Threat is that the mobile devices could be used to 1) photograph proprietary systems, 2) exfil data over mobile networks or potentially introduce 3) malware via usb ports.
I don't really get how bolting the devices is a solution for enabling 2FA, unless the access console is also at the same location. But it would prevent 1) and 3).
As long as the table is bolted to the floor, you're replacing posession (of a phone) factor, with location (in SOC) factor. Keeps both client happy, and security architect sleeping soundly.
These are amazing efforts. I wish they would open source Firefox Send, I would love to continue the project. Let someone else take it over.
Many of these projects seem like they may have been funded by a specific donor, then when the donor got what they needed from the project, ended the funding?
> Many of these projects seem like they may have been funded by a specific donor,
Uhm, that's not the impression I got, as a total outsider. Things like FFSend or FFNotes were thought up as extensions to the browser model; others were attempts to cook up de-facto web standards (Persona, deuxdrop); others were just moonshots (FFOS).
In the early years, Netscape's needs definitely played a large part; after they got the Google money, though, they've mostly done things "because they could".
The costs of running a Send server probably exceed those of its source code alone, which makes it a tricky proposition to say "here's the source code" alone. I'm not familiar myself, but I imagine it looks the same as any other public non-P2P file sharing service:
I don't really get how bolting the devices is a solution for enabling 2FA, unless the access console is also at the same location. But it would prevent 1) and 3).