GideonTech.com Forums

  • June 19, 2019, 10:06:43 PM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Pages: 1 2 [3] 4   Go Down

Author Topic: magnetic card reader for power switch?  (Read 6815 times)

TemplaraPheonix

  • Senior Modder
  • ***
  • Karma: +0/-0
  • Offline Offline
  • Posts: 228
magnetic card reader for power switch?
« Reply #20 on: August 12, 2003, 01:06:26 AM »

Quote
If by secure, you mean that the card information is stored in the clear, you are correct. There's not a whole lot that you can do to protect the contents of that memory. Short of technology that I can't talk about, you're really up a creek. The idea is neat, but far from feasible.


My issue was that the way it's hooked up is not secure, kind of like putting a really expensive keylock on a car ignition. You don't have to defeat the lock, just cross the wires. Not that I don't admit the lock in my plan isn't defeatable.

As for my idea, I thought you had a magnetic strip on your state driver's liscence (like New York State does) and wanted to be able to swipe that card and turn on your computer. Thus you'd need to capture the output of a reader when the card is swipped, and find some way to recognize it. If you just want any old card, there are many ways to do it.

Oh, I also like the optical one, it's very clever.
Logged

Skylined

  • Moderator
  • Elite Modder
  • *****
  • Karma: +4/-2
  • Offline Offline
  • Posts: 1,841
    • mtb.com.uy : Mountain Bike Uruguay
magnetic card reader for power switch?
« Reply #21 on: August 12, 2003, 01:54:56 AM »

I'll finish the guide soon.
I know it isn't neat but it works.
That was a project I did for university, and they said they didn't care about soldering nor box nor looks, it just had to work.
Logged

timid1

  • Elite Modder
  • ****
  • Karma: +1/-1
  • Offline Offline
  • Posts: 1,281
magnetic card reader for power switch?
« Reply #22 on: August 23, 2003, 01:31:46 AM »

You might want to consider proximity card readers.   They're a little more expensive, but if you frequently use the card that card is going to get torn up.  Proximity card readers are used at the outter gates at my workplace, but unfortunately, regular swipe card readers are used to get into my cubicle area as well as lab areas.  A little inconvenient.
Logged

spikyhercules

  • GT Fanatic
  • **
  • Karma: +0/-0
  • Offline Offline
  • Posts: 51
magnetic card reader for power switch?
« Reply #23 on: August 23, 2003, 05:07:11 AM »

I have the Advanced Card and Chip Programmer  6th down on this page
http://www.cardman.co.uk/programmers.html it used to be used for programming skyTV cards ;)
I was wondering if i could use mine to do the same thing as zarbon7 I have software for programming the cards but nothing else on the subject.
Logged

NewModder

  • GT Fanatic
  • **
  • Karma: +0/-0
  • Offline Offline
  • Posts: 51
magnetic card reader for power switch?
« Reply #24 on: August 24, 2003, 09:46:13 PM »

Quote from: timid1
You might want to consider proximity card readers.   They're a little more expensive, but if you frequently use the card that card is going to get torn up.  Proximity card readers are used at the outter gates at my workplace, but unfortunately, regular swipe card readers are used to get into my cubicle area as well as lab areas.  A little inconvenient.


If you want to use this type of card, try this website

http://www.xyloc.com

I use one at work and it keeps my PC safe and secure, except for another admin coming and logging me out.  But other than that this thing is awesome.
Logged

timid1

  • Elite Modder
  • ****
  • Karma: +1/-1
  • Offline Offline
  • Posts: 1,281
magnetic card reader for power switch?
« Reply #25 on: August 25, 2003, 01:11:20 AM »

Quote from: NewModder

If you want to use this type of card, try this website

http://www.xyloc.com

I use one at work and it keeps my PC safe and secure, except for another admin coming and logging me out.  But other than that this thing is awesome.


I hate to be the one to crash your party, but 32-bit encryption is absurd.  Not only that, the proximity card readers that I was talking about work only within a range of one inch to three inches.  Having the capability to work up to 50 feet away is a serious security risk.  A little sniffing here and a little sniffing there and viola, you've been hacked.  I have a hard time believing that their keyspace is so large that cryptanalysis can't hack it.
Logged

orion

  • Senior Modder
  • ***
  • Karma: +0/-0
  • Offline Offline
  • Posts: 215
magnetic card reader for power switch?
« Reply #26 on: August 25, 2003, 10:06:36 AM »

Quote from: timid1
A little sniffing here and a little sniffing there and viola, you've been hacked.


They do have some security through obscurity going for them.  I suspect (but don't know for certain, I'm no wireless hacker) that it would be difficult to sniff a 300, 800 or 900 MHz signal since most of that kind of activity is geared toward the 802.11 wireless variants.  If I implemented this system for a network where hacking was a strong concern, I'd just set it up to require a user name and password in addition to the proximity key.

If you want something to be highly secure, you never secure it with one system alone.  I don't care if you've created an ultra-futuristic instantaneous DNA identification system, you still want to combine it with another, different security vector.  If you had something that combined fingerprint match, facial recognition, proximity card, voice print match and key phrase and typed passwords you'd actually have something pretty secure.  :)

Now, implementing the xyloc system in combination with a biometric fingerprint scanner and password would probably be intimidating enough that most hackers would be deterred...  Or would just hack the network itself and bypass workstation security altogether. :)  That's part of the problem as well, with as interconnected as things are, every interface by which the computer can take input from something outside of the case is a possible security hole and most computers are swiss cheese.
Logged

timid1

  • Elite Modder
  • ****
  • Karma: +1/-1
  • Offline Offline
  • Posts: 1,281
magnetic card reader for power switch?
« Reply #27 on: August 25, 2003, 08:30:35 PM »

Quote from: orion
Quote from: timid1
A little sniffing here and a little sniffing there and viola, you've been hacked.


They do have some security through obscurity going for them.  I suspect (but don't know for certain, I'm no wireless hacker) that it would be difficult to sniff a 300, 800 or 900 MHz signal since most of that kind of activity is geared toward the 802.11 wireless variants.  If I implemented this system for a network where hacking was a strong concern, I'd just set it up to require a user name and password in addition to the proximity key.

If you want something to be highly secure, you never secure it with one system alone.  I don't care if you've created an ultra-futuristic instantaneous DNA identification system, you still want to combine it with another, different security vector.  If you had something that combined fingerprint match, facial recognition, proximity card, voice print match and key phrase and typed passwords you'd actually have something pretty secure.  :)

Now, implementing the xyloc system in combination with a biometric fingerprint scanner and password would probably be intimidating enough that most hackers would be deterred...  Or would just hack the network itself and bypass workstation security altogether. :)  That's part of the problem as well, with as interconnected as things are, every interface by which the computer can take input from something outside of the case is a possible security hole and most computers are swiss cheese.


Actually, it is worth noting that you cannot completely secure any system.  And security by obfuscation/obscurity is definitely a no-no!  Anyone with the time and patience CAN and WILL hack through.  Extra levels of security work great, but where you have gone completely wrong is implying that these additional levels is what makes it secure.  Correction, my friend, adding additional levels only increases the costs associated with exploitation.  There's a certain point where exploitation is no longer feasible--but that doesn't mean the adversary isn't going to pursue attacking your system.

Biometric scanners are far from perfect.  They are highly inaccurate and I have been able to, more than once, gain unauthorized access to supposedly secure devices.  In short, I think you need to go deeper than "password" type devices.  Use the proximity card scanner and go ahead and use encryption.  BUT, keep in mind that the data is eventually decrypted.  There are solutions to the problem...... but I leave that as an exercise for the mind. ;)  Please post your ideas.
Logged

orion

  • Senior Modder
  • ***
  • Karma: +0/-0
  • Offline Offline
  • Posts: 215
magnetic card reader for power switch?
« Reply #28 on: August 25, 2003, 09:07:17 PM »

Quote from: timid1
Correction, my friend, adding additional levels only increases the costs associated with exploitation.


Very true, true security is a delusion, but after a point, it takes so much work to get into a system that what you get isn't worth it...  You'll still get people trying to break in just for the challenge of it, but only if those people know about it.  I heard a great analogy on TechTV, I think it was on Screen Savers.  They said that security is like a lock on a house, it doesn't make your house impregnable and someone who is really determined will be able to get in, but it will encourage most thieves to seek easier pickings.

Quote from: timid1
Biometric scanners are far from perfect.  They are highly inaccurate and I have been able to, more than once, gain unauthorized access to supposedly secure devices.  In short, I think you need to go deeper than "password" type devices.


Absolutely, but combining multiple security methods makes things a WHOLE lot more secure if just by increasing the "key space"...  It also increases the complexity of the attack required to breach the security greatly.  Of course, all the security in the world on your front door is useless if you leave your back door wide open, and in most computer systems there are FAR too many back doors.

Quote from: timid1
Use the proximity card scanner and go ahead and use encryption.  BUT, keep in mind that the data is eventually decrypted.


Actually, it doesn't matter if the data CAN be decrypted, just whether it can be decrypted before it becomes old enough that it is no longer useful.  Double encrypting with RSA using two 256 digit encryption/decryption pairs for security and signature will take (on average) so long to decrypt that by the time you're done crunching, the information will be obsolete.  That presupposes reasonably random key generation, of course...  Of course, xyloc is not nearly that secure, that's why they provide the option to require a user name and password as well as the proximity key.  Your chances of getting away with password cracking while sitting at a computer you're not supposed to be using are significantly reduced, especially if only one user name and password actually work since only one set correspond to the proximity key.  You'd have to do some more advanced snooping to get the user name and password as well.  If someone is going to work THAT hard to get in, there's not a lot you can do...
Logged

NewModder

  • GT Fanatic
  • **
  • Karma: +0/-0
  • Offline Offline
  • Posts: 51
magnetic card reader for power switch?
« Reply #29 on: August 25, 2003, 09:12:11 PM »

you are exactly right orion.  The real question of security is how much is your data worth to you to protect.  Lamens terms  If it is valuable to you, spend a lot of money to secure it.  Now Zarbon7 says his concern is not security, so it doesnt matter if 32 bit encryption is obsured.  It helps out some and makes it hard for inexperienced people to hack your computer.  Now for real security consult the NSA's white papers on securing your data.
Logged
Pages: 1 2 [3] 4   Go Up
 

Page created in 0.063 seconds with 19 queries.