Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Security Patents Technology

Smart Gun Inspires Smart Mouse Authentification System 60

dcblogs writes Defense contractor Raytheon has received a patent for a mouse that has a biometric pressure grip. It believes the pressure grip, as a form of authentication, will be particularly hard to defeat because it works from a neurological pattern versus a physical pattern, such as a facial scan. "It's not just how much pressure you exert on the mouse itself, but it's also the x-y coordinates of your position," said Glenn Kaufman, a cybersecurity engineer. The approach was inspired by similar pressure grips used in smart guns.
This discussion has been archived. No new comments can be posted.

Smart Gun Inspires Smart Mouse Authentification System

Comments Filter:
  • by Maxo-Texas ( 864189 ) on Sunday October 05, 2014 @12:59PM (#48068927)

    It hurts the palm of my hand to hold it the same way all the time.

    Even beside that, testing it just now, my hand moves all over the thing and is in a different position each time I let go and put it back from typing.

    I don't understand how this is practical. A facial or retinal scan seems more reliable, can use your existing generic camera so no need for a custom mouse.

    • Same for me, this would never work.

    • Totally agree. Weren't there even some studies a while back suggesting that changing how you hold/use your mouse from time to time could help avoid repetitive stress injuries? I vaguely remember something like that, but don't quote me on it.

      It hurts the palm of my hand to hold it the same way all the time.

      Anyway, if this "improved" mouse ever becomes widespread, your face might be hurting, too, because you will probably be holding the palm of your hand there most of the time.

    • Yep. Repetitive Stress Injuries... now software enforced. Great step forward. But seriously, couldn't this open them up to all sorts of worker's comp cases?
    • IKR, My left hand has been showing CTS for month now, they want my other hand too, those insensitive clods.
    • Call me crazy, but I'm hoping for biometric authentication by genitals, because how funny would it be to see everyone have to pull down their pants to log in to their computers?

      Stop looking at me like that. Tell me you weren't thinking the same thing.

      • because how funny would it be to see everyone have to pull down their pants to log in to their computers?

        I don't know where you work, but in my office this would be anything but 'funny'.

  • by Opportunist ( 166417 ) on Sunday October 05, 2014 @12:59PM (#48068929)

    ...I have to bring my own mouse when breaking into the NSA headquarters?

    But seriously. We are really talking about a device here that is eventually attached via USB, on an external plug to boot, to a computer. Erhmmmmm...

    I guess it's time to dust off the presentation on how anything connected by USB isn't really a good idea if used as some kind of security device.

    • It could connect through infrared or bluetooth or firewire or whatever connectivity you'd prefer. Nothing prevents a mouse from communicating through any imaginable protocol. Most mice use USB bus to work because it's convenient and ubiquitous, nothing more.

    • by itzly ( 3699663 )
      It could use a public key authentication.
      • While a nice idea in theory, I could see some problem with the practical implementation in a mouse. At the very least it would probably push the price level to a point where it becomes unfeasible to do it (rather than a different, at least equally secure but cheaper, solution).

        I like the idea from a technical point of view, but it lacks economic viability.

        • by itzly ( 3699663 )
          I would expect that the price level is already pushed too far with the pressure sensors.
  • Whose grip (Score:5, Funny)

    by Livius ( 318358 ) on Sunday October 05, 2014 @01:18PM (#48069013)

    Okay, so it's a computer mouse that can *detect* a particular grip.

    I was really wondering how researchers were able to get laboratory mice to grip guns. And why.

  • Trivially defeated (Score:4, Insightful)

    by Anonymous Coward on Sunday October 05, 2014 @01:46PM (#48069103)

    From the article: "The information needed for a retina scan, for instance, can be stolen from a doctor's office..."

    And the information about how some VIP handles his mouse, can be stolen form either his mouse or the computer that gets biometric data from that mouse.

    This is basically a password that cannot be changed. Just like fingerprints and retina scans. And all these things can be faked so easily. You don't bother with a false fingerprint or "a practiced mouse grip pattern". No, you replace the device (mouse or fingerprint reader) and fake the digital output from the authentication device. This is much easier.

    A keylogger device steals keypresses - in the hope of finding a password. A similar logging device can log communication from a fancy mouse, or finger/retina scanners. After that, the signals can be faked with no need to actually grip a mouse or present a finger/eye.

    And it won't matter if the mouse use some cryptographically safe protocol to communicate with the computer. When I plant my logging bug, I won't need to intercept mousecomputer communication. I intercept communication from the sensor system to the mouse electronics. That way, I get the "signature" before it is processed and possibly encrypted. Easy when you know electronics and programming - which enough people do. After that, the grip signature can be superimposed on my mouse movements when I abuse this tossers "safe computer". Possibly using remote control from a different location.

    A hassle to set up, but only the first time. Similiar to how DeCSS took some work to pull off - but now it is everywhere. And it will be done for the first time when the incentive is there - such as a bank protecting their transaction computers with this. And then the hack goes on the black hat market . . .

    • by Bengie ( 1121981 )
      You're talking about replay attacks. I wonder if there is a way to mitigate these or if it's a fundamental issue with all forms of bio-metrics and untrusted inputs.
    • by Rich0 ( 548339 )

      This is basically a password that cannot be changed. Just like fingerprints and retina scans. And all these things can be faked so easily. You don't bother with a false fingerprint or "a practiced mouse grip pattern". No, you replace the device (mouse or fingerprint reader) and fake the digital output from the authentication device. This is much easier.

      This is a fundamental weakness of biometrics, but that doesn't make biometrics useless. If the computer is in a supervised area swapping out a mouse isn't going to be trivial, especially if the correct mouse authenticates itself in some way.

      When I see stuff like this I think "government installation designed to thwart ninja sneaking in the air ducts and changing into a uniform."

  • when you pry it from my cold... Wait, what? Oh.
  • Given the raging success of "smart guns", this should be a slam dunk for the company to make billions!

  • by Anonymous Coward

    Smart Doorknob?

  • I can see how an exercise like this can benefit those against smart guns. Put that exact technology in a device we use everyday, such as our mouse, and track how often it fails or becomes temperamental. So, you had to readjust your grip after every 50 uses, and it flat out stopped working after 1000? Would you want that to be in the hands of an officer trying to save your life?

Been Transferred Lately?

Working...