directly to me that have no reason for being private
will likely get ignored or forwarded to a public forum with no further
warning.
might get more attention. Also, the potential security implications
could be discussed on android-security-discuss first.
JBQ
On Tue, Nov 20, 2012 at 4:46 PM, John McLear <john...@gmail.com> wrote:
> NFC fails to read quite frequently so the patch would need to include code
> to do fallback onto a secondary unlock mechanism IE pin.
>
> Is unlock fallback something that has been considered or is due in a future
> version?
>
> I basically need to make a decision between writing a decent app to or
> submitting a patch and was hoping the community could advise.
>
> Thanks
>
>
>
> John
>
> --
> You received this message because you are subscribed to the Google Groups
> "android-platform" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/android-platform/-/Pfshi2XYqEkJ.
> To post to this group, send email to android-...@googlegroups.com.
> To unsubscribe from this group, send email to
> android-platfo...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/android-platform?hl=en.
--
Jean-Baptiste M. "JBQ" Queru
Technical Lead, Android Open Source Project, Google.
Questions sent directly to me that have no reason for being private
will likely get ignored or forwarded to a public forum with no further
warning.
John McLear
Dec 21, 2012, 10:57:44 AM12/21/12
to android-...@googlegroups.com
Amal's points all valid.
Draft proposal due 2013.
On Thursday, 6 December 2012 17:55:55 UTC, amalg wrote:
there are security issues with using nfc to unlock a phone, mainly that the concern over attack vectors using nfc would be much increased if the nfc radio were turned on and polling for nfc NDEF records when the phone screen was locked (and in a pocket). the fear is that someone could covertly present an nfc tag to the phone that would direct the phone to a website that contained a malicious payload of some kind, or somehow take advantage of an exploit directly. there are also battery life concerns as the nfc radio can drain power like nobody's business.the solution would be two do two things; first, slow the read cycles of the nfc radio down to once every 2 seconds, and secondly, when the screen is locked the unlock feature would only read and use the UID bits of nfc tags to unlock the phone, and not process NDEF records at all. this is outside the NFC spec, but the phone is more than capable of doing this. this also has the added advantage of being able to use the NFC tag to unlock the phone, and then once unlocked, the NFC tag can be used as a regular old NFC tag... meaning you could unlock your phone with a tag, then once unlocked, the phone could read the nfc tag's NDEF contents and do something. this is ideal because it lets the NFC tag owner still use the NFC tag for something other than just unlocking the phone... which is great.
Reply all
Reply to author
Forward
0 new messages