18.10.1. "What about "duress" codes for additional security?"
- Where a harmless decrytion can be done, or an alarm sent.
+ Examples
- sending alarm, like an under the counter alarm button
- decrypting a bank card number for a lesser-value account
- two sets of books (not strictly a "duress" code, unless
you view the IRS as causing duress)
- alarms to associates, as in cells
- " Having a separate authentication mechanism that is used
under duress is a very good idea that some existing systems
already
employ.... From a systems point of view, it is hard to
figure out exactly how the system should respond when it
recognizes a duress authentication....The safe inside the
ATM machines used by BayBanks (Boston Mass) can be opened
with two combinations. One combination sends an alarm to
the bank via a separate phone line (not the one used to
perform the ATM transaction). The alarm phone line is also
connected to a conventional panic switch." [Bob Baldwin,
Duress Passwords/PINs/Combinations, 1993-11-18]
18.10.2. Duress switches, dead man switches, etc.
+ "Digital flash paper," can be triggered to erase files,
etc.
- (BATF and DEA raiders may have sophisticated means of
disabling computers)
+ Duress codes..."erase my files," ways of not giving esrowed
information unless proper code is given, etc.
+ "Don't release if I am under indictment"
- interesting issues about secret indictments, about
publicity of such cases, access to court records by
offshore computers, etc.
18.10.3. Personal security for disks, dead man switches
+ I have heard that some BBS operators install dead man
switches near the doors to rooms containing their
systems...entering the room without flipping the switch
causes some action to be taken
- erasing a disk, dumping a RAM disk (a dangerous way to
store data, given power failures, soft errors, restarts,
etc.)
By Tim May, see README
HTML by Jonathan Rochkind