|
|
Back to UserFriendly Strip Comments Index
|
This raises the stakes in hacking | by binkley | 2008-03-19 14:45:35 |
|
Be aware that unlike many other wireless | by intrinsic | 2008-03-19 15:17:34 |
| You can overcome any 1/r**2 power drop, by simply |
by bwkaz |
2008-03-19 15:54:42 |
squaring your radiated power when the range doubles. So any kind of proximity-sensitive "security" is rather worthless if you have an attacker with enough power before the 1/r**2 factor. (If FM towers were the right frequency, for instance, I bet all heck would have broken loose with these devices a long time ago.) The same issues exist with any kind of RFID device (although there are a few RFID authentication mechanisms available).
Anyway, so yes, I fully agree that strong authentication and crypto are both required.
What I found dumb is that two of the article's recommendations are basically pointless: one was to have the device beep when someone tries to talk to it, and the other was to have the device start vibrating when someone tries to talk to it. By that point, it's already *WAY TOO LATE*. The information has been accessed, and/or the device parameters have already been changed. What's the user supposed to do once that's happened?
The problem is that any other random person might have the ability to read or change info in the device. The way to fix that problem is *NOT* to push the fact that something has happened out to the user; you have to prevent the other random people from reading or writing the info in the first place! The remaining suggestion made in the article (add authentication) will do this; the other two will not. |
|
[ Reply ] |
|
Directional yagi. :D (n/t) | by themadkansan | 2008-03-19 16:06:12 |
|
Always knew Pringles would kill me one day. (n/t) | by chanceslost | 2008-03-19 16:42:39 |
|
|
[Todays Cartoon Discussion]
[News Index]
|
|
