Schneier On Un-Authentication

← Back to Stories (view on slashdot.org)

Schneier On Un-Authentication

Posted by CmdrTaco on Monday September 28, 2009 @03:51AM from the gimme-back-my-keys dept.

Trailrunner7 writes "Bruce Schenier writes on Threatpost.com: 'In computer security, a lot of effort is spent on the authentication problem. Whether it is passwords, secure tokens, secret questions, image mnemonics, or something else, engineers are continually coming up with more complicated — and hopefully more secure — ways for you to prove you are who you say you are over the Internet. This is important stuff, as anyone with an online bank account or remote corporate network knows. But a lot less thought and work have gone into the other end of the problem: how do you tell the system on the other end of the line that you are no longer there? How do you un-authenticate yourself? My home computer requires me to log out or turn my computer off when I want to un-authenticate. This works for me because I know enough to do it, but lots of people just leave their computer on and running when they walk away. As a result, many office computers are left logged in when people go to lunch, or when they go home for the night. This, obviously, is a security vulnerability.'"

13 of 336 comments (clear)

Min score:

Reason:

Sort:

Effective way to keep screens locked by stefanb · 2009-09-28 03:52 · Score: 4, Funny

A bank I did some consulting work for had a very effective cultural rule to force people to lock their machines when they left their desks: if you find an unlocked machine, pull up the email client and send a message to everyone: "today's my birthday, drinks on me after work!" (other NSFW messages left to the readers imagination.)
Apparently, very few people left their machines unlocked more than once...
1. Re:Effective way to keep screens locked by aardwolf64 · 2009-09-28 04:11 · Score: 5, Funny
  
  Of course, the fun rose exponentially when two people had their machines unlocked. I would frequently carry on a whole phantom conversation.
  "Hey, let's go to lunch tomorrow"
  "I can't, I have to wax my hamster"
  "I didn't know you had a hamster"
  "..."
2. Re:Effective way to keep screens locked by Anonymous Coward · 2009-09-28 04:33 · Score: 1, Funny
  
  I make a screenshot of the desktop and use that as new wallpaper.
3. Re:Effective way to keep screens locked by HAKdragon · 2009-09-28 04:41 · Score: 3, Funny
  
  The real fun is to create a new folder before doing the screenshot and then deleting it right after.
  
  --
  "Our opponent is an alien starship packed with atomic bombs. We have a protractor."
4. Re:Effective way to keep screens locked by Anonymous Coward · 2009-09-28 05:46 · Score: 3, Funny
  
  I was 17 and stupid
  Well, at least you aren't 17 anymore. 1 out of 2 isn't bad.
5. Re:Effective way to keep screens locked by lkl · 2009-09-28 06:13 · Score: 2, Funny
  
  One morning at the office all the files in the home directory of a colleague were missing. After digging around a bit he concluded that someone had apparently mkdir ~/.remember_to_log_out mv ~/* ~/.remember_to_log_out
6. Re:Effective way to keep screens locked by vegiVamp · 2009-09-28 07:41 · Score: 2, Funny
  
  Yep, did that. Also changed win.ini to have shell=clock.exe.
  
  --
  What a depressingly stupid machine.
MS solved this problem, but removed it with W2K+ by Tumbleweed · 2009-09-28 04:19 · Score: 4, Funny

Windows 95/98/ME had a built-in solution to this problem, but MS removed it in the Win 2K and newer. They simply had the machine crash every 2 hours. Heavy handed, sure, but it worked.
It still works in XP by davidwr · 2009-09-28 04:34 · Score: 3, Funny

At least it does on my compu[BSOD graphic goes here]

--
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
1. Re:It still works in XP by CannonballHead · 2009-09-28 05:27 · Score: 3, Funny
  
  that's cool, your BSOD also pushes preview/submit automatically. :)
2. Re:It still works in XP by Anonymous Coward · 2009-09-28 06:07 · Score: 1, Funny
  
  Button-pushing Screen O' Death
Re:I lock my computer when I walk away by Ephemeriis · 2009-09-28 04:45 · Score: 4, Funny

Then make the lock at 11 minutes or u can give your mouse a click while u re talking.Doesnt sound that hard.U just have to adopt.
But... I don't want any more children.

--
"Work is the curse of the drinking classes." -Oscar Wilde
In the Marine Corps... by RingDev · 2009-09-28 05:51 · Score: 3, Funny

Any time someone left a machine unlocked in the MC we would pounce on it. It would take less than 2 minutes to get emails out to the appropriate members of the chain of command to volunteer the Marine for every shit duty we could find (and swap his or her desktop background screen saver to something highly entertaining or inappropriate).
-Rick

--
"Most people in the U.S. wouldn't know they live in a tyrannical state if it walked up and grabbed their junk." - MyFirs