← Back to team overview

ubuntu-phone team mailing list archive

Re: Avoiding spying via the microphone and camera [Was: Sharing dynamic informations between the user session and the greeter]

 

On Mon, Mar 10, 2014 at 1:13 PM, Matthew Paul Thomas <mpt@xxxxxxxxxxxxx> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Thomas Voß wrote on 10/03/14 09:34:
>>
>> On Mon, Mar 10, 2014 at 10:27 AM, Matthew Paul Thomas
>>> ...
>>>
>>> Jamie Strandboge wrote on 07/03/14 16:09:
>>>> ...
>>>>
>>>> Matthew, by your comments in this thread it seems design
>>>> requires a visual cue in the lock screen if audio/video is
>>>> recording (which sounds ok to me). Is this accurate?
>>>
>>> Not just the lock screen, but a background app in any situation.
>>> That's an interesting design constraint: normally you'd expect
>>> the cue to provide access to return to the app, but in the lock
>>> screen it shouldn't.
>>
>> ...
>>
>> With that: We do not have trusted helpers for recording of audio or
>> video. For that, a recording application is either in the
>> foreground and thus visible to the user, or in the background and
>> stopped or killed. The same applies for the lock screen: Only
>> operations provided by (trusted) helpers continue while the phone
>> is locked. All regular applications are stopped or killed when
>> enetering the locked state.
>>
>> Matthew/Jamie: Does that correspond to your understanding?
>>
>> ...
>
> That would result in you getting cut off a Skype call, for example,
> when the person you're talking to gets you to check your calendar. Or
> a recording app failing whenever you read the script or the music that
> you're trying to record. Assuming that gets fixed eventually, users
> would experience less churn if there was a single design for returning
> to phone calls before it's fixed, and returning to other recording
> apps after it's fixed.

I disagree here. We have spent a significant amount of time on our
lifecycle story and on establishing, implementing and supporting a
strict lifecycle policy on the phone. With that, I'm surprised by such
a statement. I would have expected that our designs by now are aligned
with such a fundamental platform decision.

At any rate: No matter if an application or a (trusted) helper is
accessing system services, I would think that we should put designs
that visually surface any sort of background operation to users.

Thomas


>
> - --
> mpt
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.14 (GNU/Linux)
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iEYEARECAAYFAlMdrF4ACgkQ6PUxNfU6ecr71wCfeoDVT49hx28R/kbRfdXUxZlG
> kSAAn03wQY9dIaKxhwylCX7dJ8FiqoCV
> =uNHH
> -----END PGP SIGNATURE-----


Follow ups

References