Navigation

    • Login
    • Search
    • [[global:header.recent]]
    • [[global:header.tags]]
    • [[global:header.popular]]
    • [[global:header.groups]]
    • [[global:header.search]]
    1. Home
    2. IBBoard
    I
    • Profile
    • Following 0
    • Followers 0
    • Topics 0
    • Posts 3
    • Best 0
    • Groups 0

    IBBoard

    @IBBoard

    0
    Reputation
    1092
    Profile views
    3
    Posts
    0
    Followers
    0
    Following
    Joined Last Online

    IBBoard Unfollow Follow

    Latest posts made by IBBoard

    • RE: NFC Mouse (input device)

      Except, how do you ensure that you're not letting your data be compromised when someone else has an NFC-reading mouse?

      Admittedly someone else posted a commercial Asus device that lets you log in to Windows 8 just by swiping a fob, so the industry is willing to push stuff that is susceptible to replay attacks, but that doesn't make it the most complete and secure solution :)

      I'm still trying to work out what the best option is for something like this with minimal complexity.

      posted in Ideas for using NFC Rings
      I
      IBBoard
    • RE: Which finger do you plan to put the ring?

      I'm going with middle-finger on my right hand, because I already wear rings on that hand and I don't want it on my left hand and damaging my wedding ring. My only concern (with complete paranoia mode) is that I've then got to be more careful with devices as they might accidentally read the private half of my ring when I use them (e.g. the idea of stealing data by putting an NFC reader in a mouse, or a door knob, or a glove when you shake hands, etc)

      posted in Ideas for using NFC Rings
      I
      IBBoard
    • RE: Thinking about security

      Interesting ideas, but Lokki is right with the updated key issue: you can only unlock one thing with the device. If you unlocked your door and it rewrote the variable key portion then your phone wouldn't know what to expect (for example), unless they used the Internet of Things and a central database, which increases: power drain, probability of system being hacked, etc.

      If a device can just be read by proximity (even if it is very close proximity) then having it as the only mechanism for a master password isn't great, but having it as part of two-factor authentication is probably reasonable. I'm planning to use my ring for 2FA on my phone with a fallback to a really long password, because that way I get convenience when I have the ring (NFC and short password) but anyone breaking into my phone has to either brute-force a long password or have cloned my ring [i:1tpt4rbi]as well as[/i:1tpt4rbi] stealing my phone [i:1tpt4rbi]and then[/i:1tpt4rbi] break a password.

      At work we have mag-stripe cards or NFC passes to get into different buildings. For some buildings it is enough to just swipe, but for others you need swipe and pin. Unless those passes do extra crypto (i.e. they're not just passive NFC) then all you need is a clone of the card and you can get in to some places. The mag-stripe cards definitely won't do anything but give data, and many organisations will use those without concern (although they do need swiping rather than just proximity to clone, I believe).

      posted in Ideas for using NFC Rings
      I
      IBBoard