Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

support biometrics/ app locking #24

Closed
gvoysey opened this issue Aug 16, 2020 · 7 comments
Closed

support biometrics/ app locking #24

gvoysey opened this issue Aug 16, 2020 · 7 comments
Labels
enhancement New feature or request

Comments

@gvoysey
Copy link

gvoysey commented Aug 16, 2020

I store personal and confidential information in my org documents.

As an enhancement, would you consider adding support for optionally requiring FaceID/TouchID/device PIN to unlock the app?
@amake
Copy link
Owner

amake commented Aug 16, 2020

That's an interesting idea. There is a Flutter plugin for that, so it could be doable:
https://pub.dev/packages/local_auth

I'm curious, though: how do you secure the file itself? Orgro doesn't store anything so the source file must be accessible through other means; if that's not locked down then adding a lock to Orgro isn't very meaningful.

@gvoysey
Copy link
Author

gvoysey commented Aug 16, 2020

while it is true that files.app doesn’t have faceID unlock the way some other applications do (yet), i do like having app locks when possible anyway.

My threat model here is overly curious people that I have temporarily loaned my phone to, not anything more truly secure than that until such time as files.app provides real support, perhaps in iOS 14 🤞

@amake amake added the enhancement New feature or request label Aug 17, 2020
@chrstfer
Copy link

You could have orgro encrypt sections per #33 and unlock/decrypt a given file's encrypted sections with biometrics (or a passcoce). That way you can store the keys in a safe app-specific storage location.

Added suggestion: You could also have orgro insert an elisp block which would decrypt the pgo'd text automatically when org-mode in emacs opens/runs the file. Not sure how to reconcile that with safely storing the key though. Maybe insert a password protected version as a comment within the elisp block and decrypt it?

@amake
Copy link
Owner

amake commented Apr 28, 2021

I don't see any API, at least in the Flutter package linked above, allowing use of biometrics to encrypt/decrypt or store values. All it offers is getting a boolean representing whether the user was recognized or not.

amake added a commit that referenced this issue Oct 28, 2022
@amake
Fix internal Flutter error scrolling doc while width constrained
b93803a 
```
══╡ EXCEPTION CAUGHT BY SCHEDULER LIBRARY ╞═════════════════════════════════════════════════════════
The following assertion was thrown during a scheduler callback:
Layer OffsetEngineLayer was previously used as oldLayer.
Once a layer is used as oldLayer, it may not be used again. Instead, after calling one of the
SceneBuilder.push* methods and passing an oldLayer to it, use the layer returned by the method as
oldLayer in subsequent frames.
'dart:ui/compositing.dart':
Failed assertion: line 110 pos 9: '<optimized out>'

Either the assertion indicates an error in the framework itself, or we should provide substantially
more information in this error message to help you determine and fix the underlying cause.
In either case, please report this assertion by filing a bug on GitHub:
  https://github.com/flutter/flutter/issues/new?template=2_bug.md

When the exception was thrown, this was the stack:
#2      _EngineLayerWrapper._debugCheckNotUsedAsOldLayer (dart:ui/compositing.dart:110:9)
#3      SceneBuilder.addRetained.<anonymous closure>.recursivelyCheckChildrenUsedOnce (dart:ui/compositing.dart:695:21)
#4      List.forEach (dart:core-patch/growable_array.dart:416:8)
#5      SceneBuilder.addRetained.<anonymous closure>.recursivelyCheckChildrenUsedOnce (dart:ui/compositing.dart:701:18)
#6      SceneBuilder.addRetained.<anonymous closure> (dart:ui/compositing.dart:704:7)
#7      SceneBuilder.addRetained (dart:ui/compositing.dart:707:6)
#8      Layer._addToSceneWithRetainedRendering (package:flutter/src/rendering/layer.dart:671:15)
#9      ContainerLayer.addChildrenToScene (package:flutter/src/rendering/layer.dart:1284:13)
#10     OffsetLayer.addToScene (package:flutter/src/rendering/layer.dart:1421:5)
#11     Layer._addToSceneWithRetainedRendering (package:flutter/src/rendering/layer.dart:674:5)
#12     ContainerLayer.addChildrenToScene (package:flutter/src/rendering/layer.dart:1284:13)
#13     ClipRectLayer.addToScene (package:flutter/src/rendering/layer.dart:1590:5)
#14     Layer._addToSceneWithRetainedRendering (package:flutter/src/rendering/layer.dart:674:5)
#15     ContainerLayer.addChildrenToScene (package:flutter/src/rendering/layer.dart:1284:13)
#16     OffsetLayer.addToScene (package:flutter/src/rendering/layer.dart:1421:5)
#17     Layer._addToSceneWithRetainedRendering (package:flutter/src/rendering/layer.dart:674:5)
#18     ContainerLayer.addChildrenToScene (package:flutter/src/rendering/layer.dart:1284:13)
#19     OffsetLayer.addToScene (package:flutter/src/rendering/layer.dart:1421:5)
#20     Layer._addToSceneWithRetainedRendering (package:flutter/src/rendering/layer.dart:674:5)
#21     ContainerLayer.addChildrenToScene (package:flutter/src/rendering/layer.dart:1284:13)
#22     OffsetLayer.addToScene (package:flutter/src/rendering/layer.dart:1421:5)
#23     Layer._addToSceneWithRetainedRendering (package:flutter/src/rendering/layer.dart:674:5)
#24     ContainerLayer.addChildrenToScene (package:flutter/src/rendering/layer.dart:1284:13)
#25     TransformLayer.addToScene (package:flutter/src/rendering/layer.dart:1914:5)
#26     ContainerLayer.buildScene (package:flutter/src/rendering/layer.dart:1097:5)
#27     RenderView.compositeFrame (package:flutter/src/rendering/view.dart:231:37)
#28     RendererBinding.drawFrame (package:flutter/src/rendering/binding.dart:514:18)
#29     WidgetsBinding.drawFrame (package:flutter/src/widgets/binding.dart:869:13)
#30     RendererBinding._handlePersistentFrameCallback (package:flutter/src/rendering/binding.dart:375:5)
#31     SchedulerBinding._invokeFrameCallback (package:flutter/src/scheduler/binding.dart:1271:15)
#32     SchedulerBinding.handleDrawFrame (package:flutter/src/scheduler/binding.dart:1200:9)
#33     SchedulerBinding._handleDrawFrame (package:flutter/src/scheduler/binding.dart:1058:5)
#34     _invoke (dart:ui/hooks.dart:145:13)
#35     PlatformDispatcher._drawFrame (dart:ui/platform_dispatcher.dart:338:5)
#36     _drawFrame (dart:ui/hooks.dart:112:31)
(elided 2 frames from class _AssertionError)
════════════════════════════════════════════════════════════════════════════════════════════════════
```
@amake
Copy link
Owner

amake commented Dec 13, 2023
edited
Loading

I don't think it makes sense to require biometrics or authentication merely to open the app or view plain text files.

But it would make sense to have biometric auth in order to protect e.g. a private key stored in Orgro for decrypting content (see #33).

Relevant libraries:

@amake amake mentioned this issue Feb 19, 2024
Open
@amake
Copy link
Owner

amake commented Sep 17, 2024

In iOS 18 you can now set any app to require biometrics in order to open. I think for the purposes of this request it makes a lot more sense as an OS-level feature, so hopefully stock Android will follow suit.

@gvoysey
Copy link
Author

gvoysey commented Nov 2, 2024

happy to close this out (for iOS) since ios 18.x does this now already.

@gvoysey gvoysey closed this as completed Nov 2, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@chrstfer @amake @gvoysey