ubuntu-phone team mailing list archive

[Jamie Strandboge <jamie@xxxxxxxxxxxxx>]

On 08/20/2014 09:47 AM, Sergio Schvezov wrote:
> On miércoles 20 de agosto de 2014 11h'35:15 ART, Martin Pitt wrote:
>> Another question: If your goal is to lock down the device, why do we
>> start adb by default? It would make much more sense to only enable
>> that on demand -- when you use your phone, all you (should) need is
>> MTP, an always running adbd allows you to circumvent the PIN
>> restriction and access all your data anyway. It's thus still a
>> security hole.
> 
> Disabling adb on default installs is one line of code removal away; I thought it
> would be less of a pain to wait for ogra to finish his work before doing that.
> 
> Additionally, adb won't start unless you setup some form of authentication, be
> it PIN or passphase (which is part of what ogra is working on too).
> 

Furthermore,
https://wiki.ubuntu.com/SecurityAndPrivacySettings/ProtectingUserData may be of
some help as it provides a higher level view on how everything is supposed to
work together.

-- 
Jamie Strandboge                 http://www.ubuntu.com/

Attachment: signature.asc
Description: OpenPGP digital signature