Tuesday, January 12, 2010

One Password to rule them all

I am notoriously bad at memorizing. If not, I might have gone to medical school and chosen a more lucrative career than Engineering... But as the number of online services I uses increases, so does the number of account username and password combinations. I try to standardize as much as I can on the same usernames(s) but some sites make this really hard by requiring strange and unusual conventions (name must be at least 8 characters long and include at least special character and number??? Whose name looks like that?) or by dictating that the username be whatever 10 digit number their database uses as the unique key for the account record. Same drama for the passwords, except that using a standard password everywhere has the added disadvantage that once the password is compromised, the attacker would have access to all my various online service accounts - if sHe could guess those bloody convoluted usernames... ;-)

Things got particularly bad for accounts, which I use very rarely and which have complicated account recovery procedures - typically hours spent in AVS and call-center limbo. I admit that I even committed the exemplary no-no of IT security 101: writing my username/passwd combinations on post-it notes! [Which is not as bad as it sounds, since our apartment is not a highly public place and if broken into, I would likely have bigger problems and hassles than changing a few account passwords.]

Before our recent move, I finally adopted a more reasonable strategy for password management and storage. I consolidated my post-it notes into Password Gorilla, which is a multi-platform application which uses the same secure storage file format as the Password Safe application. The original Password Safe application was designed by cryptographer and computer security expert Bruce Schneier - which hopefully should ensure that there are no obvious design-flaws in the encrypted storage format.

Since Password Gorilla has a built-in feature to easily auto generate a different random password for each entry it is really easy to choose unique and very strong passwords for each service. However then having reliably access to the database anywhere and at any time becomes crucial.

Using a format which is a quasi open-source standard, supported by many different applications on different platform, should increase the chance, that I would always be able to find an application somewhere to read and decode the password database, even if something really bad happened to my computer

A convenient way to keep both a backup copy of the database is to store it in the memory of my mobile phone and even better, to have access to passwords anytime on the road is to use an application which can open and decode the password file directly on the phone.

For a while, I have been using Android Password Safe - or rather a not yet released experimental version which allows to import/export an existing password database, which is absolutely essential for sharing the database between the phone and my main computer. However this has been the state for over a year now and it seems as if the author has abandoned the project.

I am glad to see that very recently a new version of a Password Safe compatible application has been released: PasswdSafe. It is a viewer only, which is perfectly fine for my use-case, where the master database is always on the computer at home and the phone is a read-only backup copy. Because it is read-only, the records are displayed nicely in a compact way, even with a quick way to show & hide the password itself.

Some additional features I would like to see is a timeout based auto-lock, which locks the database again after some time, if it is left open and a way to import/export databases into the phone's internal memory instead of reading them from the removable SD-card. Granted, all android phones can be "rooted", after which the user has unlimited access to the phone's internal memory as well through the USB serial-port, but put putting some additional effort before a potential attacker gets their hands on the password database can't hurt... Besides, half the battle is knowing when the database has been stolen - swapping an SD-card and/or quickly copying a file could be done in a few seconds, when the phone is left unattended.

Once a potential attacker has gained access to the password database, the weakest link to crack the database open is by guessing the master password. Since I need to be able to remember it, quite likely it has significantly less entropy than could be contained in a randomly chosen 128 or 256bit twofish key, used to encrypt the database.

But then, my accounts might not be worth the effort of even a systematic password cracking attack, in case somebody technically sophisticated enough manages to steal my phone - but if I were an anesthesiologist, this might be a different picture...


Sunday, January 10, 2010

G1 to Nexus One: a review

By any measure, the new Nexus One is a very nice phone: large brilliant display, high-performance CPU core, high-res digital camera, solid low-profile body. With this kind of hardware spec, the Nexus One establishes itself as the current flagship among Android phones. To my liking, it does not have a physical keyboard, which makes for a much more slim and solid feeling body than the G1 for example. In that sense the Nexus One is what I had hoped for in my original review of the early G1.

In the about 1.5 years since the G1 came out, Android has come a long way. 3 major releases of the platform have added important missing features like an on-screen soft-keyboard and helped harden the platform based on experience in the field. At the same time, developers have contributed a wide range of expected and unexpected applications, and learned how to write them so that they don't drain the battery within minutes.

There are now half a dozen or so Android phones on the market and many more in the pipeline. In particular HTC, previously a pure windows mobile shop, seems to be confident enough in the future of Android to release it on their most advanced hardware, a move which would certainly upset their strategic OEM partner Microsoft.

With the success of Android, there also comes the increasing risk of fragmentation into a plethora of mutually incompatible vendor and carrier specific versions. Due to the permissive nature of the Apache open-source license, this cannot really be avoided. By putting out the Nexus One as a leading example of"Android done right, according to Google", Google has now one more way to coerce the members of the open handset alliance to follow its lead and not produce restricted, proprietary and limited versions of Android. In the end it might matter less how many unlocked Nexus Ones Google actually sells, but the fact that they are available might have some effects in keeping carriers and vendors honest.

Compared to the G1, the Nexus One feels very snappy, thanks to the faster CPU and increased memory. While the G1 had physical buttons for standard android operations like "home", "back" or "menu", the Nexus One has dedicated touch buttons at the bottom of the screen. The green & red call control buttons are now missing, which means that all phone operations must be done from the touch-screen. While on the G1, pressing the call button always was a shortcut to launch the dialer, this has to be done explicitly on a Nexus One, either from the app panel or a home-screen shortcut icon. Instead the Nexus One has a dedicated "search" button, which shows the crucial importance of search in "Android according to Google" (more so than making a call, apparently...). Without the physical buttons command buttons, there is now the need for a dedicated on/off and sleep/wakeup button, which is awkwardly placed at the top edge of the phone. Since I always unlock/lock the phone before/after any usage, the location of this button is unergonomic for how I typically hold the phone and is a bit of a hassle. The Nexus One still has the trackball, which I hardly use and which takes up significant real estate on the phone and introduces potential fracture points in the casing (the faceplate of my G1 had cracked along the trackball opening in less than a year). I would happily trade it for sleep/wakeup button on the faceplate or simple reduce the size of the phone by as much.

The physical design of the Nexus One is low key and unspectacular: a flat, sleek shape with rounded edges. But it feels nice and solid in the palm of my hand - how a palmtop computer should feel like. Fortunately gone is the ugly and awkward "Android chin" of earlier HTC devices. So far the only flaw in the case is the somewhat sharp edge of the protruding camera lens.

The charger/USB port has changed from mini-USB on the G1 to the new standard micro-USB on the Nexus One, which unfortunately means that existing G1 chargers and USB cables cannot be reused.

On the software side, Android 2.1 offers gmail support for multiple accounts and a contact applications which can sync to multiple sources (multiple google accounts, facebook, exchange). The home screen application, app tray, dialer and contacts applications have received a significant redesign and face lift, but otherwise the changes are rather minor compared to Android 1.6 released not too long ago.

Overall, I am very happy with the Nexus one as an everyday phone. It is a very capable high-end consumer smartphone and probably the first Android based phone that is clearly in the same league as the IPhone.

Wednesday, January 6, 2010

Nexus One: the good, the bad and the ugly

So it doesn't cure cancer, solve world hunger or even global climate change - but it's still a pretty nice phone!

At first glance, the large, crisp high-res display get's all the Uhs and Ahs, including how snappy the UI responds thanks to the 1Ghz Snapdragon chipset. With its speed and responsiveness, the phone is a pleasure to use! The form-factor is thin, sleek with ergonomically rounded corners and lies well in the palm of ones hand. The teflon coated plastic case gives it a nice high-end feeling texture. The biggest improvement in software features for my use case is the ability to sync multiple accounts for the contacts and the gmail app - now I can get notifications for email arriving on any of my gmail accounts.

My only serious gripe so far is with the placement of the on/off button, which I need to press each time before and after using the phone. Its location at the top edge, is very un-ergonomic for single handed use - i.e. fishing the phone out of the pocket with one hand, turn on the display, balance it on the palm while using the thumb to swipe the unlock pattern and do the basic navigation. I am also not too thrilled about the protruding camera lens and the trackball, which I hardly ever use, distracting from an otherwise very slick and smooth case.

The hardware specs are probably at this point the most impressive of any phone on the market and the Nexus One should be a serious cure for iPhone envy among consumer-smartphone users who for one reason or another don't want to get an iPhone.