Slashdot Mirror


New Software Secures Data when Owners Walk Away

Makarand writes "Leave an operating laptop unattended on your desk and your sensitive data is accessible to anyone who gets hold of it. To limit this risk many users configure their systems to fall into a "sleep" mode after a period of inactivity and ask for a password before the system can be awakened. This constant re-authentication proves to be a headache for many users. Now a Professor and his graduate student at at the University of Michigan have come up with a system called Zero-Interaction Authentication (ZIA), described in this article in The Age, to protect data on mobile devices. The system works by starting to encrypt data the moment the owner walks away from the system. The owners wear a token with a encrypted wireless link with the laptop. If the token moves out of range the ZIA re-encrypts all data within 5 seconds. If the cryptographic token moves within range the system decrypts the information for the owner. The token, which could take many forms, is currently a wristwatch with a processor running Linux designed by IBM."

10 of 302 comments (clear)

  1. Would that be the J R R Token by cyber_rigger · · Score: 4, Funny

    That you wear on your finger? :^)

  2. Vulnerable to brute force cracking by commodoresloat · · Score: 5, Funny

    Gimme your watch, punk!

  3. Re:hmmm... by pboulang · · Score: 5, Funny

    ... or maybe some secretly hidden sequence of key presses?

    --

    This comment is guaranteed*

    *not guaranteed

  4. Re:Interesting article/research project by EverDense · · Score: 5, Funny

    Then you offer praise to whomever you worship that the company you work for didn't use
    finger print authentication. Its a lot easier to replace a stolen device than a stolen finger.

    --
    http://jesus.everdense.com/
  5. To save my hand... by wray · · Score: 5, Funny

    Let me use a ring, then I only lose a finger when someone wants access :~)

    --
    Guess what? I got a fever! And the only prescription.. is more cowbell!
  6. Re:wouldn't it make more sense by Cruciform · · Score: 5, Funny

    I'm soooo sorry about the wastebasket, Sir. You see they were serving East Indian cuisine in the caf and I forgot my watch today. And you know those locks on the bathroom doors... once again Sir, my apologies.

  7. Re:wouldn't it make more sense by FyRE666 · · Score: 5, Funny

    A good IT department will audit this (at least for the users that reside in the office... that goes for plain-view passwords, etc) and penalize users who do not [lock machine when leaving it unattended]

    I used to have great fun with people who did this at a previous job where the majority of machines were Sun/Linux. One guy constantly left his machine logged in, so I'd sneak over and drop the security on his X server (xhost +), then have great fun randomly opening apps on his machine across the room. Since he was a hardcore Windows man (he was working as a Perl programmer, and didn't have any interest in the operating system) he had no idea what was going on.

    Oh yeah, I also set up a cron job to open Netscape, pointed at the famous goatcx site at lunch every day on his machine for a while...

  8. Vulnerability already discovered! by wirelessbuzzers · · Score: 4, Funny

    It was discovered soon after the press release that the "zero interaction authentication" system was vulnerable to a transmission replay attack. This attack may prove fatal to the design; in any case, it should take a few years to get the kinks worked out, so don't expect it on your desktop any time soon.

    --
    I hereby place the above post in the public domain.
  9. Re:wouldn't it make more sense by Sheridan · · Score: 5, Funny
    but I have had serveral security related dongles and all of them were a pain in the arse.

    Dude, you're definitely wearing your dongle in the wrong place!

  10. Re:Use my technique by Surak · · Score: 4, Funny

    I keep all mission-critical and government-classified information on portable USB Flash DRAM-based storage devices. They're incredibly portable and can be brought to the gym, in the car, to work, back home, swimming, hiking, biking, etc.

    I think you had a typo.

    What you meant to say was
    "and can be LOST at the gym, in the car, at work, at home, swiming, hiking, biking, etc.