From owner-freebsd-security Tue Oct 6 19:16:32 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id TAA03115 for freebsd-security-outgoing; Tue, 6 Oct 1998 19:16:32 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from peak.mountin.net (peak.mountin.net [207.227.119.2]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id TAA03096 for ; Tue, 6 Oct 1998 19:16:26 -0700 (PDT) (envelope-from jeff-ml@mountin.net) Received: (from daemon@localhost) by peak.mountin.net (8.9.1/8.9.1) id VAA18538; Tue, 6 Oct 1998 21:16:06 -0500 (CDT) Received: from luthien-10.isdn.mke.execpc.com(169.207.65.10) by peak.mountin.net via smap (V1.3) id sma018536; Tue Oct 6 21:15:47 1998 Message-Id: <3.0.3.32.19981006210902.006e987c@207.227.119.2> X-Sender: jeff-ml@207.227.119.2 X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.3 (32) Date: Tue, 06 Oct 1998 21:09:02 -0500 To: Wes Peters , Sean Kelly From: "Jeffrey J. Mountin" Subject: Re: Java-based Crypto Decoder Ring gets NIST FIPS 140-1 certification (fwd) Cc: Nate Williams , Chuck Robey , FreeBSD-security@FreeBSD.ORG In-Reply-To: <36199BC9.8B4BA146@softweyr.com> References: <36194931.975AA5AC@plutotech.com> <199810052353.RAA12302@mt.sri.com> <36195EF3.23B3260E@plutotech.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 10:25 PM 10/5/98 -0600, Wes Peters wrote: >Nate Williams quipped? >% Umm, quick question. What's to stop the burglar from taking your ring >% and using it to disarm your alarm? > >Sean Kelly wrote: >> I'll try to put up a good fight. :-) > >For you, Nate, I'd say Montana's (complete lack of) gun-control laws will >help. ;^) E gads! Skip the fight, unless you can get a bead on him quickly. ;) >% (I contrast this with the alarms >% ability to have a 'disarm but silent setoff setting' which disarms the >% alarm by still calls in the calvary, which is used when you are in >% distress... > >> Good idea. Maybe there should be both the ring and a keypad; a special >> code can indicate distress. Seriously, you could disarm it, but use a "special" code that sends the posse. >% (Or, am I just being truly paranoid...) > >> You? Naaaah! > >% Nate - Who is looking for a good 'physical' security mechanism that >% can't be easily forged by an outsider who gets physical access to you >% and your computer. Before addressing far-out scenarios, let's assume it's a ring. As long as it doesn't not fall off.... If it does, the finder would need to know where to use it. Say one is laying on the street. Despite the odds of finding a "good" receptical, lose the ring and you change the codes. >This would pretty much need to be a biometric device of some sort that >can measure stress *and* determine if the subject is living or dead. >Probably still slightly beyond the state of the art, but not more than >a few years out now. > >I personally prefer the urinalysis login method, but it can get pretty >messy, and I'm told is much more embarassing for users with two Y >chromosones. Retina scan maybe. Simple, less messy and what happens if it is 50 below and you just can't go. Not sure the ladies would like the p-test either. Also what happens if someone steals a sample. For the truely paranoid. 8-) Jeff Mountin - Unix Systems TCP/IP networking jeff@mountin.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message