ubuntu-phone team mailing list archive

[Michi Henning <michi.henning@xxxxxxxxxxxxx>]

> > Sorry, but I keep thinking that if anyone who found a device which
> > is locked by a passcode, but SIM signed in, can accept any incoming
> > call, that this is a security issue.

Yeah, happens all the time, dunnit? Bad guy walks past just as the phone rings unattended, picks up the call, says "hello, who's there? Could you please tell me some compromising information about the owner of this phone? Name and bank details would be good."

That really is a serious security issue. We should immediately require 6-digit codes (at the very least) whenever the phone rings. Or, preferably, a pass-phrase. Because I'm totally happy to enter a lengthy password every time my phone rings. After all, I so enjoy the feeling of security that gives me. Never mind the occasional missed call because I couldn't get the password in quickly enough…

Michi.