[EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: Re: Deniable Thumbdrive?
Date: Sun, 26 Jan 2003 22:16:52 -0500
At 10:06 PM 1/24/03 +0100, Eugen Leitl wrote:
...
Frankly, the fingerprint is a lousy secret: you leak it all over the
place. You can't help it, unless you're wearing gloves all the time
At 06:05 PM 1/24/03 +, Ben Laurie wrote:
...
Nice! Get them to cut _all_ your fingers off instead of just one.
Just say no to amputationware.
This whole idea was talked to death many years ago on sci.crypt, and
probably before that other places. The good news is that it's not too hard
At 10:06 PM 1/24/03 +0100, Eugen Leitl wrote:
...
Frankly, the fingerprint is a lousy secret: you leak it all over the
place. You can't help it, unless you're wearing gloves all the time. Ditto
DNA.
That's generally true of biometrics. Unless taking the measurement is so
intrusive it's
On Sun, 26 Jan 2003, John Kelsey wrote:
I think the best way to think about any biometric is as a very cheap,
moderately hard to copy identification token. Think of it like a good ID
card that just happens to be very hard to misplace or lend to your friends.
Like an implant in the forehead.
--
From: Tyler Durden[SMTP:[EMAIL PROTECTED]]
Sent: Friday, January 24, 2003 9:52 AM
To: [EMAIL PROTECTED]
Subject: Deniable Thumbdrive?
I got a hold of a little gadget recently that is very nearly perfect for
certain forms of data storage. It's called
I got a hold of a little gadget recently that is very nearly perfect for
certain forms of data storage. It's called a Thumbdrive and I bought it
online somewhere (64Meg for about $179 or so).
The cool thing about this drive (small enough that it has holes for use as a
keychain) is that it's
From: Tyler Durden [EMAIL PROTECTED]
The cool thing about this drive (small enough that it has holes for
use as a
keychain) is that it's got a Public area and a private area, and the
private area is accessible (if one desires) only via the little
fingerprint
reader on the top of the drive.
Peter Trei wrote...
What's you're threat model? If it's your wife or kid sister, this
might work. If it's a major corporation or a government, forget
it - they'll bitcopy the whole flash rom, and look at it with ease.
At this point, most of my threat models are on this level or the next one
Tyler Durden wrote:
I got a hold of a little gadget recently that is very nearly perfect for
certain forms of data storage. It's called a Thumbdrive and I bought
it online somewhere (64Meg for about $179 or so).
The cool thing about this drive (small enough that it has holes for use
as a
Nice! Get them to cut _all_ your fingers off instead of just one.
Just say no to amputationware.
Use the kind of fingerprint reader that can also sense the blood flow in
the finger, kinda like the heart rate sensors on some exercise machines.
Dead fingers then will be of no use.
...of course,
On Fri, Jan 24, 2003 at 09:51:46PM +0100, Thomas Shaddack wrote:
DEFINITELY TRUE!
...
The device should be able to perform the encryption/decryption services on
its own (hence the cryptographic CPU). Eg, you have an untrusted computer.
You plug the device to its port, move a document from
At 11:40 AM 01/24/2003 -0500, Tyler Durden wrote:
Peter Trei wrote...
What's you're threat model? If it's your wife or kid sister, this
might work. If it's a major corporation or a government, forget
it - they'll bitcopy the whole flash rom, and look at it with ease.
Agreed. Furthermore, the
One of these days, I might build a little device that stores a private key
and does on-board encryption using a microcontroller. I would do it just for
fun, since it is pretty useless if the infrastructure to support it is not out
there.
Check http://developer.axis.com/products/mcm/ - this
On Fri, 24 Jan 2003, Thomas Shaddack wrote:
Use the kind of fingerprint reader that can also sense the blood flow in
the finger, kinda like the heart rate sensors on some exercise machines.
Dead fingers then will be of no use.
Photoplethysmography and photoxytometry are easy to fake once you
WTF is the point of adding more biometric security to a device that
cannot and does not support data integrity? that flash memory held
within the thumbdrive keeps your data in clear text...unless of course
you store everything within some form of encrypted disk. even then,
the quick and
At 10:11 AM -0800 1/24/03, Major Variola (ret) wrote:
You do, of course, have
to trust the hardware/OS you use it with. If you don't know the
socket, keep your dongle in your pants
Given the well documented advantages of poetry over prose in ease of
recall, this adage should be, If you don't
On Fri, 24 Jan 2003, Thomas Shaddack wrote:
Has built-in Ethernet and serial ports, and with a chip like FT8U232AM it
could work with USB as well.
The 232BM version is easier to use and costs the same.
Patience, persistence, truth,
Dr. mike
John Bethancourt wrote...
One of these days, I might build a little device that stores a private key
and does on-board encryption using a microcontroller. I would do it just for
fun, since it is pretty useless if the infrastructure to support it is not
out there.
...while Thomas Shaddack gave
18 matches
Mail list logo