Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Security Encryption Businesses IT Apple

Location-Based Encryption 239

Posted by michael from the what-if-the-hub-goes-on-the-fritz? dept.
davidwr writes "Eweek reports Apple co-founder Steve Wozniak has a new way to prevent theft of company secrets on stolen laptops: 'Wozniak offered a peek into his vision for the company on Ziff Davis Media's Security Virtual Tradeshow, where he introduced "wOz Location-Based Encryption," an application that uses GPS tracking within a wireless hub to encrypt and decrypt sensitive data for large businesses.' Today's encryption is good enough but I do like the tracking capability. Imagine your laptop screaming 'I'm being stolen! I'm being stolen!' and paging security as the janitor walks out the door with it."
This discussion has been archived. No new comments can be posted.

Location-Based Encryption More

Location-Based Encryption

Comments Filter:

  • Not totally secure? (Score:5, Insightful)

    by nmg196 ( 184961 ) * on Friday December 03, 2004 @09:35AM (#10985685)
    All GPS devices I've come across simply stream out NMEA data from a serial port (or over a bluetooth connection). What would stop someone that really desperate to get the data from hacking the GPS module or the dongle so they can stream in their own forged (or recorded) NMEA data which reports the laptops current position to be where they stole it from (after all, they should remember)? Usually anything these days that requires a GPS uses a standard GPS module, and at some stage, the position data from it ends up in an interceptable form on the edge interface of some module. Hardly bulletproof security?

    • Re:Not totally secure? (Score:5, Interesting)

      by jmcmunn ( 307798 ) on Friday December 03, 2004 @09:41AM (#10985760)

      Better yet, my portable GPS device allows me to "set my location" temporarily in case the signal is not strong enough. This allows the device to at least estimate where I am if it has a weak signal somehow. I don't really get all the details...but it works so I don't complain.

      So what's to stop someone from doing essentially the same thing with the laptop? Just tell it "you're still in the building" and you'd be all good. I think this is a pretty cheesy idea for security, you can always figure out a way to lie to a machine, regardless of what lie you're telling. This is less secure than a well-encrypted password if you ask me, or course I assume that the machine would still have the password as added security, so I guess that argument shouldn't carry any weight.

      • Re:Not totally secure? (Score:5, Informative)

        by nmg196 ( 184961 ) * on Friday December 03, 2004 @09:55AM (#10985948)
        > This allows the device to at least estimate where I am if it
        > has a weak signal somehow. I don't really get all the details...
        > but it works so I don't complain.

        Well a GPS receiver has about 8-12 channels with which to look for the satellites. If it knows roughly where you are, then it can use that information, together with stored almanac data (info relating to the orbital positions of the satellites over time) in order to better guess *which* satellites it should try locking on to. It basically speeds up the process of getting the all important 'first fix'. If you didn't tell it where it was, it would simply take longer to get the fix - but it would still get there eventually.

        I must admit, I wasn't too impressed when I received my first GPS and the very first question it asked me when I turned it on is "Please select the location of this device using the map below". I was like, "huh, aren't you supposed to tell me that?!". :)
    • I seriously doubt they would use only GPS data as an encryption key. Likely the dongle is doing challenge-response interactions with the wireless hub, and certain actions get triggered when the hub is no longer in wireless range.
      • No, but at some stage, the device relies on a raw GPS signal. All I was wondering is, what would happen if you spoofed that signal somehow... Maybe the rest of the encryption process won't notice and it will be happy to show you the data.

        As we've seen many times before on Slashdot, lots of new encryption techniques turn out to be gimmicks or marketing ploys designed to sell one specific product. How often do these weird encryption mechanisms actually become mainstream? Not very often.

        Not having a device t

    • I think all consumer GPS devices do this, but there are lots of commercial/industiral GPS devices, too.

      I don't think it would be that hard to integrate one of the chipsets [trimble.com] from Trimble [trimble.com] into a WAP to provide the feature Woz is describing. Install the WAP in the ceiling, and run some RG-58 to the roof for the antenna, and I think that would make spoofing the GPS a lot harder.

    • Yes, but he's not talking about putting a GPS on the serial port.

      What he's talking about is something closer an iButton dongle that would only work at a particular position. This will communicate with a wireless infrastructure that will provide the key to unlock data.

      How GPS figures in is not entirely clear from the article, but it appears to be a kind of two factor security: you can get to your data if (a) you are in the presence of an authorization agent and (b) you are in the right geographic place.
    • Partly because these devices rely on security through obscurity, and sales through marketing-hype.

      If a security system is recognized and completely understood, it can be disabled or defeated. However, if the system is not recognized in time, it can use that time to phone home, re-encrypt the data, squirt stinky purple ink out the keyboard, whatever.

      So, if your concern is that James Bond and Bruce Schneier are going to conspire with the CIA to steal your laptop, well you're pretty much screwed even with

  • Or other more malign actions (Score:5, Funny)

    by _the_bascule ( 740525 ) on Friday December 03, 2004 @09:37AM (#10985704)
    paging the boss, 'he's going home! he's going home!'

  • Alarms (Score:5, Funny)

    by Anonymous Coward on Friday December 03, 2004 @09:38AM (#10985722)
    What if they had that for cars? Imagine someone tries to steal one and an alarm goes off! Everyone will pay attention and call the police right away. Car theft will be a thing of the past for sure...
    • Car alarms require public interest and intervention.

      This, however, only requires interest and intervention from paid security officers working for the company.

  • Does not work for cars too well (Score:3, Interesting)

    by mi ( 197448 ) <slashdot-2017q4@virtual-estates.net> on Friday December 03, 2004 @09:38AM (#10985724) Homepage Journal
    Automobiles had various "I'm being stolen" devices for years. From overt obnoxious sirens, that wake up the neighborhoods in the middle of the night to covert "Lo-Jack" and others. Does not help as much as was, I bet, expected.

    Or does it?

    • LoJack does work, apparently:

      Google Answers [google.com] that links to a Carnegie-Mellon study about it.

      --RJ

    • My auto insurance company offers a blanket discount for "theft deterrent devices." I think we can safely assume that if an insurance company is willing to cut prices 10% because the ignition locks up if it's fiddled with, then there really is a measurable deterrent effect.

      It's quite obvious that the systems won't stop a dedicated thief, nor will they prevent many other sorts of insurable damage. But they obviously have some overall effect.

    • Unfortunately, these "I'm being stolen" devices also get set off whenever there is a major fireworks show like the Edinburgh Festival. Which of course is exactly at the same time as there are large numbers of visitors and their cars in the area.
    • I remember one particularly obnoxious device that was sold in the Radio Shack catalog years ago. Instead of going off like a regular siren, this car alarm would actually be a woman's voice screaming "help me!" or "I was tampered with" if the alarm went off previously. That's just beyond the limits of good taste.

  • This could be applied to other things as well (Score:3, Interesting)

    by uid100 ( 540265 ) on Friday December 03, 2004 @09:39AM (#10985726)
    Some though would have to be applied to this, but a GPS system in your car that alerts you if some operational parameters are crossed would be nice.

    "Hey, I'm being towed away from the parking garage, even though my keys are more than 100 yards from me"

  • Zztxt Flrqtp fnz p47eltnzd. (Score:4, Funny)

    by mothz ( 788133 ) on Friday December 03, 2004 @09:39AM (#10985728)
    Zztxt Flrqtp fnz p47eltnzd.

    Oh, I'm sorry, you need to move two steps to the left.

  • Do you keep your laptop solely in the office? (Score:5, Insightful)

    by mpathetiq ( 726625 ) on Friday December 03, 2004 @09:39AM (#10985731) Homepage
    It seems like the real risk would be when you are on-site, traveling, etc. As a consultant, my laptop never leaves my side. I'd hate to have to "check out" every time I left the building. Also, I don't think I would like my employer having the possibility of tracking my every movement. Sure, you could turn off the tracking, but then you've lost the security as well.
    • I don't think I would like my employer having the possibility of tracking my every movement.
      Get your own laptop, then. Their property, they can do what they like with it.
    • Then your laptop goes through security. You may get held up by the search and your latop sits there waiting to be taken. This has happened a few times at airports even though you would think the security area was crawling with personnel and videoed.

  • In other news... (Score:2, Interesting)

    by al_fruitbat ( 617734 )
    ...thieves put stolen laptops in bags lined with aluminium foil. (can also be used for hats)

  • Um.. (Score:3)

    by Daniel Boisvert ( 143499 ) on Friday December 03, 2004 @09:40AM (#10985752)
    Does anybody else see a problem with a laptop you can't use outside of the office?

    It's not like you'd buy a laptop so you could TAKE IT WITH YOU and work outside of the office, or anything..

  • Shut Down? (Score:5, Insightful)

    by ZZeta ( 743322 ) on Friday December 03, 2004 @09:40AM (#10985755)

    Ok, may be I'm missing something, but wouldn't a simple shut down get rid of this 'feature'?

    And before you tell me how you can't shut it down without the apropriate password: Unplug / get rid of the battery. If you're stealing the notebook, why would you mind turning it off? After all, there'll be plenty of time back home to retrive the data.

    • Require a password on boot to unlock filesystem-level encryption.

    • Re:Shut Down? (Score:2, Insightful)

      by KiloByte ( 825081 )
      Simple. Just have your server ping the laptop every second and launch an alarm if the connection goes down.

      Unless you knowingly turn the watchdog off, I can't see a way to work around this that doesn't involve meddling with the server or alarm -- if you use some secure ping like choosing a random number and running some private key cryptographic tool on both ends.

    • "Unplug / get rid of the battery" (Score:4, Informative)

      by da5idnetlimit.com ( 410908 ) on Friday December 03, 2004 @09:55AM (#10985955) Journal
      True, very true...

      Also one should note that in most cases, when someones steals a laptop, it is for the laptop itself, and they couldn't care less for the data on it...as long as they can download the corresponding drivers later on...

      One the laptop get sold, it'll suffer a quick reinstall. and the security dongle will become a nice high tech keychain 8)

      + This system assumes I have a physical access to the machine...

      If I have physical access to the machine (usually you find them plugged into the network, and no screensaver password...) all I have to do is either install a quick soft from the net or from the cd/usb key I have with me...

      Keylogger/bot/zombie/spyware/remote desktop... I can do whatever I want...and your security is breached...

  • I can see the error messages now... (Score:3, Funny)

    by Elphin ( 7066 ) on Friday December 03, 2004 @09:42AM (#10985774) Homepage
    Error! Unable to open file!

    In order to open this file you must move 3 metres northwest of your present position

  • British intelligence and self-destructo laptops (Score:5, Informative)

    by call -151 ( 230520 ) on Friday December 03, 2004 @09:42AM (#10985777) Homepage
    This has come up before- here [wired.com] is a link to a 2001 Wired article about the British intelligence services using laptops with ``a built-in electronic self-destruct mechanism that erases a laptop's hard drive if the case is opened by force'' when a code is forgotten, as well as ``a tracking feature that allows a computer gone astray to call home." This was after a spate of embarrassing episodes where laptops with lots of important info went missing. I don't know if it's been implemented but this does seem to have some interesting applications, potentially...
    • I'm still trying to work out how a hard drive can be instantly trashed electronically. Even a single-pass low-level format can take a long time. My guess is an encrypted partition which relies on a key held in a PCMCIA dongle.

      The call-home program exists commercially and allows a machine to register its presence with a remote control.

      • Yeah, I was wondering the same thing. I work with some security modules that have tamper-resistant casing. If you try to force the locks or pry/cut the case, It zeros itself out. The difference here is that everything is solid state and stored in RAM and Flash memory. For the hard drive perhaps somekind of deadman switch on an electromagnet or something. But that would make for a damn big (and HEAVY) laptop (At least going by the size of our DeGaussers here at work).

        Anyone know what could be small a

        • How about encrypting the whole hard drive, either by using an encrypted file system, or a HDD controller which encrypts all the data written to the disk on the fly. Store the encryption key in Flash or RAM or whatever. When any kind of unauthorized access is attempted, wipe the key, and nobody can access the disk anymore. This could be as simple as keeping the key in a bit of battery-powered RAM, and connecting this to a chassis intrusion switch, which will cut off power when the case is opened.

          Don't forge

  • For a laptop? (Score:3, Insightful)

    by 31415926535897 ( 702314 ) on Friday December 03, 2004 @09:43AM (#10985788) Journal
    I was always under the impression that laptops were supposed to be mobile (but maybe that's just me)...

    It seems like this would be more useful for company systems that have highly proprietary, sensitive data on them that you wouldn't want moving around. I could see a very nice, dual G5 screaming "I'm being stolen" as the janitor carts it out with his supplies (though how it does that without a power source is beyond me, I guess you would need a secondary power source just for this system).

    Also, and I'm really not trying to start a flame war here, but first, what's wrong with a janitor having a laptop, and why assume that it's a janitor stealing the laptop? I would guess that it's a disgruntled employee or just-fired employee (that's not properly escorted out) that would pull a stunt like that. And I would think that laptops are stolen from public places like libraries and parks rather and work places where I think a system like this might not be as useful.
    • Also, and I'm really not trying to start a flame war here, but first, what's wrong with a janitor having a laptop, and why assume that it's a janitor stealing the laptop? I would guess that it's a disgruntled employee or just-fired employee (that's not properly escorted out) that would pull a stunt like that. And I would think that laptops are stolen from public places like libraries and parks rather and work places where I think a system like this might not be as useful.

      I don't have any numbers, but m
    • Also, and I'm really not trying to start a flame war here, but first, what's wrong with a janitor having a laptop, and why assume that it's a janitor stealing the laptop? I would guess that it's a disgruntled employee or just-fired employee (that's not properly escorted out) that would pull a stunt like that. And I would think that laptops are stolen from public places like libraries and parks rather and work places where I think a system like this might not be as useful.

      Thank you for mentioning this. M
  • Laptop: "I'm being stolen! Security guys, help!"
    [Security guy shows up, gun drawn]
    Security guy: "You there! Hands up"
    Innocent guy: "But, I'm just bringing Bob's laptop over to him in building 4!"

    I do like the idea, however, even though it may have issues. You could also use a wireless signal that pervades your company that is used as a key to decrypt.

  • Quote from article (Score:2, Insightful)

    by ender1598 ( 266355 )
    "Throughout the entire process, Wozniak said the encryption key is controlled in a central location through a secure transmission. Because the wOz Platform and the wOzNet network are proprietary, he said it is not open to Wi-Fi spoofing or password sniffing."

    proprietary != secure from sniffing

    I wonder if it's based on the current wireless encryption or if it's something completely new.

  • Thinkpads and RFID (Score:5, Informative)

    by terrencefw ( 605681 ) <slashdotNO@SPAMjamesholden.net> on Friday December 03, 2004 @09:47AM (#10985845) Homepage
    IBM Thinkpads have had RFID in them for a while now, to prevent them being taken out of specific areas.
    • Isn't the point of a laptop that are designed to be mobile? And if you want to restrict the mobility wouldn't it be easier to attach a network cable & lock to it instead of this fancy encryption?

      Or if it is to be used in 2 places use 2 desktops? what am i missing?

      Ok, this is no solution for the boss who must have the most fancy laptop there is to see the best screensaver. (dilbert)
  • This is hardly feasable. However, it *is* possible to construct your TxRx that can lock your equipment to the area. But if you're that serious about locking something down, why not just use a mainframe and some dumb terminals?

    This could only possibly work with other layers of security - GPS data isn't what I'd choose unless you can afford to launch some slightly more "useful" satellites of your own. Those sattelites would have to encode a sort of "encrypted timestamp" into the their data, so that that y

  • Why must it always be "the janitor"?? (Score:4, Insightful)

    by gambit3 ( 463693 ) on Friday December 03, 2004 @09:48AM (#10985864) Homepage Journal

    A few years ago, a securtity head-honcho at my company gave a presentation about keeping confidential documents off our desks, because "you never know when the janitors can come in and just swipe it out with them. I know they don't speak Englis, but it doesn't take a lot to swipe stuff off a desk..."

    I've had my fair share of stuff stolen, and it's never been a janitor.
    • "A few years ago, a securtity head-honcho at my company gave a presentation about keeping confidential documents off our desks, because "you never know when the janitors can come in and just swipe it out with them. I know they don't speak English, but it doesn't take a lot to swipe stuff off a desk...""

      It's easy to blame the person who's not in the room. Why do you think they blame the project's current problems on the person who jumped ship and left the company?

      And FWIW, there were only two occasions I

    • I've had my fair share of stuff stolen, and it's never been a janitor.

      I don't think I've ever had anything stolen at the office. I've been a janitor, too.

      If the janitors think they have a soft job with high pay, they aren't going to jeapordize it by stealing a laptop or a paper off your desk.

      If they figure that they wouldn't get screwed any worse elsewhere, I guess the situation would be different.

      The point here is that the janitors are just like you: if they're feeling screwed, they are a lot mor

    • Why must it always be "the janitor"?? It's not always the janitor, sometimes it's the butler instead.

    • Re:Why must it always be "the janitor"?? (Score:4, Interesting)

      by Inda ( 580031 ) <slash.20.inda@spamgourmet.com> on Friday December 03, 2004 @10:35AM (#10986478) Journal

      In my place the high paid engineers do all the stealing of laptops. The rest of us don't have access to them...

      They take them home to do work in the evenings. They dial into the network for free internet. Their kids download Britney. Their begged CD burner is constantly burning audio CDs - they have to beg because there is no real reason for laptops having burners...

      ...they find out that they are unable to install latest_spyware_infested_program. They wipe the hard drive, install their own software (disabling dial-in in the process) and the laptop never sees the office again. They know they'll have a lot of explaining to do if the laptop ever needs rebuilding.

      They see it as one of the perks of the job.

        1. They take them home to do work in the evenings. They dial into the network for free internet. Their kids download Britney. Their begged CD burner is constantly burning audio CDs - they have to beg because there is no real reason for laptops having burners...

        Not where you work. I burn work-related disks frequently. It's expected now, though I attempt to get people to use the network instead.

    • If the Janitor is a long term employee with benefits , they are probably the most trustworthy employees in the company.

      The custodians who steal tend to be temps/contractors.

    • In my experience, janitors and other after hours staff do steal equipment about 1/2 the time.

      The funniest one was right after stealing some equioment, the guilty janitor (who also had keys to the server room) went to 'pop the tape' and found it was entirely hard drive based. The guy still kept the computers and had his house raided to return the stolen equipment.

      Lesson? Don't let anyone have keys to the !@#$!@#$! server room! Extrapolate other lessons from there....

    • Evil, laptop-stealing janitors? The ones who used to eat steak with welfare coupons, and now surf for Russian porn on our Powerbooks and T1 lines?

      Well, how else are they supposed to get in on the $300 billion annual orgy of white collar crime [cornell.edu]? Or use this honcho's services [federalcrimes.com]?

    • The guy looks like he has an honest face [ez-entertainment.net] atleast :)

  • GPS spoofing (Score:3)

    by Mordac the Preventer ( 36096 ) on Friday December 03, 2004 @09:49AM (#10985870) Homepage
    So... how easy is it to spoof a GPS signal?
    • Replying to my own post is a bit off, but an even better thought... Say that BigCorp uses this idea to protect all of its really valuable data. You get a GPS transmitter that's transmitting a spoofed postion a few miles away, and all of BigCorp's laptops go "OMG, I've been stolen: 'rm -rf /data'".
  • I don't see how this system will stop theft of data. If you want to steal the data just copy the data and leave the machine there.

    I can see the security department scratching their heads while saying "who would have thought of putting all that data on a floppy disk"!
  • I am somewhat ignorant Woz's plan, but does this not remind anyone of DVDs not being able to be played outside of specified regions? How do we know the same thing won't happen?
  • It's not a big deal to spoof. All you'd have to do is build a couple small GPS-emulator transmitters and aim them at the device, and have them tell the device that its sitting its comfortable office environment 5,000 miles away.
  • I've been playing with a high-end GPS device recently, and the first thing I learned was that you can forget about getting a reading indoors. So how will this device work when there is no GPS reading in the office???
    • when it starts getting a gps reading, it knows it left the building. Anyway, in most buildings gps will work in some places and not in others - alot of risk for the thief. I suppose one could place a lo-jack type laptop in a faraday cage, but again risky when it comes type to either strip or access it.

  • GPS and Signal. (Score:3, Insightful)

    by jellomizer ( 103300 ) * on Friday December 03, 2004 @10:00AM (#10986014)
    With my experience with GPS. They tend not to get a signal unless you are outside and have a clear view of the sky. When Driving in tunnals, or a road with a thick covarage of trees I tend to loose signal. And I have never got it to work while I was inside my apartment. Most people tend to use Laptops inside buildings and a lot of them are not nessarly near windows or have the window shades open (the heat of an afternoon sun in summer is pritty bad). So for most cases this will not work because they cannot get a GPS signal.
  • Will Bill Gates soon be inventing a product with the Acronym "B.I.L.L" for the product name?

  • good against wardriving (Score:3, Interesting)

    by spectrokid ( 660550 ) on Friday December 03, 2004 @10:07AM (#10986108) Homepage
    Imagine that your WEP gets encrypted with a key dependent on your location. A large company could enable campus-wide WIFI, but you would only be able to get on the network if you are inside one of the buildings. Not the ultimate protection, but one extra barrier.
  • Cut and break 'top to pieces. Pick the hard drive from the rubble.
  • Countermeasures to laptop theft are really getting stupid at this point.

    Put 2.5" HDDs in a bit of a caddy to protect it, then you just pull it out and put it in your pocket. Notebooks could be made so that they pop the HDD out when the lid is closed, it is shut-down, or put into standby, and beep after a few seconds if the HDD hasn't been removed.

    This won't help immensely if you leave your laptop running, with an open lid, unattended, in a public place, but you probably don't care about security if you d
  • I have a better idea - you build a pair of hardware keys that operate like rfid ID tags, sort of (except that the key would be battery powered and generate different keys based on what it was given for a timestamp - like a secureID card for a vpn).

    You'd hang one of these little devices off your belt or on your keys or something. When the laptop is within a few feet of you, you can access the encrypted data. When it's not, you can't. Seems simple enough....now we just have to make sure that nobody gets smar
  • Imagine your laptop screaming 'I'm being stolen! I'm being stolen!' and paging security as the janitor walks out the door with it."

    Yawn. It would probably get the same reaction as car alarms do these days: great, some idiot accidentally set off their car alarm again. Where's the coffee?

  • Stop! (Score:4, Interesting)

    by buss_error ( 142273 ) on Friday December 03, 2004 @10:59AM (#10986804) Homepage Journal
    'I'm being stolen! I'm being stolen!' and paging security as the janitor walks out the door with it."

    I've been in offices for many many years. There has been only one time the Janitor Did It, and it was a case of they put it somewhere we wern't expecting.

    Can we stop with the steriotype? All of the janitors I have known have been honest, hardworking people that are just trying to make a living. While I a sure there are dishonest janitors around, I sure that like anywhere else the vast majority are not crooks.

    • Re:Stop! (Score:3, Interesting)

      by rthille ( 8526 )
      I don't know that the use of the janitor is meant as an inditement of janitors and their honesty, but rather of society. The reason that janitors are used is because they have opportunity (because they have to to clean) and and due to the inequity in society they can be said to have motive. After all, when you're working around equipment that costs as much as you make in a year, there's more temptation to steal it than if you work around stuff that costs what you make in a day. It's the same reason why

    • Re:Stop! (Score:4, Informative)

      by TomorrowPlusX ( 571956 ) on Friday December 03, 2004 @12:16PM (#10987901)
      Not to mention that janitors -- being blue collar and generally lower on the social totem pole -- *know* they're the first to be suspected/fired when something goes missing.

      Generally speaking the theives are coworkers, with sticky fingers. But usually it's people -- dressed nicely -- who just walk in off the street, looking like they belong, and picking something up and quietly taking off.

      We've had a fair bit of the latter where I work.
    • "Can we stop with the steriotype? All of the CEOs I have known have been honest, hardworking people that are just trying to make a living. While I am sure there are dishonest CEOs around, I sure that like anywhere else the vast majority are not crooks."

      -Erwos
    • I think janitors are some of the smartest people around. Who else could trivially pilfer anything in the building and get away with it all these years? Careful planning and manipulation have created a society completely dependent on someone else doing the dirty work. The same thing with this whole computer fad. Systems administrators have total control over your dataflow, much like the janitor controls the paperflow. Janitors have been training people like them, long hours which start early and end late in
  • The article makes it sound like the system relies partially on security-through-obscurity (the w0zNet thing), but that doesn't sound like something Wozniak would ever think of trying to rely on... He's just too brilliant for that.

    I wouldn't be surprised if in addition to a decent amount of obscurity, the system also has plenty of true security, i.e. it would be secure even if every detail of how the system works was known.

    Also, the whole GPS thing doesn't make much sense to me. Too easy to spoof an inco

  • GPS indoors? (Score:3, Informative)

    by uqbar ( 102695 ) on Friday December 03, 2004 @11:09AM (#10986981)
    I have a 1st generation GPS device so maybe my info is out of date, but it has a hard time getting a location in heavy forest, never mind in a massive concrete and steel building. All this seems like it would rule out most real world applications, so I think something is missing in this story - Woz aint no dummy. Any conjectures?
  • but I had an idea like this. When USC and the movie industry started a reasearch consortium two years ago to figure out how to digitally distribute movies to theaters securely, I offered them this suggestion:
    1. embed GPS location data in the encryption key
    2. build [like tighlty integrated and potted] a GPS reciever into the digital theater playback equipment.
    3. scramble the GPS output in some way that is also accounted for in the encryption of the digital movie stream and is unique to the serial number of th
    • Doris Dennings work cited by other poster might have been seen as prior art...it was 6 years ahead of me. the USC facility I mentioned is on line at http://www.etcenter.org/DCL.asp
  • I was thinking it would be nice if my iBook could auto-recognize my home hub and auto-login there. Outside the "zone", it could default back to login-on-wake. Coupled with the various options for encrypting my home directory, etc., this could be similar to what Woz is proposing.

    Of course, I haven't sat down to figure out the cryptological protocol needed. For the average thief, a simple insecure method would probably work.
  • If this is about encryption it has nothing to do with the laptop being stolen and everything to do with the data being stolen.

    Forget about how easy it is to unplug/shutdown said laptop and leave.. obviously it's quite easy.

    What this would do is to only allow decryption of the data stored on that laptop while within the vicinity of the approved location.

    Anywhere else and the data is encrypted. sure you can wipe the drive, but that is what they want you to do anyways...

    And yes people do store sensitive da

  • This sounds a lot like Akili Kuwale's encryption method in Greg Egan's novel Permutation City [wikipedia.org]. It's always good to see sci-fi coming true :)

  • Imagine your laptop screaming 'I'm being stolen! I'm being stolen!' and paging security as the janitor walks out the door with it."

    myes.... and imagine the look on the face of your boss when he realizes that by "working from home", you really meant working from the strip club ;-)

Slashdot Top Deals

A triangle which has an angle of 135 degrees is called an obscene triangle.

Close