Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security

New Software Secures Data when Owners Walk Away 304

Makarand writes "Leave an operating laptop unattended on your desk and your sensitive data is accessible to anyone who gets hold of it. To limit this risk many users configure their systems to fall into a "sleep" mode after a period of inactivity and ask for a password before the system can be awakened. This constant re-authentication proves to be a headache for many users. Now a Professor and his graduate student at at the University of Michigan have come up with a system called Zero-Interaction Authentication (ZIA), described in this article in The Age, to protect data on mobile devices. The system works by starting to encrypt data the moment the owner walks away from the system. The owners wear a token with a encrypted wireless link with the laptop. If the token moves out of range the ZIA re-encrypts all data within 5 seconds. If the cryptographic token moves within range the system decrypts the information for the owner. The token, which could take many forms, is currently a wristwatch with a processor running Linux designed by IBM."
This discussion has been archived. No new comments can be posted.

New Software Secures Data when Owners Walk Away

Comments Filter:
  • by drDugan ( 219551 ) on Wednesday December 18, 2002 @10:12PM (#4920409) Homepage
    would it not be more sensible to make the token a passive device, like one with an RFID

    I'm not an expert in encryption, but I have had serveral security related dongles and all of them were a pain in the arse.

    it would seem that there are technologies (I've read about) that can return specific information passively when hit with specific radio frequencies. Wouldn't these be more easily used than a powered device like a watch?

    Anyone else know more about these technologies?

    • I think the problem with rfids in a security environment is that anyone with a reader could query the device as you walked by, and would have your encryption keys (or token id, or whatever), and could probably reproduce them without too much grief...rf tags can't perform authentication, as far as I'm aware..


      • I think that my thought was that the
        (hypothetical) passive device return a different
        signal dependant on the signal recieved, not
        simply the same one each time. ...

        The more I think about it, the more it sounds
        like such an action would require an
        "active" (ie powered) device to accomplish
        this.

        but since I don't understand how RFIDs work
        at all, the question still stands... could
        it work with a passive (non-powered) device?

        • Well, I'm only an armchair cryptanalyst, but to the best of my knowledge you need some kind of challenge-response system in order to ensure that everyone is who they say they are. That pretty much eliminates any passive system, unless there are some wacky theoretical mathematics I don't understand...
    • by LostCluster ( 625375 ) on Wednesday December 18, 2002 @10:36PM (#4920560)
      RFIDs are "dumb" devices. They're like your EZ-Pass in your car, when a radio beam passes through them, they alter the beam to add their "signature" which is uniquely identifyable. This is useful for identity, but nonsense for encryption. The problem is that if you are within range to "hear" the signal, you get the ID and enough to make a duplicate token. Tardly the model for security. There's no place for encryption here... whatever value is broadcast is the key value. By requring the token to have a microprocessor, the key never gets broadcast. It's an encrypted conversation between the station and the token, which if properly implemented makes it impossible to have a duplicate token take its place.
      • > [RFIDs are] useful for identity, but nonsense for encryption

        I don't know much about RFID's, but I think you're probably right. Here's a question: wouldn't it be possible to capture someone else's EZ-Pass ID then and then replay it? If it is possible, how come no one has (apparently) done it?

        I think the key take-away from this article is not so much its implementation as the idea: 1. the mobile device somehow identifies its owner, 2. when the owner is not around, then the mobile device becomes useless.

        If RFID's aren't the way to accomplish (1), then people in the future just need to think about the way to accomplish it in a different way.
    • I'm not an expert in encryption, but I have had serveral security related dongles and all of them were a pain in the arse.

      Which is why most users would just leave the dongle next to the PC with the sticky note that has all of their passwords on it.

      User's need to be in the habit of locking the workstation when they leave it. A good IT department will audit this (at least for the users that reside in the office... that goes for plain-view passwords, etc) and penalize users who do not (give them a slow POS or something with a ton of dead pixels). Soon, it will be a subconscious task that is performed before the PC is left. Add a hard drive password (laptop only?) or a drive encryption mechanism (like Safeguard [utimaco.com] and the data is more secure than it would be with a dongle.
      • That's why you want a wireless dongle. The user wears the device or has it in their pocket all the time. Most users aren't in the habit of leaving their wallet and keys by the sticky note, and they don't do that with their non-security-related watches. Of course, the wireless device has to be active, because passive ones are trivial to clone, which is why this is a watch and not a card.
      • by LostCluster ( 625375 ) on Wednesday December 18, 2002 @11:04PM (#4920707)
        If you unify the office security systems, then the system can require you be wearing your watch in order to unlock the bathroom door... if you left your watch at your desk while you go to the bathroom, you have to go back and get it.

        People will carry their key with them if it's required to do everything they want to do away from their desk too.
      • by FyRE666 ( 263011 ) on Thursday December 19, 2002 @12:06AM (#4920928) Homepage
        A good IT department will audit this (at least for the users that reside in the office... that goes for plain-view passwords, etc) and penalize users who do not [lock machine when leaving it unattended]

        I used to have great fun with people who did this at a previous job where the majority of machines were Sun/Linux. One guy constantly left his machine logged in, so I'd sneak over and drop the security on his X server (xhost +), then have great fun randomly opening apps on his machine across the room. Since he was a hardcore Windows man (he was working as a Perl programmer, and didn't have any interest in the operating system) he had no idea what was going on.

        Oh yeah, I also set up a cron job to open Netscape, pointed at the famous goatcx site at lunch every day on his machine for a while...
        • Oh, hahaha! It is so fun to abuse the norms on Windows! Cretins, why don't they embrace our hilarious operating system which allows such cunning exploits as showing porn at lunc time, not to mention intuitive prevention from them! Just open a terminal, change directories to /bin/ and sudo -c chmod 500 me.mygroup xhost lol!
    • by cybermace5 ( 446439 ) <g.ryan@macetech.com> on Wednesday December 18, 2002 @11:09PM (#4920721) Homepage Journal
      As the previous poster pointed out, RFID is relatively easy to snoop on.

      One of my major peeves is the RFID card that gets me into work every morning. In certain stores, my RFID card returns a code that sets off their RF tag detectors at the door. Usually I remember, pull out my wallet, and hold it over my head while walking through. Once I forgot at Fleet Farm (basically a giant general store, like Home Depot with tractor parts) and I set off the alarm. Of course someone came to visit me, and it was especially embarrassing because I was wearing a big coat and didn't buy anything. She handed me a little piece of cardboard called a "Schlage Shield" and said to put it in my wallet. No more alarm.

      Worked great, except that opening the door at work involved putting down my coffee, laptop, and lunch to get out the RF card (instead of conveniently pressing my butt against the door). So I took it out, and promptly set off a Barnes & Noble alarm. No one seemed to care, so I just pulled out my wallet and walked through with the wallet over my head again.

      ANYWAY...the point is that RFID tags are barely more secure than keeping a post-it note with an access code.

      I am curious exactly what my card claims to be on the store scanners....

      And the whole article is a duplicate.
    • Anyone else know more about these technologies?

      If I read you right, you're talking about passive RF stuff, like in those bigassed Honda keys.

      They use RF generated from the car (ping!) to generate just enough electricity to de/encrypt a response (pong!). Viola! (sic)

      I guess it's more like a transformer coil than RF, but what the hoo.

    • by Sheridan ( 11610 ) on Thursday December 19, 2002 @05:49AM (#4921766) Homepage
      but I have had serveral security related dongles and all of them were a pain in the arse.

      Dude, you're definitely wearing your dongle in the wrong place!

  • Specifically, someone with such a token getting clubbed on the head and stuffed in the office supplies closet, and his token stolen.
    • You know, common movie elements won't understand this "token wristwatch that has a Linux-running microprocessor" thing, so let's dumb it down. How about he gets clubbed in order to get a piece of metal that has been engraved in some semi-random form so that when it's placed into its reader, it causes a door to be unlocked.

      I know... call it The Key
  • by ekrout ( 139379 ) on Wednesday December 18, 2002 @10:13PM (#4920417) Journal
    But what happens when the neighborhood/college/company bully steals your watch?
  • by Cat_Byte ( 621676 ) on Wednesday December 18, 2002 @10:14PM (#4920424) Journal
    Sounds like the smartcards to me where you stick it in the slot & it knows your password, domain, etc. Console is locked unless you have the card.
  • by cyber_rigger ( 527103 ) on Wednesday December 18, 2002 @10:15PM (#4920428) Homepage Journal
    That you wear on your finger? :^)
  • by commodoresloat ( 172735 ) on Wednesday December 18, 2002 @10:15PM (#4920431)
    Gimme your watch, punk!
  • Great! Now I'll have a growth on my arm from my ZIA wristwatch to go along with my brain tumor from my cell phone!
  • hmmm... (Score:3, Interesting)

    by jasno ( 124830 ) on Wednesday December 18, 2002 @10:15PM (#4920434) Journal
    What about using some kind of biometric data, like key cadence, or a profile of typical mouse movement characteristics (like icon overshoot?) to do it? That way its totally seamless, although one could still do some damage as it would take a few input events to establish the identity.

    Sure, its not foolproof, but who wants to wear an identifying token?
  • Non-PDF version (Score:2, Informative)

    by David_Bloom ( 578245 )
    For those of us who don't want the Acrobat plugin crashing our browser: Google's handy PDF->HTML cache [216.239.33.100].
  • Something's missing (Score:5, Interesting)

    by Safety Cap ( 253500 ) on Wednesday December 18, 2002 @10:17PM (#4920442) Homepage Journal
    (from the article)
    At the beginning of the process, the user enters a password on the watch~.
    Isn't the point so that lazy people don't have to be bothered with remembering passwords? Doesn't this defeat the purpose? (sigh)

    What happens if you take your watch off and leave it next to the computer? It never encrypts!

    Worse yet---what happens if your watch gets stolen? Now you can't get at your data! Better make sure you get the Casio [casio.com] watch option instead of the Breitling [breitling.com]. No one would want to steal a Casio POS, so you should be safe.

    • by cicadia ( 231571 )
      Isn't the point so that lazy people don't have to be bothered with remembering passwords? Doesn't this defeat the purpose? (sigh)

      <sigh> No, that isn't the point at all. The technology is intended to stop the problem of people walking away from their computers ("I'm sure I'm only going to be away for a minute" -- gets dragged into a five hour meeting...) without locking them first.

      The article even says that it was designed for use by people who are already using passwords, but are bothered by the inconvenience of having to lock the computer, and reenter the password every time they are called away for a few seconds. Not because they don't want to remember a password, but because it's a hassle to have to enter it all the time.

  • I have a v8 engine block set to fall on my hard disk if I'm away for more than five minutes (3 minute walk to fridge(coke!) and back)!!!

    Your security is nothing compared to that!!!!!
  • a processor running Linux designed by IBM.

    Soon to be a chip implanted in your hand.

    Don't forget the barcode on the forehead!

    I'd much rather computers go wearable than implantable...

  • Use my technique (Score:4, Interesting)

    by ekrout ( 139379 ) on Wednesday December 18, 2002 @10:19PM (#4920454) Journal
    I keep all mission-critical and government-classified information on portable USB Flash DRAM-based storage devices. They're incredibly portable and can be brought to the gym, in the car, to work, back home, swimming, hiking, biking, etc.

    To be perfectly honest, I just can't bring myself to respect anyone who would leave a $4,000 laptop with supposedly top-secret information on it sitting out on a cafeteria table or something while they go sit in the bathroom and read the paper.

    Just stick with portable USB drives. They're cheap, efficient, fast, and more secure than any fly-by-night research project out there right now.
  • The token... is currently a wristwatch with a processor running Linux designed by IBM.

    hmmm....we have a watch, it obviously has some sort of wi-fi networking if it can keep in touch with the computer. How long until someone is assasinated by launching a DoS attack against his watch? It may not kill, but at least cripple as the watch burns its way through the flesh as the poor NIC on it is overloaded.....

    • bluetooth actually, unless they figured out a way to get 802.11 working w/ decent power savings on the watch. Bluetooth requires much less power than 802.11 (a reason why its range is so much less)

      When i was working on it (2 summers ago, so a while back) we got bluetooth working decently well, in that one could give a talk w/ slides and control the slides w/ the watch's thumbwheel.
  • This is yet another device created by geeks for geeks. These researchers probably think this is a good idea, but do they really think it is a good idea for most people? How much market analysis was done? How much usability testing? Well, at least they are targeting corporations and large organizations. There might be some money in it down the road.
  • Security for the people too lazy to practice good security habits. Yay. Although I suppose this will make life easier for certain sysadmins...

    At any rate, my question is "When will this be used to make smart guns?"
    • Guns have no need for electronics. The most cost effective way to do "smart" guns is to have a ring with a magnet and a spring loaded pin that goes in from of the firing pin/hammer and keeps them from engaging unless the rings magnet pulls the pin out of the way. The only thing this system lacks is individual user identification but it solved 80+% of the problem with weapons, those mostly being the weapon being fired by children/ other non-owners of the weapon accidently and the weapon being used against the owner by an assaliant.
  • More and more laptops/palmtops incorporating a camera as part of the design, so why not use facial recognition to lock the pc.

    Short of growing a beard before you get back to the laptop it'd be a cheap workable solution.

    Then you don't have to remember/wear some crazy ass security dongle.
  • by NineNine ( 235196 ) on Wednesday December 18, 2002 @10:28PM (#4920511)
    When you stand up, hit ctrl+alt+del. When you sit down, type in your password. I had to do it at one company, and now it's just habit. Not exactly a tough thing to do. I think that these guys are trying to solve a non-problem.
    • by LostCluster ( 625375 ) on Wednesday December 18, 2002 @10:48PM (#4920631)
      There are business analysts (remember what the first four letters of that word are..) who add up all those seconds lost to things like hitting Ctrl-Alt-Del and typing their passwords over a year, then multiply it by the hourly wage to determine how many dollars are wasted by that task. If that step is replaced by a passive process, it theoretically makes employees more effective... YMMV in actual use.
      • by NineNine ( 235196 ) on Wednesday December 18, 2002 @11:29PM (#4920805)
        True, but then you have to factor in the physical cost of these doohickeys, and the support time when one dies, is lost, or malfunctions. I dunno. Seems like it's making things more complicated and expensive for no really good reason. In most businesses, a LOT more time and money can be saved by doing something as simple as making sure that no non-developers or non-admins have full control of their box, limiting the damage they can do. Most companies that I've seen make each user admin of their own box, when really if they're just doing work, they'd never need.
  • With a combination of a prickly bios password and some sort of hardware lockout?

    I had a crackhead friend bring me one of these recently asking if I could make it work. I spent about 10 minutes reading posts about the hardware lockout and figured out it wouldn't happen without him calling dell. It was of questionable origin and he did not want to do that.

    He then insisted on leaving it at my house for two fucking weeks insisting that i'm a computer genius and I could figure it out, despite the documention I had read.

    Two weeks later he came back accusing me of being too lazy to have a look at it. Isn't that just the way it goes when you're the computer fixit guy?

  • Encrypts the data? (Score:3, Interesting)

    by dagg ( 153577 ) on Wednesday December 18, 2002 @10:34PM (#4920549) Journal
    The system protects data by automatically scrambling it the moment users walk away...

    What does it actually encrypt? All sensitive data? I doubt it could do that in 5-6 seconds. Also, how do you decrypt the data if you lose your key? Or what if you fire the employee and don't get the key back? How will you get the data, then? Is there a back door for sysadmins?

    • What does it actually encrypt? All sensitive data? I doubt it could do that in 5-6 seconds.

      It probably encrypts your passwords.txt so that the thief of the laptop can not compromize your *other* accounts including that porn site one...
      Or maybe it is really smart and it keeps both copies of your data -- encrypted and unencrypted. The second you walk away the unencrypted copy is erased :) Dunno about the decryption part happening in 5 seconds though... undelete?

    • "Sensitive data" basically boils down to the one or two directories where you actually save your work to. You don't really need to encrypt your programs or .mp3 files.
    • Decryption in cases of lost/inoperable keys or removed employees is probably done through escrow much like NTFS encryption in an AD Domain. There is an AD key (one per tree I believe) and there is a group that is assigned to have use of that key. This group can access any encrypted data in the tree because they can pull the origional encryption key out of an escrow database using the AD key. Another strategy is that used by PGP where you include two keys, the users and a master, either key can decrypt the information so you just need the master if someone leaves/forgets their passphrase etc. This is a feature that Phil didn't really like but knew was needed for commercial sucess.
    • It encrypts the cache. Which is very easy to do in 5-6 seconds. The disk contents are always encrypted.
  • by HEbGb ( 6544 ) on Wednesday December 18, 2002 @10:34PM (#4920551)
    A token can be easily misplaced, duplicated, or bypassed. A password is NOT a big deal to enter when you sit at your desk. If they're too lazy/clueless to enter a password, they shouldn't be responsible for any secret information.

    Use a program like Scramdisk [clara.net] or the commercial version Drivecrypt [drivecrypt.com]. Keep all of your critical files on the encrypted partition. When you leave your desk, activate the screenserver with a keystroke.

    Unless someone knows your password, you're safe. If they reboot, the encrypted disk is inaccessible.

    What's the big deal?
    • The point is to automate the whole 'active screensaver' and 'type in password' bit by using a physical token that communicates with the laptop wirelessly so it seemlessly does that without you having to do anything. More importantly, you're a lot less likely to take your watch off and leave it next to the laptop than forget to lock the screen (but I was only gone for a minute!).

      Really, this is nothing new. People have been using physical tokens for authentication for years (although usually for the added security value). In this case the token is being used to increase convenience, not security direclty (although the end goal being to improve security indirectly), which is what makes it different.

      Of course, if you are the kind of person who'd leave your watch next to your laptop when you go to the bathroom, I'd recommend against using this. ;)

  • I don't see this as being very practical.

    How fast will this encrypt/decrypt data? I probably have well over a gig's worth of 'sensitive' documents and data on my laptop, stored in various directories (and unfortunately the approved OS at work is winblows). Encrypting will not take mere seconds.

    More often than not, when I'm not at my desk I'm a few cubicles away working with other co-workers. Sometimes I'm not away from my desk for more than 10-15 seconds. Right now if I suspect I'll be gone from my desk for a while, and it's not in plain view, I'll turn on my screensaver (password locked) with a touch of 2 keys. This system sounds like it will arbitrarilly start encrypting my data as soon as I'm outside a specified range. If I'm away for just 15-20 seconds, this seems very impractical. Not to mention other things, like forgetting the transmitter at home (how many of us have forgotten our work passes at home once or twice?), having the battery die, etc.... On such occasions you'd be totally locked out from accessing your own data.

    No thanks, this seems way too impractical for my taste. Move along, there's nothing to see here.
  • by JayBonci ( 92015 ) on Wednesday December 18, 2002 @10:38PM (#4920570)
    While I applaud these people for making steps to make it harder to casually get information off of laptop computers, it still does not stop other attacks on such a system. Flooding the laptops area with uniformly strong signal that matches the watch's key would be as difficult as acquire-and-replicate. There seems to be a smart card like system with keys, and key encrypting keys.
    It's very comprehensive, and it addresses many aspects of the social and technological attacks.

    In my mind, the weak link here is clearly the watch. Watch technology isn't very complicated (read: very big), and how many designs could their possibly be? If one knows where the hardware information is located, a system replacement under the face, and you've got some issues. How many people wear watches to bed at night? Or in the shower? Difficult, but possible

    A quick couple of replacements, and you have a watch that has a short range transmitter also transmitting the information that you'd need to dissolve the encryption link, and maybe begin a traditional man-in-the-middle attack. Once you see what cards the watch is holding, shouldn't the rest of the exchange be trivial?

    While this is a great mechanism for an encryption scheme, what attacks are there against the physical and social component? These are the items of which spy thrillers are made, and will probably (hopefully) never come into play.

    All in all, an excellent read from the UMich folk, and they have my applause.

    --jaybonci
    • In my mind, the weak link here is clearly the watch. Watch technology isn't very complicated (read: very big), and how many designs could their possibly be?

      The watch is running Linux; how many possible programs can there be? More than there are particles in the universe...

      There are lots of challenge/response identification schemes that run nicely on my old 200 Mhz PII box that would be very hard to crack with current technology, so I would have faith in that part of the system.

  • From what I understand, this new system decrypts the cache when you come within a certain distance and re-encrypts when you go past that distance, does this mean that doing the hokey pokey (you put your left foot in...) could lead to a system crash??
    • Im sorry I have to write this. Imagine an entire office of Cubicle dwellers doing the hokey pokey just to crash their machines.

      Damnit I need a smoke.
  • As always, the weakest link will be the user. I can just see some schmuck decide that he's tired of waiting six seconds every time he gets back from the water cooler, and so he leaves the wristwatch next to the laptop at all times.
  • by wray ( 59341 ) on Wednesday December 18, 2002 @10:49PM (#4920639)
    Let me use a ring, then I only lose a finger when someone wants access :~)
  • The best way for a device like such to work is public/private authentication. You give the computer your public key. To challenge user authentication, it sends out its public key encrypted by your public key. The watch then decrypts that the laptops key with its own private key. The watch then sends back the user's password.
    If the password is received and is correct, the computer stays in public mode. IF the password is incorrect: either
    • Someone has launched a man in the middle attack
    • You co-worker is walking past with their watch on
    • The wrong password was entered on the watch

    So the laptops locks up until you start to use it and the watch recived a timed ping, or you initiate the send from the laptop.

    This system provided user authentication and data security, the two main points of a secure system.
  • Dongles revisited (Score:4, Insightful)

    by mark_space2001 ( 570644 ) on Wednesday December 18, 2002 @10:55PM (#4920673)
    In other news, University of Michigan has re-invented the dongle. "You know those things you hated and were a pain in the ass to use? We'll, we got it all figured out, trust me."

    Great, something else to buy. My fingers are cheaper and I'm not one of the people who has a problem logging in with a password. Why should I fork out cash for this?

    • Re:Dongles revisited (Score:2, Informative)

      by reconbot ( 456259 )
      To be fair dongle's don't carry encryption info. Nor did anyone expect you to pay money for this. This is tartgeted more for docters and such with patien information on thier laptops. I for one like the idea but I'd have having something stealable as the key. As least the key needs its own "key" (a password) to operate, but the artical never said exactly how that worked.

      I think its a good idea espicaly if it expands I'd like to see other devices use the same key. You could start your car, buy a coffe, walk in the (locked) parking entrence at work, open your office, and log in your computer all with a password you entered in your watch when you woke up.

      I like it - beats the hell our of attaching a dongle into the back of my computer to use the encyclopedia bratianica. (way back when)
    • Re:Dongles revisited (Score:3, Informative)

      by Malcontent ( 40834 )
      "Why should I fork out cash for this?"

      Here is one possible reason.

      If this device (or a similar device) is able to encrypt your hard drive then it would be an effective combat against some of the more intrusive aspects of the patriot act. In that legislation there are clauses that allow the FBI to enter your home when you are not in and bug your place and place trojans in your computer while you are not home and without letting you know about it.

      My point is that automatically encrypting your hard drive is more effective then having a password protected system especially if that encryption is done with huge keys that are stored on the watch.
  • Leave an operating laptop unattended on your desk and your sensitive data is accessible to anyone who gets hold of it
    I was taught that once someone has physical access to a system, it's game over with regards to security.
    In other words, the authentication system will only deter, not stop unauthorized access. How about just taking the laptop with you?
  • The distinct flushing sound one hears as he backs away from his device is the users 'sensitive' data being stored safely where no man is sure to venture.

    Only the men with get this joke..
  • Like putting a bell on the cat. "Pat your manager on the back" and then you can rest assured surfing freely knowing that the next time he comes within 15 feet of your desk, a browser window will open maximized pointed to http://java.sun.com.

    Or tag the girlfriend and always hide the pr0n!
  • ZIA Redux (Score:5, Informative)

    by mcorner ( 168581 ) on Wednesday December 18, 2002 @11:11PM (#4920734) Homepage

    As much as I enjoy the free publicity, this has been posted on slashdot before. [slashdot.org]

    To correct a serious error that appears in this article and in the nytimes article this was cribbed from: The system was NEVER run on the IBM watch. We mentioned it as a possibility and somehow it was taken as fact.

    I welcome the comments on the work, however remember that the world of university research is often more forward looking than the commercial world. That is our job!

    • A question (Score:3, Interesting)

      by uradu ( 10768 )
      As others have already mentioned, unless the article had it all wrong, it seems that you're going about this the hard way. Why not create an encrypting FS driver along the lines of Scramdisk or DriveCrypt that always stores the disk data in encrypted form and only decrypts it upon reading? The token would then simply provide the key, and when it's not present, you simply can't decrypt the data, without requiring a lengthy de/encryption process each time you leave and return? In addition, you could make the driver smart enough to let you encrypt only certain directories, plus you could still keep the cache encryption functionality as it is now.
    • Lost tokens? (Score:3, Interesting)

      by MyHair ( 589485 )
      What happens when the decryption key device fails or is lost or stolen?

      I'm a netadmin for some not-very-savvy users, and if I couldn't restore access to their data just by resetting their password then they are all in trouble.

      This is an issue for a lot of encryption solutions, not just this one. Is there a master key list somewhere than can be used to recover encrypted files or volumes or at least recreate the encryption key device? How long would that take? (This opens another discussion over security of the master list and key-changing and reencryption procedures for lost and stolen tokens.)

      And what if the device gets stolen? I have a security token that requires a PIN in conjunction with its security (both the PIN and device are needed for access), but in the case of this article the whole point seems to be to avoid entering a password or PIN.
  • by Chris_Stankowitz ( 612232 ) on Wednesday December 18, 2002 @11:12PM (#4920736)
    Sounds like a nice idea. However we all know that once physical security is compromise the rest is all down hill. On-top of which, a thief that is just after the machine and cares nothing about the data will still take the machine. He doesn't know that you have a proximity sensor (whether it uses encryption or not). What I would like to see is a tool and/or system that has the kind of reliability and name recognition that something like low-jack has. What I mean is something that a crook will look at and walk away because he will recognize that it will be more trouble than it is worth. Even if he is just stealing it for the hardware. Something that he knows he just can't slap in a windows boot disk and format. Because we all know that most laptop thefts are not by criminals that want data. Its the common crook that just wants a buck. Granted what would also bring down those thefts would just be the prices in laptops coming down, the prices on those haven't fallen nearly as close to the same rate as desktops.

    For now I will continue to dream and maybe even write a book entitled "2085" by Ali Orwell. :)
  • Erm...brute force? (Score:3, Interesting)

    by BSDevil ( 301159 ) on Wednesday December 18, 2002 @11:12PM (#4920739) Journal
    I'd say why not brute force the thing, but here's something easier...Make a device that constantly scans for the signal of a token (there has to be some characteristic fingerprint to the signal). When it finds one, remember the signal and indicate to the user. User then goes and mugs target, takes laptop, uses stored signal. We've shown that man-in-the-middle attacks are do-able for a system like this, so why not keep with what works? If one knows how the system works, and can get a long enough string of interactions between the token and the server, then the key is vaunerable. Maybe this means that you have to tail the guy for a while, but let's be honest - if he's using one of these systems (I don't imagine they come cheap) then there's probably somehting worth stealing on that machine, if that's what you're up to. Make a scanner that tracks the signature of packets, walk around the financial centers of the world, and then the device goes off you know which laptops to take.

    On another note, this reminds me of the plan to put RFIDs in the new high-denomination Euro-notes. Something like takes all the effort of guesing who to mug: emit the signal, and anytime you get a response, you know the guys's packing a high-value Eruo-note.
  • Still... (Score:2, Insightful)

    by Velocity44 ( 635370 )
    Anyone who wanted your information that much should be willing to beat up up for it - I feel that this just makes it one step easier to get your information. Anyway, it's not even a new idea.
  • Why not use an encrypted filesystem and store the key in the token?
  • by afidel ( 530433 ) on Wednesday December 18, 2002 @11:54PM (#4920884)
    good security should always be based on at least two of the three from the list

    Something you have

    Something you know

    Something you are

    Anything that relies on just one of these catagories is going to be significantly easier to break than one the follows the rules. Most commercial security these days is based on something you know (password) and nothing more. Good security systems require all three, biometrics, password, and a physical token. biometrics are suseptible to advanced attacks but thing like thermal imaging for skull structure combined with retinal imaging is pretty close to unbreakable. Passwords are notoriously lacking because passwords strong enough to be secure are difficult for most people to remember so they end up either weak or written down. As for token systems other than smart cards and the IBM watch I have not seen many implementations out there.
    • by jpmorgan ( 517966 )
      The whole 'something you are' rule is really dangerous. Almost every application I've seen of biometrics gets it wrong, and then there's the question of whether or not it's even practical at all.

      The fundamental problem with biometrics is that you can't change your keys. You have a set of fingerprints, retinal patterns, DNA sequences that are really pretty damn hard to change.

      Biometrics can only work with strong physical security to ensure that the tests aren't being compromised (i.e., someone hacking the device).

      To steal your password I have to look over your shoulder, and once done you can change it. To steal your authentication token, I have to pick your pockets, and once done you can get a new one. But I can pull your fingerprints from anything you touch, and you'll have a much, much harder time changing those.

      Biometrics are often portrayed as the panacea for authentication, but of the three 'seomthing you X', it's really the weakest. Haven't we learned yet that there's no such thing as a silver bullet?

  • I don't think it encrypts, but IIRC, there are hospitals that use bluetooth for automatic login/logoff when a doctor approaches a terminal, so this is nothing new or revolutionary. It is one of the things bluetooth was originally designed to accomplish.
  • I guess the hackers of the future will be both hackers and pocket thiefs. The man in the corner selling clocks get a new buisiness.

    "you want an www.ibm.com/we/own/joo or a www.bank.com/all/your/base/is/in/my/pocket?"
  • If you're talking about WindowsXP/2000, you can lockout automatically on a 60 second screensaver or whatever. You can also enable lockout on resume from a suspend. And finally if you just NTFS and a strong name/password, then EFS to encrypt your My Documents (or whever your secret recipes live), someone could physically take the drive out, put it in another machine, and not do much with it. Im sure there are *NIX versions of all of these things too, which, when employed together, can be setup once, and pretty much forgotten about by the end user's standpoint.
  • What headache...? (Score:2, Informative)

    by sapgau ( 413511 )
    How lazy can u be... I type my password without thinking now.
  • by wirelessbuzzers ( 552513 ) on Thursday December 19, 2002 @12:40AM (#4921046)
    It was discovered soon after the press release that the "zero interaction authentication" system was vulnerable to a transmission replay attack [slashdot.org]. This attack may prove fatal to the design; in any case, it should take a few years to get the kinks worked out, so don't expect it on your desktop any time soon.
  • Don't mean to be a grammar nazi, but... from the don't-lost-your-watch dept

    Is that poor grammar, or just hedging their bets? The alternative is to misspell "lose" as "loose," which is definite grammar nazi fodder :)

  • by btellier ( 126120 ) <btellier@[ ]il.com ['gma' in gap]> on Thursday December 19, 2002 @04:22AM (#4921583)
    At the beginning of the process, the user enters a password on the watch. "That's to make sure an imposter isn't wearing your token," Noble says. Then, each second, the laptop broadcasts a cryptographic request that only the token can correctly answer. This procedure, an exchange of cryptographic numbers, is a standard security measure.

    People will still use stupid passwords. GONG!. They'll use the same letter conventions that 99% of the population uses. I guarantee that one guy with a high-end laptop could walk through an office and guess 99% of the passwords within a few minutes. Or maybe they'll guess 1% and get the temp's password. Good enough, access to the internal network is almost always sufficient to own the rest of the network.

    There is no technology that will override stupidity.
  • Been here before (Score:3, Interesting)

    by AlecC ( 512609 ) <aleccawley@gmail.com> on Thursday December 19, 2002 @07:20AM (#4921924)
    I remember reading an article about a system like this years ago - running somewhere like ARM's labs in Cambridge. They were using it for desktops rather than laptops, but that is a detail. More importantly, they had hooked a load of other systems up to the ID. It provided the security access to the building - no more fiddling for cards, the door unlocks as you approach. Rather than just blanking off the screen as you waked away from one workstation, as you moved towards another workstation, it moved your "desktop" to that station, so that your work could "follow" you round the building. And, by detecting which room you were in, the phone system could route calls to you wherever you were.

    There are a lot of questions (privacy etc) about those other uses, but a system which gives you multiple returns from the single cost of wearing some kind of ID is much more likely to be adopted than a single dongle for a single job.

You can be replaced by this computer.

Working...