OpenNote-Compose icon indicating copy to clipboard operation
OpenNote-Compose copied to clipboard

Published 20 hours ago verified publisher icon YangDai2003

App draws over system lock screen

Open joelpeapen opened this issue 9 months ago • 5 comments

App version: 1.5.2 Android: 13 Phone: Samsung M12

The app is still accessible after the screen is locked

https://github.com/user-attachments/assets/d6783ab6-53f6-43be-8209-8a688f4159f6

joelpeapen avatar Feb 16 '25 11:02 joelpeapen

This is an app feature, not a bug, and all note-taking apps should follow this specification. https://developer.android.com/develop/ui/compose/touch-input/stylus-input/create-a-note-taking-app

YangDai2003 avatar Feb 16 '25 21:02 YangDai2003

Can this be optional instead?

I don't see the use in having notes accessible to whoever has the phone; there's no privacy

joelpeapen avatar Feb 17 '25 02:02 joelpeapen

Can this be optional instead?

I don't see the use in having notes accessible to whoever has the phone; there's no privacy

would make sense, since there's a "screen portection" feature in the security tab. while i like to have this enabled i also do like how it is still there after locking the device. so maybe this could be made an extra option below "screen protection", lets see if this is gonna happen ^^

ghost avatar Feb 18 '25 14:02 ghost

I don't see any benefit to the app being available without unlocking the device.

This is an app feature, not a bug, and all note-taking apps should follow this specification. https://developer.android.com/develop/ui/compose/touch-input/stylus-input/create-a-note-taking-app

The specification states that granting access to notes should be opt-in:

Your app should show only historical notes if the user has consented (in the unlocked device state) to showing past notes. Otherwise, when opened from the lock screen, your app should always create a new note.

and also:

Warning: When launched from the device lock screen, your app must ensure user privacy.

In my opinion this feature is a significant privacy and security flaw.

At least the settings should be inaccessible. It is possible to remove the app password lock and export all notes using WebDAV while the device is locked.

ghost avatar Apr 13 '25 14:04 ghost

Locking the screen and having the notes still show is kind of akin to leaving your house and locking the door, but leaving every window wide open and without a screen. If this is a feature, then maybe it should be stated in the list of features, so those of us who want a more secure app can look elsewhere.

MistressRemilia avatar Apr 14 '25 21:04 MistressRemilia