i've done a fair bit of searching and found contradictory posts on this.

I would like to lock my device and have the screen and keys locked at the same time so that every time it is touched, the unlock device screen doesn't pop up - I don't think this is possible.

Does Locking the device put it into sleep mode?

How 'secure" is a locked device - I have a fair bit of personal data on mine

What is the most efficient way from a battery life perspective to set up the N800 for sleep, wifi time out, etc. ? If it's in sleep mode, doesn't the wifi shut down as well?

Thanks

I believe by default (no modding), when the device is locked (enter lock code) after the timeout you set in control panel to lock buttons after a certain time, it will occur.

But if you make edits to mce configuration, you can set it so a double press will softpoweroff. You then edit it to not make the device go offline and to lock the keypad.

When my device asks for the lock code, I just press power button twice which locks keypad and switches off screen.

If your personal data is on the internal memory (I don't mean built in memory card for N810) then the only way to get in afaik is if you forget code is to reflash device. Which wipes out data anyway.

I'm glad this camee up, been wanting to post on this myself. As a backpacker, that being the reason I swore off owning a lap/desktop in favor of an n800, I've been concerned about having an easily pick-pocketed deevice that contained access to so many of my accounts. Of course many apps can be set to prompt for password, but some can't. It seemed that the device lock was sure-fire and have wondered if I may have missed something that wwould allow a thief (or finder) access should I ever loose it.

The downside to having 12 character passwds with many caps, numerals, and specials is that trying to enter them each usee on the flaky touchscreen is an adventure unto itself <grin>

The device lock is decent; but if someone got your device, who knew Internet Tablets in particular and Linux in general, he might be able to get stuff off.

Known risk factors:

• Data on SD card
• Serial console enabled
• Running powerlaunch with default config
• Using factory passcode

Now I'm reaching, but figure I oughtta mention these guesses:

• Autoconnecting to WAPs and running ssh-server with easily guessable password
• Having trusted pairing with any BT device (whose MAC add. he might be able to get while/before he gets your N800)

Of course, there's always reflashing, and I think you can reflash the required parts of the device to gain access (e.g. enable serial console) without wiping the personal data, but few would know how.

I'm wondering that if the device is locked, and you remove and replace the battery, does it boot directly to desktop? (Or is it smart enough to remember it was in lock mode and asks password after boot?)

Another way to get data off is to flash fanoush's initfs and use telnet to mount rootfs and ssh to download files or even that /dev method of retrieving the code. This would require another tablet to generate a image however and linux knowledge to flash an initfs image on computer.

"# Having trusted pairing with any BT device (whose MAC add. he might be able to get while/before he gets your N800)"

I don't see this as a risk. It would mean having bluetooth enabled before locking and osso-systemmui-early which handles startup locking, has no bluetooth services running before it afaic.
Do bt file browsers work against the n800?
I guess if you leave bt on while locking the device while on, this could be a risk.
"# Autoconnecting to WAPs and running ssh-server with easily guessable password"

My n800 connects after desktop is loaded

But once again, this could work from a lock after booting while the n800 is still on.

It stays in lock-mode. Reflash wont change that either.

I'm pretty sure it remembers; can't readily check, as I'm powerlaunching...

I don't think I could ever trust a portable easily-lost linux device like my N800 to store sensitive data like banking passwords. There's just too many loopholes, too many potential back doors that I may not know about. Too many stories of naive engineers designing supposedly "secure" systems that are bypassed with ridiculous ease because they didn't consult any experts in cryptography and real-world security. I trust my sensitive data to just a few systems that use advanced cryptography and robust security schemes, and have been around for long enough and been popular enough to be well tested. Even then I assume that it's only secure against casual hacking, and that an expert who really wanted to break it and had the resources probably could.

Let me put it this way. If anybody has physical access to a computer, they have access. No matter how many barriers or passwords or encryption you use.

Just look at the recent news about getting info off of RAM (by freezing the RAM).