ubuntu-phone team mailing list archive

[Benjamin Zeller <benjamin.zeller@xxxxxxxxxxxxx>]

Am 12.02.2015 um 09:00 schrieb Joey Chan:
> Here's my idea:
>
> add a "trust" setting to developer mode, which let the adb 
> automatically enabled only if phone connect to a trust machine.
> 1. enable developer mode;
> 2. connect USB cable;
> 3. dialog to ask "trust this machine?" options are "always", "only 
> once" or "no" ;
> 4. an unique ID will appear in the "trust" list ;
> 5. next time when connect to USB, adb will be activated if "always 
> trusted"

Well its a good idea, but personally I would want this as a additional 
feature. So if you want to trust the machine, go to the
developer mode settings and press "Always trust connected machine". 
First I would like the dialog to be easy and small and
I kind of dislike the idea of having a huge list of trusted machines I 
need to maintain.


> 2015-02-12 15:52 GMT+08:00 Benjamin Zeller 
> <benjamin.zeller@xxxxxxxxxxxxx <mailto:benjamin.zeller@xxxxxxxxxxxxx>>:
>
>     Am 12.02.2015 um 08:48 schrieb Joey Chan:
> >     Maybe show more necessary info about the USB connection, just
> >     like Android & IOS, "USB connected, do you trust this machine ?
> >     xx:xx:xx:xx:xx:xx(mac or sth else)"
>
>     Yeah that can be done I guess, but is that really necessary? If I
>     plug in the USB cable by hand I know what machine I'm connecting
>     to right? And if I don't trust
>     the machine I should not plug in my phone at all :) or select
>     "charge only" mode.
>
>
> >     2015-02-12 15:31 GMT+08:00 Benjamin Zeller
> >     <benjamin.zeller@xxxxxxxxxxxxx
> >     <mailto:benjamin.zeller@xxxxxxxxxxxxx>>:
> >
> >         Hello all,
> >
> >         currently we have the following situation on the phone:
> >
> >         1. If developer mode is disabled, you can not connect to ADB.
> >         2. If developer mode is enabled by hand in the settings, you
> >         can connect to ADB
> >             only if the screen is on and unlocked.
> >         3. If developer mode is enabled by setting the
> >         --developer-mode switch while
> >             flashing you can always connect to ADB.
> >
> >         I think 2 and 3 are both solutions that work but should not
> >         stay forever. Especially nr 2 because
> >         its hard to understand whats happening if its not explained
> >         to you. And even if there is documentation
> >         about it, its hard to miss.
> >         Nr 3 is problematic, if you are a developer you probably will
> >         flash your device with that switch
> >         but by that open it up to the entire world. Why should we not
> >         provide security for developers as well?
> >
> >         Instead the proposal would be to drop 2 and 3, but instead do
> >         the following:
> >
> >         If developer mode is enabled (in system settings manually or
> >         with the --developer-mode switch) adb is
> >         disabled as long as there is no USB plugged in. When the user
> >         plugs in the usb cable a dialog pops up
> >         that asks the user:
> >
> >         "USB connected, choose the mode you want to use: Developer
> >         mode, Data transfer, Just charging".
> >         The user can of course only choose the mode AFTER he has
> >         unlocked the device at least once.
> >         ADB now stays enabled until the USB cable is removed.
> >
> >         Any thoughts about this?
> >
> >         Benjamin
> >
> >         -- 
> >         Mailing list: https://launchpad.net/~ubuntu-phone
> >         <https://launchpad.net/%7Eubuntu-phone>
> >         Post to     : ubuntu-phone@xxxxxxxxxxxxxxxxxxx
> >         <mailto:ubuntu-phone@xxxxxxxxxxxxxxxxxxx>
> >         Unsubscribe : https://launchpad.net/~ubuntu-phone
> >         <https://launchpad.net/%7Eubuntu-phone>
> >         More help   : https://help.launchpad.net/ListHelp