•   almost 12 years ago

Proper security should be in place before this challenge

I understand that this challenge may be required to "sell" the system to the mint by having some "killer application" or such... But the proper way to do this would be to quell security concerns first:

The current android market is a problem because any application that has the External Storage permission could completely steal an entire mintchip balance. The way to handle this is an OS level "guard application" that would guarantee user confirmation before sending any Value Request messages to the mintchip hardware.

The only current secure way to keep a mintchip in your phone at all times, would be if this guard application was installed and prompted the user with confirmation for all mintchip transactions from third party apps. As far as I know, there is no way to limit "other apps" on the phone from getting permissions. This is up to the user (As far as I know)

So in essence, I think any applications made right now will not be compatable with the future inevitibility of the Guard Application. This guard application should be made first, and then all of our applications should be using a different API to communicate with this guard application, not direct to chip.

If the current API is kept, then it will severely limit the ability for the phone to install many apps. It will be the users responsiblity to not install ANY other apps with the External Storage permission, other than fully trusted mintchip apps. A very difficult feat indeed.

  • 3 comments

  •   •   almost 12 years ago

    It's fortunate this is only an R&D project then.

  •   •   almost 12 years ago

    Even if it is just a trial, it should be done right.

    I think it would be unfortunate if a gatekeeper application ends up being required. It would limit MintChip versatility, particularly in terms of platforms.

    The guard software would also be a natural target for attack.

  •   •   almost 12 years ago

    Well the gatekeeper just needs to make sure to pop up a confirmation for the user so they know that something is being sent to their mintchip, it needs OS level integration (unless there is a way i dont know of to prevent other apps from acquiring permissions)

    It is not unfortunate, it is just a necessity if people are going to want to still be able to install tons of random apps from the marketplace and still be safe

Comments are closed.