Fashion and astronomy lead the way to cost effective tamper protection

Filed Under: Data loss, Featured, Privacy, Vulnerability

You're no doubt familiar with Pluto, the planet that got relegated.

If you're an adult, you probably learned at school that Pluto was the ninth, and smallest, and faintest, planet in the solar system.

(It wasn't always the most distant, as Neptune is sometimes further from the sun, but Pluto was very much the far-flung baby of the solar system.)

Indeed, Pluto was the ninth planet, until a kerfuffle broke out when a larger object, known as Eris, was found to be orbiting the sun about three times further out than tiny Pluto.

Eris, as it happened, only made it to dwarf planet status, which seemed anomalous.

Either Eris had to get promoted to the Premiership and become the tenth planet, or Pluto had to be dropped to the lower leagues - as, in the end, it was, leaving just eight planets for today's schoolchildren to memorise.

But that's not the most interesting thing about Pluto.

What's interesting (at least, it's interesting because it happens to fit neatly into this article, but bear with me) is how Pluto was found.

In the 1930s, the state of the art celestial body finder was the blink comparator, which is how astronomers looked for subtle changes between images in the days before CCD cameras and digital image processing.

Two images of the same piece of sky, taken some time apart, were presented in turn to an eagle-eyed astronomer, whose job was to identify points of light that seemed to flick back and forth as the comparator flipped between the carefully-aligned photographic plates.

Distant objects like stars would not move perceptibly in images separated by a matter of days or weeks, but closer objects in space - comets, for example, and hitherto unknown planets and dwarf planets - would have moved between exposures, giving an observer a fighting chance of spotting them as they "blinked" before their eyes in the comparator.

The actual plates from which discoverer Clyde Tombaugh spotted the tiny dot of Pluto, flicking across the field of space, are shown above.

Blink comparison revisited

According to Wired magazine, reporting on a paper delivered yesterday at the famous Chaos Computer Congress in Berlin, Germany, the blink comparator inspired researchers Eric Michaud and Ryan Lackey to propose a fascinatingly low-tech solution to tamper detection.

The idea is simple, even though it sounds complicated when described in generic terms:

Physically Unclonable Functions (PUFs), combined with a trusted mobile device and a network service, can be used to mitigate [the risks of covert tampering]. We present a novel open-source mobile client and network service which can protect arbitrary hardware from many forms of covert modification and attack, and which when integrated with software, firmware, and policy defenses, can provide greater protection to users and limit potential attack surface.

Loosely put, if you are on the road with your laptop, especially overseas where you don't know the ropes too well, you'd probably like some way to tell whether local law enforcement, intelligence services, hotel staff, cybercrooks, or any other inquisitive individuals, have been digging around inside your computer.

After all, if they've opened up the case, who knows what secret surveillance systems they may have hidden inside?

So you need a PUF: some characteristic measurement you can easily take of your device that would almost certainly change if someone fiddled with it intrusively.

What we're talking about is something like one of those WARRANTY VOID IF REMOVED stickers, but much harder to clone and replace.

Ideally, you want some product - a laquer, or paint, for example - that has all sorts of unpredictable disorder all of its own (but immutable, once the paint has dried), and that can easily be used to coat key parts of your devices.

The unpredictability means that if an attacker disturbs the original marker - for example, a tell-tale coating that detects whether a screw has been turned or a clip opened - then a photograph of the replacement marker will fail a modern-day blink comparison with the original.

Coating? Laquer? Paint?

What to use?

According to Michaud and Lackey, there's an excellent product on the market that can be deployed for just this purpose.

It's cheap, and easy to obtain, even if it isn't the sort of decoration you'd usually associate with laptops.

Glitter nail polish.

Choose your security look today!

Image of nail polish bottles courtesy of Shutterstock.

, , , , , , ,

You might like

7 Responses to Fashion and astronomy lead the way to cost effective tamper protection

  1. Mike R · 650 days ago

    This sounds remarkably similar to the wax seal of days of yore.

    • Paul Ducklin · 650 days ago

      Same basic idea of a frangible coating that will disintegrate if messed with.

      But a seal produces a similar (and recognisable) image each time for outward inspection - so you compare all sealed items with the image on the original seal. In that sense it acts as a signature, too.

      The nail polish approach requires that you have a secure way of storing a photo of each object you have "sealed," since each "seal" is unique, and effectively impossible to replicate. That uniqueness is a key factor in the system.

  2. CMM · 650 days ago

    So what do you do with the nail polish?

    • Paul Ducklin · 650 days ago

      Paint glitter over (say) the screws you'd have to turn to open up the device, let it set, and take a photo of the "seal".

      The theory is that the coating will splinter and crack if attackers open up a "sealed" screw, and though they can easily paint a new layer of nail polish over the broken one, they'll never be able to get the patterns in the glitter to look the same, because they're a kind of hardware-random feature.

      So you routinely take pictures of the areas you "sealed," and do blink comparisons with the original "seals" you made yourself.

      If the glittery bits in the hardened polish seem to jump all over the place as you flick between the old and new images, you know there's been some jiggery-pokery going on.

      • Guest · 649 days ago

        Is there a practical way to mark a device that does not have a screw? For example, the iPod Touch has no screws. How might I mark the device without getting glitter nail polish into the crack where its two parts intersect?

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Paul Ducklin is a passionate security proselytiser. (That's like an evangelist, but more so!) He lives and breathes computer security, and would be happy for you to do so, too. Paul won the inaugural AusCERT Director's Award for Individual Excellence in Computer Security in 2009. Follow him on Twitter: @duckblog