The CyanogenMod team has announced the successful completion of CM Account code review and has revealed that the Google Android device manager-like functionality will be merged into the next nightly builds.
For those who are not aware of CM Account – it is a device finder like functionality, but without the risks associated with security on a central server. According to the CyanogenMod team CM Account is a more secure alternative to Google Android device manager as the code is open to public scrutiny and on top of that the data is encrypted such that only the phone and the browser can see it without the central server knowing anything. The server simply facilitates the transfer of encrypted data.
CyanogenMod teams explains on its CM Account page that similar services available from other vendors are inherently insecure as central servers have visibility of the data, which may enable not only company employees but hackers as well to access users’ location data and / or other information without users’ consent if the server itself is breached.
Those who are looking to build the application on their own “may be required to remove your account from your device and add it again”, notes the CyanogenMod team.
Addressing the security part of CM Account, CyanogenMod team has revealed that in case of a database hack, hackers will not be able to gain access to plain text passwords as they salt users’ “hashed password with a user-specific salt, and a server-specific salt.”
“The server-specific salt is not stored in the database. In this event, it would be practically impossible for someone to obtain your password, unless they know the server salt”, notes Chris Soyars.
Further, in case of a server hack, Soyars notes that the server doesn’t encrypt the messages and it doesn’t have enough information to create an encrypted message – so malicious and unauthorized remote wipes are out of the question. However Soyars notes that “The most an attacker could do is send a “password reset” message to your device, effectively rendering the find and wipe capabilities useless, until you log back in on the device.”
Finally taking up the case of passwords, Soyars notes that if they are compromised, attackers can remotely wipe or locate user’s phone, but it is up to the users to keep their passwords secure and not the project job.