Slashdot Mirror

← Back to Stories (view on slashdot.org)

Sonar Keyboard Logs You Out To Protect Your Data

Posted by CmdrTaco on from the i-just-had-to-pee dept.

Zothecula writes "While the simple act of logging off a workstation is an obvious way to protect sensitive data – like that used by healthcare providers, pharmacies, banks and government agencies – it is all too easy for users to forget and leave the data not only viewable, but also editable by anyone who happens to pass by. Custom keyboard supplier Key Source International (KSI) has developed a keyboard that does the remembering for you, logging out as soon as the user physically leaves the keyboard."

8 of 175 comments (clear)

  1. Re:Hey, I've got an idea. by Anonymous Coward · · Score: 3, Informative

    Rule 1: The weakest link in computer security is the user.
    Rule 2: See rule 1.
    Rule 3: See rules 1 and 2.

  2. Re:Hey, I've got an idea. by Sigmon · · Score: 5, Insightful

    I'm sure that would work GREAT in a hospital setting where a nurse keying in data has to jump up and run down the hall to a patient who is crashing..... and then gets fired because she forgot to log herself out on 3 occasions. /sarcasm

  3. What a great practical joke this would be. by olsmeister · · Score: 3, Interesting

    I think I'll sneak into the office and swap all the keyboards out with these.

  4. Re:Hey, I've got an idea. by ColdWetDog · · Score: 3, Interesting

    Simply instruct your employees on the importance of not leaving a workstation unsecured (i.e. locked, logged off, etc.). Use a 3-strike system, if you must. There really shouldn't be a need for such fancy equipment.

    In the end, though, I guess it comes down to whichever method of prevention is less expensive, or less time-consuming..

    Bigger problem: The whole concept of logging in / logging out doesn't work well for lots of people. Let's say I have to key some data in or look something up - OK, log into the system. I then have to move away from the terminal to do something (just a reminder to Slashdotter's - not everyone is physically chained to their desk nor locked in the basement all day). I do this day in and day out. If the system logged me out every time I moved away from the keyboard or I had to log out every time my head didn't block the screen I would be one annoyed camper.

    Sure, there are 'technical fixes' - use a laptop (doesn't work well if I'm standing), use a tablet (none one them yet work with clunky Enterprise software that will not be significantly upgraded in my lifetime), use a smart card system (we don't have one, aren't likely to get it). So yep, there are security holes all around the place but you always have the balance between security and usability.

    A more useful system, IMHO, would be one that automatically logged off every PC in a room after a motion detector noted a period of inactivity. We do have issues where people leave for the day, go into another area or just close the door and leave systems up. That's a much bigger attack surface than leaving a PC logged in with 8 other employees wandering around.

    --
    Faster! Faster! Faster would be better!
  5. IT Support? by mfh · · Score: 4, Insightful

    This is going to be nightmarish for IT and it will generate all kinds of useless calls as a result. My guess is we'll be seeing some people using duct tape over the sensors on the first day too, making these expensive keyboards totally useless, apart from being a great way to inflate IT budgets, to ensure they stay plump.

    --
    The dangers of knowledge trigger emotional distress in human beings.
  6. Re:Hey, I've got an idea. by hedwards · · Score: 3, Interesting

    There are solutions to that kind of problem. Basically you can have a wireless token. I've seen them advertised before where they automatically log you out as soon as the token gets out of range. It's not perfect, but fine for situations where you absolutely need to be logged out.

  7. Another alternative - bluetooth phone as a sensor by gQuigs · · Score: 3, Informative

    For linux:
    http://blueproximity.sourceforge.net/
    For Win:
    http://btprox.sourceforge.net/

  8. For linux users... by mmell · · Score: 3, Interesting
    Just use this script:

    #!/bin/bash

    #

    #####

    # Use 'hcitool scan' to find the MAC address of the desired bluetooth device

    MACADDR="00:00:00:00:00:00"

    STATE="$(hcitool name ${MACADDR})"

    if [ "${STATE}" = "" ] ; then

    echo "Bluetooth device not found at startup. Exiting..." >&2

    exit 1

    fi

    LOCK="UNSET"

    CHECK="$(ps -ef | grep gnome-screensaver | grep -v grep | cut -c49- )"

    if [ "${CHECK}" = "gnome-screensaver" ] ; then

    LOCK="gnome-screensaver-command -a"

    UNLOCK="gnome-screensaver-command -d"

    fi

    CHECK="$(ps -ef | grep xscreensaver | grep -v grep | cut -c49- )"

    if [ "${CHECK}" = "xscreensaver" ] ; then

    LOCK="xscreensaver-command -lock"

    UNLOCK="xscreensaver-command -deactivate"

    fi

    if [ "${LOCK}" = "UNSET" ] ; then

    echo "Supported screensaver not running" >&2

    exit 2

    fi

    SLEEP_TIME=15

    # Enter main loop

    while true ; do

    if [ "${STATE}" = "" ] ; then

    ${LOCK}

    else

    ${UNLOCK}

    fi

    sleep ${SLEEP_TIME}

    STATE=$(hcitool name ${MACADDR})

    done

    exit 0