Re: British Ministers Adopt Unbreakable Crypto
LONDON (AP) -- It's a briefcase even James Bond could love.
Britain's more adventurous Cabinet ministers soon will be spiriting laptop computers inside their signature ``Red Box'' briefcases, complete with fingerprint recognition systems and silent alarms.
[.....]
``There is even a duress finger,'' Rushworth said. ``That is for if a terrorist or gunman has a gun to the minister's head forcing him to open the computer. It will appear to function normally but doesn't, and sends a silent alarm to the Cabinet Office.''
This is INSANE. How could someone be so stupid as to announce such a feature in a newspaper. I guess this means that if a terrorist sees a Cabinet minister with such a computer, he had better shoot to kill. The whole point of a feature like this is that its existence is secret. Someone is NOT paying attention. Bruce ********************************************************************** Bruce Schneier, President, Counterpane Systems Phone: 612-823-1098 101 E Minnehaha Parkway, Minneapolis,MN 55419 Fax: 612-823-1590 http://www.counterpane.com
Bruce Schneier writes:
``There is even a duress finger,'' Rushworth said. ``That is for if a terrorist or gunman has a gun to the minister's head forcing him to open the computer. It will appear to function normally but doesn't, and sends a silent alarm to the Cabinet Office.''
This is INSANE. How could someone be so stupid as to announce such a feature in a newspaper. I guess this means that if a terrorist sees a Cabinet minister with such a computer, he had better shoot to kill.
The whole point of a feature like this is that its existence is secret. Someone is NOT paying attention.
I don't think the machine is going to do any silent alarming in the grounded Faraday cage with the 10 severed fingers lying on a plate next to it. Anyone know what they actually use to sector encrypt the file system on these things? It would be somewhat amusing if it were snake oil based. -- Eric Michael Cordian 0+ O:.T:.O:. Mathematical Munitions Division "Do What Thou Wilt Shall Be The Whole Of The Law"
On Mon, 19 Jan 1998, Eric Cordian wrote:
Bruce Schneier writes:
``There is even a duress finger,'' Rushworth said. ``That is for if a terrorist or gunman has a gun to the minister's head forcing him to open the computer. It will appear to function normally but doesn't, and sends a silent alarm to the Cabinet Office.''
This is INSANE. How could someone be so stupid as to announce such a feature in a newspaper. I guess this means that if a terrorist sees a Cabinet minister with such a computer, he had better shoot to kill.
The whole point of a feature like this is that its existence is secret. Someone is NOT paying attention.
I don't think the machine is going to do any silent alarming in the grounded Faraday cage with the 10 severed fingers lying on a plate next to it.
This reminds me of a conversation I had at a recent biometrics exhibition. One company exhibited hand shape scanners, such as those installed at San Francisco International Airport to control access to "sensitive" parts of the airport. [Do not pass security, go straight the "clean" area]. I asked the exhibitor if the scanner would grant access to a hand not attached to the body. At first, the exhibitor paled and replied that if a severed hand was part of my thread model (not using these terms), then my "facility had larger problems than could be solved by access control". The booth staff, visibly shaken by my insinuation that there are people that might severe somebody's had to gain access to an environment, kept following me with their eyes as I walked away from the exhibit. Seems these amateurs hadn't considered that somebody getting ready to blow up an airplane with 250 passengers on board just might have relatively few qualms about detaching the hand of one Filipino airport janitor on his way to work. To their credit, the EyeDentify booth staff (the world's sole manufacturer of retinal scanners), knew what they were doing. Their system checks for blood flow, etc. A removed eye or a cadaver won't do. Now there is a company that understands security. [Disclaimer: I have no connection whatsoever to either manufacturer]. -- Lucky Green <shamrock@cypherpunks.to> PGP v5 encrypted email preferred. "Tonga? Where the hell is Tonga? They have Cypherpunks there?"
At 08:18 PM 1/19/98 -0800, Tim May wrote:
At 7:53 PM -0800 1/19/98, Lucky Green wrote:
I asked the exhibitor if the scanner would grant access to a hand not attached to the body. At first, the exhibitor paled and replied that if a ... Well, the droids they hire to man their booths are Happy People.
Sometime in the late 80s I was at some computer security conference that had some presentations on biometrics; the issue of body parts no longer attached to original-condition bodies was brought up by several of the exhibitors (I think they were checking for pulse while scanning fingerprints, for example.) As Tim said, the James Bond movie was old by then, and also the military and other Feds have been early enthusiasts for biometric identifiers - if the KGB is bothered by detached hands, it's because it takes longer than just carrying the guard's body across the room, and the bloodstains might be noticed faster than a "sleeping" guard. Thanks! Bill Bill Stewart, bill.stewart@pobox.com PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
At 7:53 PM -0800 1/19/98, Lucky Green wrote:
This reminds me of a conversation I had at a recent biometrics exhibition. One company exhibited hand shape scanners, such as those installed at San Francisco International Airport to control access to "sensitive" parts of the airport. [Do not pass security, go straight the "clean" area].
I asked the exhibitor if the scanner would grant access to a hand not attached to the body. At first, the exhibitor paled and replied that if a severed hand was part of my thread model (not using these terms), then my "facility had larger problems than could be solved by access control". The booth staff, visibly shaken by my insinuation that there are people that might severe somebody's had to gain access to an environment, kept following me with their eyes as I walked away from the exhibit.
Seems these amateurs hadn't considered that somebody getting ready to blow up an airplane with 250 passengers on board just might have relatively few qualms about detaching the hand of one Filipino airport janitor on his way to work.
Well, the droids they hire to man their booths are Happy People. No wonder they missed the point of Oklahoma City.
To their credit, the EyeDentify booth staff (the world's sole manufacturer of retinal scanners), knew what they were doing. Their system checks for blood flow, etc. A removed eye or a cadaver won't do. Now there is a company that understands security.
Biometric on removed eyeballs was old hat in "Thunderball," as I was approaching adulthood. That the Disneyfied world fails to understand realitities is hardly surprising. --Tim May The Feds have shown their hand: they want a ban on domestic cryptography ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, ComSec 3DES: 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^2,976,221 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."
-----BEGIN PGP SIGNED MESSAGE----- In <199801192330.RAA09810@wire.insync.net>, on 01/19/98 at 06:30 PM, Eric Cordian <emc@wire.insync.net> said:
Anyone know what they actually use to sector encrypt the file system on these things? It would be somewhat amusing if it were snake oil based.
It may not be snake-oil but you can bet it will be GAKed. I can just imagine some poor clerk tying to explain to one of those boneheads that they can't get their files just because they forgot their passphrases. I wouldn't be suprised if there were several keys floating around that would give access to one of those machines. - -- - --------------------------------------------------------------- William H. Geiger III http://users.invweb.net/~whgiii Geiger Consulting Cooking With Warp 4.0 Author of E-Secure - PGP Front End for MR/2 Ice PGP & MR/2 the only way for secure e-mail. OS/2 PGP 2.6.3a at: http://users.invweb.net/~whgiii/pgpmr2.html - --------------------------------------------------------------- Tag-O-Matic: You said Windows was a Power Tool??? -----BEGIN PGP SIGNATURE----- Version: 2.6.3a-sha1 Charset: cp850 Comment: Registered_User_E-Secure_v1.1b1_ES000000 iQCVAwUBNMRN4I9Co1n+aLhhAQFRdwP8Dhr511XyhabfAHN8Vr5xFB9l/cGqCV50 opc7y+BIYmVnbxExha+TFUcmbC285kAqxASaR8klTqAdeYJuoBy3/4GK6jbsnlBo KumzbyaM7hTcLIP8dfRM8Rs2Ol0NcBv0Qn+JmxkkAyn0F9FzOIdNfEwkJXVjU3WW Q0abx0ieCYg= =aLAL -----END PGP SIGNATURE-----
participants (6)
-
Bill Stewart -
Bruce Schneier -
Eric Cordian -
Lucky Green -
Tim May -
William H. Geiger III