ubuntu-phone team mailing list archive

[Sergio Schvezov <sergio.schvezov@xxxxxxxxxxxxx>]

On Wed, Nov 5, 2014 at 12:23 PM, Rodney Dawes <rodney.dawes@xxxxxxxxxxxxx>
wrote:

> On Wed, 2014-11-05 at 11:08 -0300, Sergio Schvezov wrote:
>
>
> > Additionally, since I never wanted people using --developer-mode
> > except for ci related tasks, a message has been added that says that
> > all security features may be lost if used on your device. This will be
> > more of a true case when the final security features for adb land into
> > the image. New emulator instances are also covered by this.
>
> My understanding is that the security features being added for adb are
> making this more false, not more true. Previously when adb always ran
> and always gave root, I would agree. But if adb will only be started
> when the screen gets unlocked, when this stuff lands, then
> --developer-mode should be just as secure as not having it enabled with
> PIN/password required for the phone locking.
>
> My understanding was that the devices running in the lab for CI will
> probably need a custom adb that does not have the screen lock
> requirements, otherwise communication with them won't work.
>
> Is that not true?
>

--developer mode in u-d-f was added for this reason. Some people (against
my judgement) started advertising it and now everyone uses it. In
retrospect I should of named it --ci-mode.

There is no custom adb, there's only one adb that behaves differently if
--developer-mode or --password is passed in when flashing.