Slashdot Mirror
New Software Secures Data when Owners Walk Away
Makarand writes "Leave an operating laptop unattended on your desk and your sensitive data
is accessible to anyone who gets hold of it. To limit this risk many users
configure their systems to fall into a "sleep" mode after a period of inactivity
and ask for a password before the system can be awakened. This constant re-authentication
proves to be a headache for many users. Now a Professor and his
graduate student at at the University of Michigan have come up with a system
called
Zero-Interaction Authentication (ZIA),
described in this article in The Age,
to protect data on mobile devices.
The system works by starting to encrypt data
the moment the owner walks away from the system. The owners wear a token with
a encrypted wireless link with the laptop. If the token moves out of range the ZIA
re-encrypts all data within 5 seconds.
If the cryptographic token moves within range the system decrypts the information for the
owner.
The token, which could take many forms, is currently a wristwatch with a processor
running Linux designed by IBM."
Software walks away after owner has been secured!
That you wear on your finger? :^)
Gimme your watch, punk!
I have a v8 engine block set to fall on my hard disk if I'm away for more than five minutes (3 minute walk to fridge(coke!) and back)!!!
Your security is nothing compared to that!!!!!
You can't judge a book by the way it wears its hair.
... or maybe some secretly hidden sequence of key presses?
This comment is guaranteed*
*not guaranteed
Then you offer praise to whomever you worship that the company you work for didn't use
finger print authentication. Its a lot easier to replace a stolen device than a stolen finger.
http://jesus.everdense.com/
So in your scenario, the big bad neighborhood bully beats the nerd to a pulp, and then logs on for some kernel hacking or something?
I can just see it now. Using "TOKEN SNORT" while "TOKEN DRIVING" around the office cubes to pop open your co-workers workstation and send "I'm an idiot messages" To: Staff From: co-worker..
If it's an RF solution probably not very secure. On the other hand an IR emitting badge around the neck of the user could work.
Let me use a ring, then I only lose a finger when someone wants access :~)
Guess what? I got a fever! And the only prescription.. is more cowbell!
Are you Eric Raymond?
Yeah, great.
Four whiskeys later, and you've locked yourself out of your computer for the next 8 hours.
This would ruin pr0nsurfing as we know it....
-- Experience is a wonderful thing. It enables you to recognize a mistake when you make it again.
You know, common movie elements won't understand this "token wristwatch that has a Linux-running microprocessor" thing, so let's dumb it down. How about he gets clubbed in order to get a piece of metal that has been engraved in some semi-random form so that when it's placed into its reader, it causes a door to be unlocked.
I know... call it The Key
Like putting a bell on the cat. "Pat your manager on the back" and then you can rest assured surfing freely knowing that the next time he comes within 15 feet of your desk, a browser window will open maximized pointed to http://java.sun.com.
Or tag the girlfriend and always hide the pr0n!
I'm soooo sorry about the wastebasket, Sir. You see they were serving East Indian cuisine in the caf and I forgot my watch today. And you know those locks on the bathroom doors... once again Sir, my apologies.
The could make a master token for the CEO, one ring to rule them all!
A good IT department will audit this (at least for the users that reside in the office... that goes for plain-view passwords, etc) and penalize users who do not [lock machine when leaving it unattended]
I used to have great fun with people who did this at a previous job where the majority of machines were Sun/Linux. One guy constantly left his machine logged in, so I'd sneak over and drop the security on his X server (xhost +), then have great fun randomly opening apps on his machine across the room. Since he was a hardcore Windows man (he was working as a Perl programmer, and didn't have any interest in the operating system) he had no idea what was going on.
Oh yeah, I also set up a cron job to open Netscape, pointed at the famous goatcx site at lunch every day on his machine for a while...
Code, Hardware, stuff like that.
it's mostly a moral issue, really. with a big knife it's very easy to steal either or both.
It was discovered soon after the press release that the "zero interaction authentication" system was vulnerable to a transmission replay attack. This attack may prove fatal to the design; in any case, it should take a few years to get the kinks worked out, so don't expect it on your desktop any time soon.
I hereby place the above post in the public domain.
something you have: a memory of a password
something you know: a password
something you are: an animal with a brain that stores passwords
Dude, you're definitely wearing your dongle in the wrong place!
I keep all mission-critical and government-classified information on portable USB Flash DRAM-based storage devices. They're incredibly portable and can be brought to the gym, in the car, to work, back home, swimming, hiking, biking, etc.
I think you had a typo.
What you meant to say was
"and can be LOST at the gym, in the car, at work, at home, swiming, hiking, biking, etc.
My journal has hot
The best way I have seen to enforce is through a little social engineering known as baggy pantsing
People usually fall for this trick exactly one-time.
Has anyone seen my pants?
Oh, hahaha! It is so fun to abuse the norms on Windows! Cretins, why don't they embrace our hilarious operating system which allows such cunning exploits as showing porn at lunc time, not to mention intuitive prevention from them! Just open a terminal, change directories to /bin/ and sudo -c chmod 500 me.mygroup xhost lol!
Hey freaks: now you're ju