-
Notifications
You must be signed in to change notification settings - Fork 0
/
securitydialog.ui
64 lines (64 loc) · 3.62 KB
/
securitydialog.ui
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
<?xml version="1.0" encoding="UTF-8"?>
<ui version="4.0">
<class>securitydialog</class>
<widget class="QDialog" name="securitydialog">
<property name="geometry">
<rect>
<x>0</x>
<y>0</y>
<width>551</width>
<height>669</height>
</rect>
</property>
<property name="windowTitle">
<string>Dialog</string>
</property>
<widget class="QLabel" name="ST_SecurityTextLabel">
<property name="geometry">
<rect>
<x>30</x>
<y>20</y>
<width>491</width>
<height>601</height>
</rect>
</property>
<property name="text">
<string><html><head/><body><p align="center"><span style=" font-size:12pt; font-weight:600;">Security Information</span></p><p>Please read the following carefully.</p><p><span style=" font-weight:600;">PIN Protection</span></p><p>The Crypto Stick is protected by a user PIN and an admin PIN. Your user PIN can unlock the encrypted storage, password safe, smart card and (if enabled) the One-Time Passwords (OTP). OTPs aren't PIN-protected by default because they are used as a second factor only. The smart card is unlocked anytime the user PIN is entered, nomatter for which function. The admin PIN can be used to configure settings, to add or change entries. You must change the default PINs and keep them confidential. If the user PIN and admin PIN are entered wrongly three times each, or if the smart card has been reset to factory settings, all your sensitive data is lost irrevocably.</p><p><span style=" font-weight:600;">Physical Protection</span></p><p>All sensitive data is encrypted and secure against physical attacks. Ths doesn't apply to One-Time Passwords (OTP) because they are used as a second factor only. With physical access to the device (via JTAG interface), it might be possible to extract the OTP secrets. To prevent this attack, you could enable the device's security bit but it would disable the option to update the firmware.</p><p><span style=" font-weight:600;">Hidden Volumes</span></p><p>Hidden volumes require the mass storage initialized with random data. Hidden volumes are protected by the user PIN and a separate password which can be individual for each hidden volume. Without knowing these both credentials, the existance of the hidden volume can't be proven or disproven. The password for the hidden volume must be chosen strong and long enough to sustain a brute force attack. However, the hidden volume is stored on a flash storage with integrated wear leveling. This leaves the potential risk of leaking information to a sophisticated attacker which could reveal the existance of a hidden volume.</p></body></html></string>
</property>
<property name="alignment">
<set>Qt::AlignLeading|Qt::AlignLeft|Qt::AlignTop</set>
</property>
<property name="wordWrap">
<bool>true</bool>
</property>
</widget>
<widget class="QPushButton" name="ST_OkButton">
<property name="geometry">
<rect>
<x>390</x>
<y>630</y>
<width>75</width>
<height>27</height>
</rect>
</property>
<property name="text">
<string>OK</string>
</property>
</widget>
<widget class="QCheckBox" name="ST_CheckBox">
<property name="geometry">
<rect>
<x>51</x>
<y>633</y>
<width>331</width>
<height>20</height>
</rect>
</property>
<property name="text">
<string>I read and understood this security warning</string>
</property>
</widget>
</widget>
<resources/>
<connections/>
</ui>