|
|
|
|
|
|
Posted: Tue Dec 16, 2008 1:49 pm
|
|
|
|
I had this great idea that's an extremely terrible idea at the same time while I was cleaning the entire espresso bar and the storeroom and eating Bailey's-Irish-Cream-filled Chocolate Truffles (Chocolate + Alcohol + Cleaning Fluid == Profit???).
Anyways, the idea is essentially extreme technological convergence. The goal is to not only reduce everything one carries into one convenient thingamajig but also provide enough security to protect all the information and assets in the device from everything save the rubber hose method of attack.
The hardware is, essentially, a Bluetooth-Capable and Wifi-Capable SmartPhone with Camera, Fingerprint Scanner, and hardware to make it compatible with SmartCard readers (contact and contactless types). While it will function as a regular SmartPhone, meaning one will be able to make calls, send messages (e-mail, SMS, voice, and picture), play media, and browse the Internet, it does much more than that.
The phone can store and provide credentials to parties the user wishes to provide it to. For example, one can go to the bank and open an account, but instead of providing one of the newer SmartCard-style debit cards, one can opt to give the phone to them and the bank will put the information into the phone's data banks. With identification, one can go to a DMV or something and request a new ID card, but instead of getting a physical card the place programs the phone to store the information. Hell, one can even assume that cash, at some point, will become all-digital (or, probably managed by banks so that bills become more and more scarce) and the phone itself will store credits. For doors that have RFID locks, the security department can program one's phone to enable unlocking certain locks. It can even be used as a unique physical key to any thing that would be compatible with the system.
Of course, having one physical device be the source of everything about the person is dangerous. Some of the protections that it would have is a two-way authentication system using biometric scanning (using the fingerprint reader or the camera to examine something the owner has and only the owner would have) and two different PIN numbers -- a correct PIN and a spoof PIN. In case of a rubber hose attack on one's information, one can provide one's biometric and the spoof PIN. It would give legitimate-looking, but improper, information to the malicious attacker, but it would also inform proper authorities about the crime and proceed to protect and safeguard important things on the device. For example, the spoof PIN would give access to the same bank account, but would also alert that the transaction was forced; the phone would contact authorities silently. Some other security features would be Pretty Good Privacy support (ability to encipher/decipher/sign/identity-verify incoming and outgoing media) and Mandatory Access Controls on everything on the phone (everything not explicitly allowed to be done will be denied).
Well? Any thoughts? Obviously there are big problems with it, but it's a thought...
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Posted: Tue Dec 16, 2008 2:00 pm
|
|
|
|
|
|
|
|
|
Posted: Tue Dec 16, 2008 2:05 pm
|
|
|
|
|
|
|
Posted: Tue Dec 16, 2008 2:07 pm
|
|
|
|
|
|
|
|
|
Posted: Tue Dec 16, 2008 2:12 pm
|
|
|
|
AlcoholicPancake Well, biometric scanners can be hacked... Well, not hacked per se, but there ARE ways to trick them or get around that. Besides, from the sound of it, you'd be able to connect it to a computer in some way or another. Someone would find a way to hack into them, and spread that s**t around the net in no time. Exactly the point (that's why it's two-way authentication: the owner's fingerprint or retina scan and a valid PIN). However, in reality, there's really no 100%-bulletproof way to safeguard one's data. But there are better ways to safeguard one's data. The phone doesn't have to hold all your information, but it could theoretically hold any information and credentials you wish to provide to it.
There's still the problem with the whole computer hookup -- especially because the phones would have to have the procedure to decipher information somewhere in its hardware or memory. If there was a way to make the hardware only provide information by the phone's local operating system it would be possible, but that's relying on the hardware level -- even lower than Binary since you'd have to make the hardware only accept certain electrical impulses in a certain fashion.
There's also the problem of who would provide these devices, and how to protect your information from them. The "easiest" method is to simply not allow information to be transmitted without the owner providing biometrics and the correct PIN, but that's really relying on human intelligence. Anyone who has worked with technology, particularly the customer service help with technology, is probably scared of humanity's intelligence.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Posted: Thu Dec 18, 2008 1:43 am
|
|
|
|
|
|
|
|
|
Posted: Thu Dec 18, 2008 6:37 am
|
|
|
|
|
|
|
Posted: Thu Dec 18, 2008 5:27 pm
|
|
|
|
|
|
|
|
|
Posted: Thu Dec 18, 2008 8:16 pm
|
|
|
|
The wires won't be able to do their job, however, if the "right wires" (the keys in this sense) is not stored anywhere in the system. The trick would be to keep said key with the owner and only with the owner. That way, even if scanning the wires for information (a man in the middle attack of some sort) is possible, it would only be possible if the user has provided the key. The vulnerability, then, would be relied on the user since it will only decipher information if the credentials are given. The manufacturer, then, would need to ensure (or make sure) that there is no way the phone can "Phone Home" and send keys that way. Human-implanted chips are risky to me and not attractive, so that wouldn't work.
What I was thinking, instead, is the procedure for producing the correct key is embedded in the phone rather than an exact copy of the key in the phone (said procedure would be blind or semi-blind -- in essence have no way to check if it's correct -- because if it was capable of saying "It Is Incorrect" that means the key is stored somewhere to compare). The procedure requires two correct credentials (in this case a biometric fingerprint/retina scan and the correct PIN) in order to make the key.
To be fair, however, it is essentially the same thing as carrying credentials in a physical wallet. Magnetic-stripe cards, after all, are fairly easy to get information from and are limited in the information stored (SmartCard cards are more secure since they have hardware enciphering built-in, but the enciphering key to retrieve the information is hard-coded into the system). There is always a risk in everything, but I'd feel something like this would be more secure.
The two-PIN system would become common knowledge, yes, if everyone used them. However, how can one tell that it's the right PIN or the spoofed one if both function exactly the same, save the other PIN silently reports to authorities? The only way it would work is if one is rubber-hosed to give out both PINs (the user can still deny the existence of a secondary one) or if the owner is held hostage until it's confirmed that it's the true PIN. In any case, the effort it would take to see if the correct PIN is given or not is more effort than the common thief would want.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Posted: Fri Dec 19, 2008 8:52 pm
|
|
|
|
|
|
|
|
|
Posted: Fri Dec 19, 2008 9:28 pm
|
|
|
|
|
|
|
|
|
|
|