Chris Deadlock • almost 12 years ago
Proper security should be in place before this challenge
I understand that this challenge may be required to "sell" the system to the mint by having some "killer application" or such... But the proper way to do this would be to quell security concerns first:
The current android market is a problem because any application that has the External Storage permission could completely steal an entire mintchip balance. The way to handle this is an OS level "guard application" that would guarantee user confirmation before sending any Value Request messages to the mintchip hardware.
The only current secure way to keep a mintchip in your phone at all times, would be if this guard application was installed and prompted the user with confirmation for all mintchip transactions from third party apps. As far as I know, there is no way to limit "other apps" on the phone from getting permissions. This is up to the user (As far as I know)
So in essence, I think any applications made right now will not be compatable with the future inevitibility of the Guard Application. This guard application should be made first, and then all of our applications should be using a different API to communicate with this guard application, not direct to chip.
If the current API is kept, then it will severely limit the ability for the phone to install many apps. It will be the users responsiblity to not install ANY other apps with the External Storage permission, other than fully trusted mintchip apps. A very difficult feat indeed.
Comments are closed.