18.10.1. "What about "duress" codes for additional security?" - Where a harmless decrytion can be done, or an alarm sent. + Examples - sending alarm, like an under the counter alarm button - decrypting a bank card number for a lesser-value account - two sets of books (not strictly a "duress" code, unless you view the IRS as causing duress) - alarms to associates, as in cells - " Having a separate authentication mechanism that is used under duress is a very good idea that some existing systems already employ.... From a systems point of view, it is hard to figure out exactly how the system should respond when it recognizes a duress authentication....The safe inside the ATM machines used by BayBanks (Boston Mass) can be opened with two combinations. One combination sends an alarm to the bank via a separate phone line (not the one used to perform the ATM transaction). The alarm phone line is also connected to a conventional panic switch." [Bob Baldwin, Duress Passwords/PINs/Combinations, 1993-11-18] 18.10.2. Duress switches, dead man switches, etc. + "Digital flash paper," can be triggered to erase files, etc. - (BATF and DEA raiders may have sophisticated means of disabling computers) + Duress codes..."erase my files," ways of not giving esrowed information unless proper code is given, etc. + "Don't release if I am under indictment" - interesting issues about secret indictments, about publicity of such cases, access to court records by offshore computers, etc. 18.10.3. Personal security for disks, dead man switches + I have heard that some BBS operators install dead man switches near the doors to rooms containing their systems...entering the room without flipping the switch causes some action to be taken - erasing a disk, dumping a RAM disk (a dangerous way to store data, given power failures, soft errors, restarts, etc.)
Next Page: 18.11 Can Encryption be Detected?
Previous Page: 18.9 The Net
By Tim May, see README
HTML by Jonathan Rochkind