March 2nd, 2004, 06:13 AM
Sound or Tone as Password/Key???
Hey all. I was wondering if anyone has seen an encryption program, or any software for that matter, that uses a tone or some sound input as a password or key. Any help would be appreciated.
March 2nd, 2004, 06:25 AM
This reminds me of the captain crunch whistle hack. Thats where the name 2600 came from, the frequency of the whistle that allowed you to make free calls on payphones.
As for voice passwords, my dad had a voicemail a while back that had one, he would say his name to enter his voicemail. I was young so i dont remember the name
Little bit of info here, but they also say that it should exist
March 2nd, 2004, 12:22 PM
Only problem with this is physical security. Whatever makes the noise/sound/tone can be stolen. Unless its used with a memorized password, fingerprinter or other backup/secondary check, I think it would be about the equivalent of writing your password in BIG letters (with a description of exactly what is being read) and carrying it in a visible place.
Being in a physical as well as computer security field, I know how often people lose things.
I have recently seen the COOLEST form of computer security yet however.
People wear electronic pendants, that display a 8 digit number. This number changes once every minute. the numbers are unique to thier user accounts. To log in they need the password they have in thier head, and have to read, and type that number...
THAT is pretty damn cool if you ask me.
The ark was built by amatures...
The Titanic was built by professionals.
March 2nd, 2004, 02:01 PM
I agree with the weakness in a tone/voice based password, it all goes along with how easy it was to crack the old tone based pay phones. All someone has to do is record it once and they have all the access they need. Also, with so many methods to actually record you, without you knowing.
1. All they need to do is hear you say it once and then when your not at your PC, start up a conversation that would contain that word.
2. Have a Microrecords sitting by your desk
3. I can go on all day...
March 2nd, 2004, 04:07 PM
if you come in to work whistling a happy turn you can wind up locked out?
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
March 2nd, 2004, 04:18 PM
my dad had one of these, avenger_jcc- He types in a password on the card, and the card spits out a generated password back. Pretty cool stuff, even if you lose the card you still need the password.
Anyone remember the end of richie rich, where they go into a musical number to open the family vault?
I knew the fat kid in Richie Rich growing up. Hes the one that breaks the gumball machine.
March 2nd, 2004, 04:20 PM
A person that I know who works at AOL has one of those time changing things that avenger_jcc mentioned. Perhaps that is something that could be integreated with the audio key idea. Have a tone generator that creates a different string and rythm of tones depending on time. Although, it has the same flaw as the time-number key in that if someone steals it, or if you loose it, your out of luck. Maybe a thumbprint scanner should be placed on the number/tone generator to get a number/tone. But then why not just use the thumprint scanner?!
Also, one idea that I had for the tone, be it effective/secure or not, is to input via a music device, be it MP3, MiniDisc, CD, whatever through the headphone output into the computer "Line In" in which case the tone could be not heard by others. Or if the program that utilizes the tone was say an encryption key instead of a login or such, you could even just loop the output of your computer back into its input and play the tone from the computer. This has flaws of course, unless you use a flash disk or some easily removeable drive so others couldn't find it.
March 2nd, 2004, 04:29 PM
I believe it doesn't matter what kind of Authencation method is used because if someone wants to get into the computer or device bad enough will always find a way to either copy the tones, voice Etc
March 2nd, 2004, 05:17 PM
Yes I have encountered sound activated security, basically for access control, not cryptography though.
Voice pattern recognition..........yep............but all this is 70's to early 80's stuff, twenty to thirty years out of date? and too easily confused/circumvented.
Key round your neck & password...............a token.................something you know and something you own.......check out RSA and virtual private networking.............only about 5 years old (well to me........sure it has been around longer) just catching on in the non-finance/military/intelligence sectors it would seem?
I do remember these marvellous devices that we wore round our necks...opened a door as you approached it, and logged your whereabouts on site..............it cost an absolute fortune...........which they had to regurgitate
People were doing funny dances in front of doors to open them............I saw some of the security guards' films........hell it would have made great TV
IMHO you will get better security from a flock of geese, and a young gentleman from the 75th Rangers or 2nd Recon, whose girlfriend has just left him..................all he needs is 1000 rounds of purple spot for the M-60/GPMG?......a six pack might help with the watch though?
EDIT: make that two six-packs.........they deserve it
March 2nd, 2004, 05:27 PM
I have also heard of authentication mechanisms in development based on the way you type, and also your breath...although I can imagine that after a heavy night of drinking this could easily fail...
There are also of course the retina scans, many of which can be defeated by a photograph of the correct eyeball.
Personally, I like my fingerprint reader, it works well and so far no problems.
Quis custodiet ipsos custodes