Slashdot Mirror

← Back to Stories (view on slashdot.org)

Smart Gun Inspires Smart Mouse Authentification System

Posted by samzenpus on from the give-it-a-squeeze dept.

dcblogs writes Defense contractor Raytheon has received a patent for a mouse that has a biometric pressure grip. It believes the pressure grip, as a form of authentication, will be particularly hard to defeat because it works from a neurological pattern versus a physical pattern, such as a facial scan. "It's not just how much pressure you exert on the mouse itself, but it's also the x-y coordinates of your position," said Glenn Kaufman, a cybersecurity engineer. The approach was inspired by similar pressure grips used in smart guns.

4 of 60 comments (clear)

  1. I hold my mouse differently as the day goes on. by Maxo-Texas · · Score: 5, Insightful

    It hurts the palm of my hand to hold it the same way all the time.

    Even beside that, testing it just now, my hand moves all over the thing and is in a different position each time I let go and put it back from typing.

    I don't understand how this is practical. A facial or retinal scan seems more reliable, can use your existing generic camera so no need for a custom mouse.

    --
    She was like chocolate when she drank... semi-sweet at first and then increasingly bitter.
  2. Re:Carpal Tunnel Syndrome by Teresita · · Score: 4, Insightful

    Mouse authentication implies a GUI, which implies the most serious application that would request the verification is Facebook.

  3. Trivially defeated by Anonymous Coward · · Score: 4, Insightful

    From the article: "The information needed for a retina scan, for instance, can be stolen from a doctor's office..."

    And the information about how some VIP handles his mouse, can be stolen form either his mouse or the computer that gets biometric data from that mouse.

    This is basically a password that cannot be changed. Just like fingerprints and retina scans. And all these things can be faked so easily. You don't bother with a false fingerprint or "a practiced mouse grip pattern". No, you replace the device (mouse or fingerprint reader) and fake the digital output from the authentication device. This is much easier.

    A keylogger device steals keypresses - in the hope of finding a password. A similar logging device can log communication from a fancy mouse, or finger/retina scanners. After that, the signals can be faked with no need to actually grip a mouse or present a finger/eye.

    And it won't matter if the mouse use some cryptographically safe protocol to communicate with the computer. When I plant my logging bug, I won't need to intercept mousecomputer communication. I intercept communication from the sensor system to the mouse electronics. That way, I get the "signature" before it is processed and possibly encrypted. Easy when you know electronics and programming - which enough people do. After that, the grip signature can be superimposed on my mouse movements when I abuse this tossers "safe computer". Possibly using remote control from a different location.

    A hassle to set up, but only the first time. Similiar to how DeCSS took some work to pull off - but now it is everywhere. And it will be done for the first time when the incentive is there - such as a bank protecting their transaction computers with this. And then the hack goes on the black hat market . . .

  4. Even the summery says it sould not be patented by Anonymous Coward · · Score: 0, Insightful

    Defense contractor Raytheon has received a patent for a mouse that has a biometric pressure grip.

    ...

    The approach was inspired by similar pressure grips used in smart guns.

    In other words, they are directly copying prior art without adding any innovation and is therefore not patentable.