[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [school-discuss] Re: Re: Passwords for kids? [straying off topic]
Karsten M. Self wrote:
Do you mean malicious software hitching a ride on a floppy disk? Or dirt
and grime wrecking your hardware? 'Cause if it's the former.... *points
to the 'net*
on Sun, May 16, 2004 at 10:52:36PM -0700, Ian Paterson (firstname.lastname@example.org) wrote:
Karsten M. Self wrote:
How about using floppy disks as hardware ID tokens?
But for a fair number of 'em, particulary the younger set, and a few
others with learning disabilities, remembering passwords seems to be
beyond the possible. Anyone have experience with setting up accounts
I suppose you could go for a biometric solution
No floppy drives on the systems.
These kids would likely be putting the disks in pockets, backpacks, etc.
I'd like to minimize opportunities for foreign material introduction to
Yeah. Overwriting the disk can be prevented somewhat by explaining the
overwrite tab and encouraging users to keep it in the upwards position,
but copying of keys (disks) isn't as easy to defend against.
Otherwise: yes, this is a decent suggestion. Assuming you can trust
the disk not to get compromised once on the system (either overwriting
the disk, or copying the keys).
What did Sierra and Apogee end up doing when they shipped their games on
disk? Does anyone remember a scheme that wasn't broken that could
protect the contents of the disk from being copied? As I recall, the
closest they ever got was to check for specially crafted bad blocks that
could only be properly read if the disk drive ran slower than usual;
something they hoped that only their software would be able to do.
True, but they have more capability than you'd want. Floppy disks are
prevalent enough that you can get them free nowadays since they're
useless to most people, whereas even an 32meg USB [key/pen] drive still
has it's uses for transferring small documents and the like. Not
something I'd want to give out like candy, 'cause if I had that kind of
cash we could have just gone for the retinal scanners anyways...
There _is_ something to be said for this. USB pen drives are another
option, and are _almost_ getting cheap enough to consider.
Err, I was just reiterating why floppy disks didn't work for storing all
personal documents and data, like it was back in the day.
The downsides to this approach are as follows:
- People loose stuff. Be it kids, adults, teenagers or whatever, those
disks are going to go missing and when they do, so does yesterday's
homework/today's Power Point presentation that you're supposed to be
giving in 4 minutes.
Yep. That's probably the deal breaker right there.
Ideally for your situation it would be "something you have, something
you are", which would be equivalent to "something you know" (and
possibly something you are, depending on how far you want to take it).
The solution, as I see it, is to use a combination of physical
identifiers such as biometrics, swipe cards or old fashion steel keys,
in addition to the conventional user name/password combination.
The RSA fobs people get and use with a PIN have been around for years.
"Something you have, something you know". The PIN itself is pretty
short, and the fob generates a new authentication code every minute,
good for five minutes, or thereabouts (allowing for some time slew).
Off topic: Similar to, or is Kerberos? Ghosts of threads gone by are
haunting my memories have what was borrowed where.
Domain authentication is basically "single sign-on". You authenticate
to a domain server. Similar to Kerberos, etc. The server validates you
and is what permits you to log on to _both_ the domain (and its
resources such as shares and printers), _and_ the local workstation.
What I've got set up has user profiles, *wants* to have a "group
profile" (essentially: one place where I can add/remove items from
desktops, menues, bookmarks, etc.), uses Samba as a primary domain
controller, and *doesn't* utilize AD/LDAP.
No, she can 'illegally' access a single user's account. Which shouldn't
be trusted anyways.
Now when someone wants to use a computer to, say, write a biography on
Clifford Cocks, they sit down at any workstation and *either* type in
their user name and password, *or*, they can put in their personalized
floppy disk which contains their ID/certificate that corresponds to
their account. This way, you have the option of bypassing passwords if
you hold the unique ID/certificate (in this case, our floppy disk),
otherwise you can just log in with a user name and password without
needing to keep track of the floppy.
The weakness is that the certificate itself is sufficient. If it's
obtained by Eve, she can crack into the system.
And somewhat more painful. Although anyone who's ever generated SSL
certs by hand might have reason to disagree...
This, incidentally, is the same weakness of most biometrics.
The difference is that you can revoke and issue new keys (certificates).
Grafting a new set of fingerprints, irises, or DNA sequences onto me is
rather more problematic.
*shrug*. In a professional setting I'd motion for a company policy to
just fire the people who still have passwords on sticky notes, but with
the situation as it stands now, you have to ask yourself if a physical
identifier required to sign in is less secure or more secure than users
remembering passwords by telling their friends.
Although inconvenient, the loss of the floppy disk won't mean the loss
of data anymore.
I agree that on a more general basis, this would be a good thing. In a
professional setting, HS, college, or elsewhere, I'd much rather have a
cardreader or USB port into which I could park a token (fob, USB stick,
PDA, handheld computer, smart card, whatever), punch in a _short_ PIN,
and be on my way, than have to remember a gazillion 10-character
randomized passwords similar to:
eeChu6ahfi iegaizoh1A xeev5ioJuk uSh9ieghar Ai3ohwahxo
is6eiShela Nae1shoong mua7Kohcei Ahfeeph5fi Oogai7eene
(pwgen -- my preferred password generator).
...though I'm pretty good at remembering same.
Agreed, but this is a weakness that exists for user names, PIN numbers,
face recognition, credit cards, etc.. Come to think of it, the only
difference between a system like this and credit cards is the relative
obscurity of consumer hardware readers/scanners.
Technically speaking, this is really just an implementation of
certificate-based identification (public key cryptography) that
involves putting the identifying certificate onto a portable device,
the floppy disk. A dumbed down smart card, if you will.
(This is ridiculously weak from the point of view of overall security,
The main problem is that the token isn't _bound_ to the medium. Copying
the key breaks the system.
The duct tape side of me wants to say "just delete the FAT table and
always store the key at block X", but that'd only buy you a week or two
before it'd defeated.
And now I need a cold shower for even contemplating suggesting such a
A smart key which uses a challenge-response protocol that _uses_ its key
but does not _reveal_ it would be preferred. But that calls for some
Well, trusted media at any rate.
Too bad, I was having fun with that too.
Interesting. But not where I'm headed.
What about a return to the cipher era and have a printed keyboard
overlay of some kind with a personalized set of instructions on which
buttons to press and in what order? Just a simple piece of paper that
had lines indicating the keys, which could be coloured or whatnot.
At least the hardware would be cheap...
Ian Paterson https://www.ipaterson.ca