[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [school-discuss] Re: Re: Passwords for kids? [straying off topic]

Karsten M. Self wrote:
on Sun, May 16, 2004 at 10:52:36PM -0700, Ian Paterson (ipaterson@shaw.ca) wrote:

Karsten M. Self wrote:

But for a fair number of 'em, particulary the younger set, and a few
others with learning disabilities, remembering passwords seems to be
beyond the possible.  Anyone have experience with setting up accounts
for kids?
I suppose you could go for a biometric solution
How about using floppy disks as hardware ID tokens?

No floppy drives on the systems.

These kids would likely be putting the disks in pockets, backpacks, etc.
I'd like to minimize opportunities for foreign material introduction to
these systems.
Do you mean malicious software hitching a ride on a floppy disk? Or dirt and grime wrecking your hardware? 'Cause if it's the former.... *points to the 'net*

Otherwise:  yes, this is a decent suggestion.  Assuming you can trust
the disk not to get compromised once on the system (either overwriting
the disk, or copying the keys).
Yeah. Overwriting the disk can be prevented somewhat by explaining the overwrite tab and encouraging users to keep it in the upwards position, but copying of keys (disks) isn't as easy to defend against.

What did Sierra and Apogee end up doing when they shipped their games on disk? Does anyone remember a scheme that wasn't broken that could protect the contents of the disk from being copied? As I recall, the closest they ever got was to check for specially crafted bad blocks that could only be properly read if the disk drive ran slower than usual; something they hoped that only their software would be able to do.

There _is_ something to be said for this.  USB pen drives are another
option, and are _almost_ getting cheap enough to consider.
True, but they have more capability than you'd want. Floppy disks are prevalent enough that you can get them free nowadays since they're useless to most people, whereas even an 32meg USB [key/pen] drive still has it's uses for transferring small documents and the like. Not something I'd want to give out like candy, 'cause if I had that kind of cash we could have just gone for the retinal scanners anyways...

The downsides to this approach are as follows:

- People loose stuff. Be it kids, adults, teenagers or whatever, those
disks are going to go missing and when they do, so does yesterday's
homework/today's Power Point presentation that you're supposed to be
giving in 4 minutes.

Yep.  That's probably the deal breaker right there.
Err, I was just reiterating why floppy disks didn't work for storing all personal documents and data, like it was back in the day.

The solution, as I see it, is to use a combination of physical
identifiers such as biometrics, swipe cards or old fashion steel keys,
in addition to the conventional user name/password combination.
The RSA fobs people get and use with a PIN have been around for years.
"Something you have, something you know".  The PIN itself is pretty
short, and the fob generates a new authentication code every minute,
good for five minutes, or thereabouts (allowing for some time slew).
Ideally for your situation it would be "something you have, something you are", which would be equivalent to "something you know" (and possibly something you are, depending on how far you want to take it). Hmm...

Domain authentication is basically "single sign-on".  You authenticate
to a domain server.  Similar to Kerberos, etc.  The server validates you
and is what permits you to log on to _both_ the domain (and its
resources such as shares and printers), _and_ the local workstation.
Off topic: Similar to, or is Kerberos? Ghosts of threads gone by are haunting my memories have what was borrowed where.

What I've got set up has user profiles, *wants* to have a "group
profile" (essentially:  one place where I can add/remove items from
desktops, menues, bookmarks, etc.), uses Samba as a primary domain
controller, and *doesn't* utilize AD/LDAP.

Now when someone wants to use a computer to, say, write a biography on Clifford Cocks, they sit down at any workstation and *either* type in their user name and password, *or*, they can put in their personalized floppy disk which contains their ID/certificate that corresponds to their account. This way, you have the option of bypassing passwords if you hold the unique ID/certificate (in this case, our floppy disk), otherwise you can just log in with a user name and password without needing to keep track of the floppy.

The weakness is that the certificate itself is sufficient.  If it's
obtained by Eve, she can crack into the system.
No, she can 'illegally' access a single user's account. Which shouldn't be trusted anyways.

This, incidentally, is the same weakness of most biometrics.
The difference is that you can revoke and issue new keys (certificates).

Grafting a new set of fingerprints, irises, or DNA sequences onto me is
rather more problematic.
And somewhat more painful. Although anyone who's ever generated SSL certs by hand might have reason to disagree...

Although inconvenient, the loss of the floppy disk won't mean the loss
of data anymore.

I agree that on a more general basis, this would be a good thing. In a
professional setting, HS, college, or elsewhere, I'd much rather have a
cardreader or USB port into which I could park a token (fob, USB stick,
PDA, handheld computer, smart card, whatever), punch in a _short_ PIN,
and be on my way, than have to remember a gazillion 10-character
randomized passwords similar to:

eeChu6ahfi iegaizoh1A xeev5ioJuk uSh9ieghar Ai3ohwahxo is6eiShela Nae1shoong mua7Kohcei Ahfeeph5fi Oogai7eene
(pwgen -- my preferred password generator).

...though I'm pretty good at remembering same.
*shrug*. In a professional setting I'd motion for a company policy to just fire the people who still have passwords on sticky notes, but with the situation as it stands now, you have to ask yourself if a physical identifier required to sign in is less secure or more secure than users remembering passwords by telling their friends.

Technically speaking, this is really just an implementation of
certificate-based identification (public key cryptography) that
involves putting the identifying certificate onto a portable device,
the floppy disk. A dumbed down smart card, if you will.


(This is ridiculously weak from the point of view of overall security,

The main problem is that the token isn't _bound_ to the medium.  Copying
the key breaks the system.
Agreed, but this is a weakness that exists for user names, PIN numbers, face recognition, credit cards, etc.. Come to think of it, the only difference between a system like this and credit cards is the relative obscurity of consumer hardware readers/scanners.

The duct tape side of me wants to say "just delete the FAT table and always store the key at block X", but that'd only buy you a week or two before it'd defeated.

And now I need a cold shower for even contemplating suggesting such a thing.

A smart key which uses a challenge-response protocol that _uses_ its key
but does not _reveal_ it would be preferred.  But that calls for some
Well, trusted media at any rate.


Interesting.  But not where I'm headed.
Too bad, I was having fun with that too.

What about a return to the cipher era and have a printed keyboard overlay of some kind with a personalized set of instructions on which buttons to press and in what order? Just a simple piece of paper that had lines indicating the keys, which could be coloured or whatnot.

At least the hardware would be cheap...

Ian Paterson https://www.ipaterson.ca