I need a device to:
- Hold passwords and other personal information that I can read and type into another device. (Yes it is slow and error-prone. But it is secure from everything except key-loggers, and can be used everywhere without dependency on net connection, third-party software, or trust of some cloud provider.)
- Secure this information from loss or theft should the device be lost, destroyed, or stolen.
- Be self contained and the information be easy to view and edit on the device.
The device I have been using for this is an old Palm m515 I carry wherever I go, but it is at the end of its working life. The modern equivalent is a smartphone. It is pocketable, has a screen, you can type into it and has a wired physical connection to back up through. It is also has a CPU powerful enough so that with the right software it could do on-the-fly encryption so the information is kept on the device in a safe manner, yet with the right credentials (master password kept between the ears) can edit and display it. But there are many more vectors for attack on such a device, both from within the device software itself, and through mobile data/WiFi/Bluetooth, things the M515 was too primitive for, or just didn't have. Enter Ubuntu Touch. Now it seems to me Touch is at a point in its development where it will run well enough on say a Samsung S3 to be stable, but can knobble the radio communication part of the device sufficiently to remove any possibility of them to be a security threat vector. There would also need to be the ability to view the encrypted file on a PC should the device be unavailable, but this would only be used in emergency as there is the possibility of attack on the master password via a key-logger on the PC. The question is: Is there software that will provide the encryption described with the use-case of password entry first, then view, edit, save, and back up the encrypted info through the USB to PC and cloud?