Sunday, August 28, 2011

Touch Screens - Keeping them fingerprint free

Touch Screens - Keeping them fingerprint free

In my early thread about android dots locking the screen several possibilities were raised and, in particular, I happen to mention  "ii) using fingerprint tape on the touch-screen (so clean the screen regularly)"; that was mentioned in context with the theme of the discussion about avoiding your security access being breached by an unauthorised person.

After some highly active chats with people, nothing to precipitant of course, and not to put too fine a point upon it, the conversation (some of which was rather humorous) turned to prevention of *fingerprints, rather than cure of them. Various options were discussed, which had to be inexpensive:

- Wearing gloves. Ideas stretched (no pun intended) from Marigold Washing Up gloves to those Latex gloves. One would look pretty ridiculous, wouldn't one,  having to put on one's gloves everytime one wanted to use one's phone?

- False hand. Now, you see, this is exactly what I am talking about, people just wont be sensible :-). This led to thoughts about Kenny Everitt's character, the one with the giant hands, 'Brother Lee Love'. It was felt, after a long discussion and a few pints of larger, that hands like this would be OK in the boardroom but would be thoroughly inappropriate for use when sitting in a packed train carriage and tapping the passenger (in the next seat) on their face and body with hands this size and asking him/her to budge-up so one could use the touch screen phone. That was considered using poor ettiquette and simply bad form to do it. So let that be a lesson to you all, don't get on trains with big hands if you want to use your touch screen device.

   
- Cling-film. Oh yes, real classy! But it is cheap and it is disposable (but does it avoid fingerprints?). Could, though, cause a run on stock at the local supermarket due to frequent changes.

- Screen spray protection. Now it would have useful to find out more about any spray on products that prevented lipids build up on the screen, similar to this type of product Windshield Treatment

- Cover screen protection. The ones seen during research tended to show a plastic screen cover or film which might work if they do not retain fingerprint smudges or lipids residue on the cover screen of film.

- Stylus. Research reveals that there are over 15 million pages on google that refer to 'stylus'. Clearly, a bit of research refinement was necessary and I came away with these items for the purposes of the topic of this thread:

This stylus is called a 'capacitive stylus', and you can learn more about why they are used here 
 The photo is courtesy of htcaccessorystore

They can be used with resistive touch screen devices, such as HTC and so on:
Photo coutesy of engadget

From the styli research I came away with the notion that if "necessity is the mother of invention", (in fact we are told Plato actually said: "Necessity, who is the mother of invention") then styli are in need of it, apparently. I arrived at this opinion when one individual found you could make a free of charge capacitive stylus made from a "silvery-metallic looking antistatic film". OK, ok, I think I am following this. Enlightenment is just around the corner with a home made video. It is only an image, below, so follow the link to how-to-make-a-free-capacitive-stylus to watch the video. I found the author of the video waving his hands around alot and it is abit distracting when watching the video. Also, he finds it necessary to touch the screen with the hand not holding the home-made stylus, which could indicate a possible set back in avoiding fingerprints. Fair play to him, though, as it appear his find might just be a discovery of necessity of some sort, but that is just pure speculation on my behalf.



Having trawled the life and times of  these styli I happened to come across this little video gem (below) from someone using a home made version of capacitive stylus made from a "square of static bag". Two points to note. One point is that a outcome of using a capacitive stylus is that when used it cleans the screen at the same time, apparently. I had some difficulty in following that logic if the point in using a stylus is to avoid using fingers then where are the fingerprints to be revealed eg: the dots, pin, password? The second point might answer the former question as it seems the video is actually about preservation of fingerporints when a touch screen device is being examined and where the user has fingered his/her touch screen device.  I'll give at least one mark out of ten for effort for the handwritten statement of intent at the top of the paper which the author of the video helpful points out to refresh our memory of it. I'll leave all of you to judge how effective the technqiue is used by the video's author. Follow this link to preservation of fingerprints


So, luckily, having worked to bring the discussion back on topic about fingerprints, it would appear there is a world out deeply involved with 'mothers of inventions' working out how to avoid leaving fingerprints on touch screen devcies and another world working out how to preserve them. Moreover, use a stylus by all means, but you will need two if you wish to re-size the image on the touch screen. Finally, I and those raise observations take no responsibility for anyone using any of the observations above. If you have any suggestions you would like to add to this discussion on how to avoid or preserve fingerprints on touch screen devices send an email (to trewmte@gmail.com) along with your name and company and those details will be given as a by-line along with your suggestions. 

So there you have it.

Until the next time, have a great August bank holiday.

* Lipophobicity & Oleophobic
* Indium tin oxide - one of the most widely used transparent conducting oxides
* Example of device using Oleophobic coating technology Ipad

Monday, August 22, 2011

TCP/IP, RFC and a few laughs along the way

TCP/IP, RFC and a few laughs along the way


For those of us who are constantly studying to keep up to date with technological advances or going on re-fresher courses to remind ourselves of things we thought we knew well, but had actually forgotten bits and pieces, it is the daunting amount of information to be read and absorbed that can be off-putting at times.  For example, I am currently on a re-fresher for TCP/IP (Transmission Control Protocol/Internet Protocol - TCP/IP_model) and just one of the documents I am reading runs to over 700 pages long. TCP/IP sounds very boring (and to most it probably is).

Given that the nitty-gritty of TCP/IP also appears technically demanding to understand (perhaps a bit like rocket science) one needs a sense of humour working in this arena if one is not to go ‘bonkers’ or become a total ‘anorak’ on the subject. Whilst reading the commentary on the standardisation bodies structure responsible for the creation of RFC (Request for Comments) IP Standards and proposals for RFC standards I was came across a couple of gems, which I found quite humorous.  To fully appreciate the humour, one needs first to have an appreciation of the aura of formality and control engendered around understanding standardisation and the bodies that assist in their creation.

As a very brief overview, because of the openness and perpetual renewal of TCP/IP, which is popular with developers and users alike, there is no overall governing body to issue directives and regulations for the Internet.  Control is mostly based on mutual co-operation. The Internet community is said to be organised and managed by the Internet Architecture Board (IAB). The IAB itself relies on the Internet Engineering Task Force (IETF) for issuing new Standards (RFCs) and the Internet Assigned Numbers Authority (IANA) for co-ordinating values shared among multiple protocols. RFC standards can be proposed by anyone; but the RFC Editor is responsible for reviewing and publishing new standards documents. The IETF itself is governed by the Internet Engineering Steering Group (IESG) and is further organised in the form of Areas and Working Groups where new specifications are discussed and new standards are proposed.

In order to have a new IP protocol approved as a standard, applicants have to submit a proposed specification to the IESG where it will be discussed and reviewed for technical merit and feasibility and also published as an Internet draft document. For Internet Protocol suite to evolve through the mechanism of Request for Comments (RFC) new protocols (mostly application protocols) are designed and implemented by researchers, and are brought to the attention of the Internet community identified in standard categories: 

Draft standard: There is a possibility that changes will be made in a draft protocol before it becomes a standard. 
Proposed standard: Revision of the protocol is likely. 
Experimental: A system should not implement an experimental protocol unless it is participating in the experiment and has co-ordinated its use. 
Informational: Protocols developed by other standard organisations, or vendors, or that are for other reasons outside the purview of the IAB may be published as RFCs
Historic: These are protocols that are unlikely to ever become standards, because they have been superseded by later developments or due to lack of interest.
Required: A system must implement the required protocols.
Recommended: A system should implement the recommended protocol.
Elective: A system may or may not implement an elective protocol. The general notion is that if you are going to do something like this, you must do exactly this.
Limited use: These protocols are for use in limited circumstances. This may be because of their experimental state, specialised nature, limited functionality, or historic state.
Not recommended: These protocols are not recommended for general use. This may be because of their limited functionality, specialised nature, or experimental or historic state.

The overall picture one gets, having glimpsed at this highly defined and controlled standardisation structure, is one of individuals feverishly working away solving technical conundrums with little room for levity. Well, apparently not. It was with a grinning surprise I found, amid all this rocket science, that some ‘techies’ have been allowed to let their imaginations run riot – presumably to defeat creeping techmadness, maybe?  Two protocols identified by the RFC Editor, and dated April 1st that are described at best as “impractical”:

RFC 1149 (dated 1990 April 1 - rfc1149) describes: A standard for the transmission of IP datagrams by avian carrier (carrier pigeon)
See also RFC 6214 – (rfc6214)

RFC 1437 (dated 1993 April 1 - rfc1437) describes: The Extension of MIME Content-Types to a New Medium (transmission of people by electronic mail).

Are these two impractical or just ahead of their time?

Thursday, August 18, 2011

Android DOTS - Locking the Screen

Android DOTS - Locking the Screen



I have received several emails following the earlier post iphones-common-password-usage-risks whether I had seen other studies or reports about security risks with the Locking the Screen (linking DOTS) feature in Android and similar featured mobile phones and what I thought.

It is impossible to read everything and many studies/report sometimes don't become available until some years after authors produce them.

My own analysis of the reports (at this stage) that I have seen thus far is that many of the comments about Locking the Screen privacy techniques generally identify that an author acknowledges the device has this privacy/security capability available and provides one method to reduce risk. Forensically speaking, authors also record the complications when the restricted access mode is activated when the device is presented for examination. These are useful comments, but are not fully supported by any indepth research to define common combination of DOTS used by users for their numerical choice of locking patterns. That is menat to be taken in context with the common choice of PINs as suggested by the post iphones-common-password-usage-risks.

The authors Aviv/Gibson/Mossop/Blaze/Smith in 2010 produced an informed and respected report on Screen Smudges that illustrated risks of pattern smudges on the mobile phone touch-screen being detected which refined earlier concerns in 2009 about smudging illustrated in posts on the Android - An Open Handset Alliance Project.

There are discussive science articles on the web about how secure are Android DOTS unlock_patterns regarding numerical choices for the locking code that, again, could provide useful material for more indepth forensic analysis and study. I could carrry on identifying material I have researched but that would merely produce, largely, similar and repetitous paragraphs of statements listing what I found available. However, risks to user touch-screen mobile phones may occur when considering entering unlock DOTS patterns, passwords and PINs and unauthorised access attacker or hackers gaze could potentially include the less troublesome methods to gain access using:

i) clandestine apps/progs (WORMs etc from download or P2P) that could record user entries on the touch-screens and storing the output [having fowarded to a memory cards etc] in a hidden file (so be aware of apps/progs on the handset - check eg file manager/root and change memory cards on a regular basis)
ii) using fingerprint tape on the touch-screen (so clean the screen regularly)
iii) shoulder-surfing the user's locking DOTS pattern (so the longer the pattern the harder it can be for the shoulder-surfer to memorise)

Wednesday, August 17, 2011

The Emperor's New Clothes

The Emperor's New Clothes

I was reminded recently of this Hans Christian Andersen tale that brought back memories of hearing it as a child. The hero in the tale is the child for speaking out because those who could have said something found it difficult until it became impossible for them not to say something (but by then it was too late).

The tale could have application to forensics and expert evidence. The focus on distinguishing illusion from reality is an important one and tasks all of us in our field of endeavour to ensure amongst other things:

i) opinion given doesn't simply repeat what others have stated for fear of stepping out of line or the threat of the use psychological intimidation of belittle to one's character
ii) to stand up and challenge, even where an awful lot money has been spent on methods or systems that are systemtically flawed or producing inaccurate statements
iii) not to leave a problem to others to highlight the reality of it ('truth will out') because it feels safe to pretend ignorance or suggesting that it was someone else's problem so not bothering to test the veracity of the method/system in use

Monday, August 15, 2011

Research: critiques of author recognition

Research: critiques of author recognition

With the high-profile Olympics less than 12-months away, the recent looting and rioting that involved the use of voicemail, instant messenging and web-based media and the approach to using "cybercrime" as the new-labelled tool to describe digital investigation and evidential seizure of alleged culpability, these research papers cover some useful ground that might be helpful in evaluating methodology previously unsuspected as fallible to error or mistake, and may have some useful application when applied in author recognition cases which might be relevant to evidence found on mobile phones and computers.

Authors vs. Speakers: A Tale of Two Subfields

The best part of Monday's post on the Facebook authorship-authentication controversy ("High-stakes forensic linguistics", 7/25/2011) was the contribution in the comments by Ron Butters, Larry Solan, and Carole Chaski. It's interesting to compare the situation they describe — and the frustration that they express about it — with the history of technologies for answering questions about the source of bits of speech rather than bits of text.


Practical Attacks Against Authorship Recognition Techniques

The use of statistical AI techniques in authorship recognition (or stylometry) has contributed to literary and historical breakthroughs. These successes have led to the use of these techniques in criminal investigations and prosecutions. However, few have studied adversarial attacks and their devastating effect on the robustness of existing classification methods. This paper presents a framework for adversarial attacks including obfuscation attacks, where a subject attempts to hide their identity imitation attacks, where a subject attempts to frame another subject by imitating their writing style. The major contribution of this research is that it demonstrates that both attacks work very well. The obfuscation attack reduces the effectiveness of the techniques to the level of random guessing and the imitation attack succeeds with 68-91% probability depending on the stylometric technique used. These results are made more significant by the fact that the experimental subjects were unfamiliar with stylometric techniques, without specialized knowledge in linguistics, and spent little time on the attacks. This paper also provides another significant contribution to the field in using human subjects to empirically validate the claim of high accuracy for current techniques (without attacks) by reproducing results for three representative stylometric methods.