WorstPlans.com updates every Monday!

Your weekly source for terrible plans and ideas!

Tag: encryption

Throw away your laptop privacy screen and use this camera-plus-software approach for the ultimate in security!

Background:

Laptop privacy screens (or “monitor filters”) reduce the viewing angle of a laptop screen in order to prevent evildoers from snooping on sensitive information on your laptop (Figure 1).

1-privacy-invader

Fig. 1: Since this laptop does NOT have a privacy screen on it, the suspicious individual at left is able to view this contents of the laptop (despite being at an extreme off-center angle).

The issue:

Unfortunately, these privacy screens have a few downsides:

  1. They are inelegant to attach. Often, the attachment points block a small amount of screen real-estate.
  2. They slightly darken the screen even when viewed directly head-on
  3. When collaborating with coworkers, removing and replacing the screen is time-consuming.

Proposal:

A high-speed camera could, in combination with facial recognition and eye-tracking software, be used to determine who is looking at the screen and exactly what part of the screen they are looking at.

Then, the privacy system simply scrambles the contents of your laptop screen as soon as it notices an unauthorized individual looking at your screen (Figure 2). (When you are the only viewer, the eye tracking camera can recognize you and not scramble the screen.)

 

2-privacy-solution

Fig. 2: With the camera-based privacy filtering system, the laptop instantly scrambles the screen as soon as it detects that someone besides the laptop owner is looking at the screen. Note that the contents of the laptop look similar at a glance, but are actually scrambled nonsense. This prevents passers-by from immediately realizing that a software privacy filter has been applied (and potentially attracting unwanted attention).

In an extra-fancy system, the scrambling mode could be operational at all times, with the laptop only unscrambling the very specific part of the screen that the user is looking at (Figure 3). This is similar to the idea of foveated rendering, where additional computational resources are directed toward the part of the screen that the user is actually looking at.

3-bonus-smart-blur-for-just-the-owner

Fig. 3: It might be possible to selectively unscramble only the part of the screen that the user is actively looking at. The region in the user’s peripheral vision would remain scrambled.

Conclusion:

If you own a laptop manufacturing company and are looking for an endless hardware task to employ your cousin or something, this would be a great project!

PROS: The laws of physics do not prevent this from working!

CONS: Might be impossible to use a laptop in a coffeeshop with this system activated.

Never worry about losing your laptop again with these TWO EASY TIPS that will shock and horrify you. You’ll never believe what happened next! The amazing secret of proximity-based encryption.

The issue:

Currently, the loss or theft of an unencrypted laptop can be a huge pain for an employee and/or their company.

If a laptop gets stolen out of a person’s car, or just gets forgotten in a train or cafe, it’s entirely possible that the laptop owner will now have to change all their passwords.

And if they were working on some sort of top-secret project, now it’s a major hassle to worry about what might (or might not) have been disclosed to a competitor.

Additionally, travelers to foreign countries with especially valuable company secrets may have to worry about state-sponsored corporate espionage.

Proposal:

If a user really plans to only use certain data while physically at work (and never access this data while off-site), the user’s laptop can have a special hard drive that can only be accessed while within range of a specific WiFi network (see the solid state hard drive mockup in Figure 1).

Thus, if the user misplaces their laptop or has it seized by a foreign government, there is literally no way to decrypt the data. (Unless the laptop makes its way back within range of the company’s WiFi network, but presumably the laptop would be blacklisted as soon as the theft/loss is discovered).

secure-drive-concept

Fig 1: The hard drive is integrated with a WiFi radio; the decryption key must periodically be refreshed by proximity to the company’s WiFi key broadcasting system. If this hard drive is taken out of range, the hard drive locks itself again.

Since the drive must be within the range of the company’s WiFi “key” broadcaster in order to decrypt (Figure 2), it is nearly impossible laptop theft to result in exposure of sensitive data.

(If an adversary did steal an encrypted laptop, they would theoretically be able to access the data if they 1) know the user’s password and 2) are able to drive the laptop to the company’s parking lot (within range of the WiFi) before the theft is discovered and the laptop’s access credentials are revoked).

secure-key-broadcaster

Fig 2: In order to access the files on the hard drive, the user must be within range of the “key broadcaster” (just a specially-configured WiFi network). Whenever the user takes their laptop off-site, the data will be totally inaccessible even if the user has the correct password.

Possible issue:

Would an adversary be able to circumvent this system by having a co-conspirator sit in the company parking lot, capturing all the (encrypted) WiFi traffic and re-broadcasting it over the Internet? (It seems like this method would be extremely labor intensive, plus the parking-lot-infiltrator would need undetected access to the company network.)

PROS: Makes it impossible for foreign travelers to be coerced into revealing their laptop’s contents, since the laptop owner themselves cannot even access the data while traveling.

CONS: Opens up new way for a company to lose all of its data if the decryption broadcasting system fails.