topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Friday March 29, 2024, 3:32 am
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Last post Author Topic: IDEA: Laptop Security - Lock system/send keystroke unless key pressed in n sec  (Read 36885 times)

tmpusr

  • Member
  • Joined in 2005
  • **
  • Posts: 154
  • Instantiation stuck in meatspace with no backup
    • View Profile
    • Donate to Member
UPDATE: Added link to the program here. It's beta and doesn't yet have all the super-secure (if the adversary is prepared and knows what he's doing) features discussed here, but it works.
http://www.mediafire.com/?wtgywzo2znt
Edit the file to set the timer values. The key combination to reset the timer is Win+3.
You also need to have http://www.autohotkey.com/ installed.
Original code that has a different timeout (fake) warning (task tray balloon) below.

Use the computer with full confidence in situations where it can be snatched (stolen) from your hands. Any public areas actually qualify - and even your (g/b) friend, parent, teacher, bouncer, security guard, police, may just choose to take a look. Or if you absentmindedly leave your system unsupervised for a while, they can't get a (long) peek. The more portable things get, the more easily you lose physical control of them. The solution: you need to provide a "heartbeat" to the computer. They'll get the body but not the mind...
Send keystroke, activate screen saver, blank screen, display an image (favorites: black screen with "Missing Operating System", or "NTLDR is missing", or "Operating system not found", actually switching to DOS graphics mode or the trusty old BSOD), run video, run program, shut down, etc. unless a key is repeatedly pressed within, say, 10 sec. Could be one time only, e.g. during startup.
If you fail, it will optionally ask for a (probably quick and easy to type) password or a (modifier combo) key (or no dialog, you'll just type it) and if you fail to provide it in, say, 30 seconds, it will send a keystroke which will e.g. forcefully dismount encrypted drives.
Optional visible countdown timer with custom position, font, color, transparency. It could stay invisible until 5 sec remain and then change color from green through amber to red, or become more opaque and start blinking when 3 sec remain. If wrong key is entered, the color will optionally change, and optionally a sound will play (lowest priority feature).
Use a string of characters that has to be entered in order, repeating, or any one of them. So e.g. you'd keep on pressing Ctrl+Win+A, Ctrl+Win+S, Ctrl+Win+D to keep the system happy.
The key can be anything, with a modifier or modifier combo or no modifier.

Could support the finger print reader, microphone input (one of a group of recorded sounds/words).
« Last Edit: July 01, 2009, 01:47 PM by tmpusr »

Ath

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 3,612
    • View Profile
    • Donate to Member
You could just set the screensaver (lots of them available) to run after 1 minute (smallest timeout available), and have it lock the screen ofcourse, but all in all it would just be annoying. And if I want to lock the system I can quickly press Win-L.

Can't see any use-case for this :huh: :down:

tmpusr

  • Member
  • Joined in 2005
  • **
  • Posts: 154
  • Instantiation stuck in meatspace with no backup
    • View Profile
    • Donate to Member
Your inability to see any use case is simply the inability to see a common scenario that has occurred many many times:

You're sitting in the public typing. Suddenly you notice you're typing thin air. Some guys are running away with a large bag (no laptop in sight) and disappear behind the corner.

Can't see any way a screensaver would help in this case. The thieves of course know about them, and keep on typing, moving the cursor, and then go and disable it. Just in case the drive is encrypted, they insert a USB drive and steal everything from your drive before letting the system shut down.

This is a basic security feature that is sorely missing.






« Last Edit: June 07, 2009, 02:05 PM by tmpusr »

Ath

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 3,612
    • View Profile
    • Donate to Member
Ah, that was not quite clear from your original post :-[
So you're either missing a finer control over the screen-saver settings, or a kensington lock, connected to your body in some way (yes, that's not very comfortable), and to the laptop, ofcourse :-\

Similar problems exist when using a mobile phone in public, IMHO, and on most mobile phones, there's no kensington lock connector, AFAIK.

tmpusr

  • Member
  • Joined in 2005
  • **
  • Posts: 154
  • Instantiation stuck in meatspace with no backup
    • View Profile
    • Donate to Member
It'd be ok for version 0.1 to have just a countdown timer that will send a keystroke if it doesn't receive a key (combo) within n sec, that's all.

tmpusr

  • Member
  • Joined in 2005
  • **
  • Posts: 154
  • Instantiation stuck in meatspace with no backup
    • View Profile
    • Donate to Member
So that it doesn't annoy a lot, it could be once every 5-15 minutes, though within 15 minutes people could view/copy a lot of data. It's up to you to choose how tight security you want. You'd see the countdown during the last minute, optionally with (or only) a ticking sound during the last 30 seconds. Just press the key and you've got another 15 minutes. The point is that if you're not around, the computer won't just go on forever.

It's hard to believe this kind of utility doesn't already exist.
« Last Edit: June 07, 2009, 02:09 PM by tmpusr »

r0bertdenir0

  • Supporting Member
  • Joined in 2009
  • **
  • Posts: 50
    • View Profile
    • Donate to Member
Do you have autohotkey installed?
if so you can try this script.
It's just a rough draught so you can test & see if this is what you have in mind.
This script has a timeout of 60 secs & you can press Win+3 to reset the timer.
The setting are the variables at the top of the file - they are obviously named.
Right now the script just runs once & if it locks you out you will have to run the script again - but as I said it's just a first run.
And hopefully sum other guys here will jump in 2 polish it up.


#Persistent
#SingleInstance force
#UseHook On
#Include %A_ScriptDir%
SetWorkingDir, %A_ScriptDir%

HotkeyCombo = #3
CountdownTimer = 60
WarningMessageTimer = 30
WarningMessage = WiFi connection signal quality is poor, connection will be lost in %WarningMessageTimer% seconds
DebugMode := False



StartUp:
{

   nCountdownTimer := 1000 * CountdownTimer
   nWarningTimer := 1000 * WarningMessageTimer
   nInternalTimer := nCountdownTimer
   nInternalTimerResolution := 100
   bIconOff := False
   
   
   if(WarningMessageTimer>CountdownTimer)
   {
      msgbox "CountdownTimer" must be greater than or equal to "WarningMessageTimer"
      return
   }
   
   Hotkey, %HotkeyCombo%, HotkeyPressed
   
   SetTimer, InternalTimer, %nInternalTimerResolution%

return
}


HotkeyPressed:
{
   SetTimer, InternalTimer, Off
   nInternalTimer := nCountdownTimer
   SetTimer, InternalTimer, %nInternalTimerResolution%

   TrayTip, Autolock, Timer reset thank you, 5

return
}


InternalTimer:
{

   nInternalTimer := nInternalTimer - nInternalTimerResolution
   if(nInternalTimer<=0)
   {
      Gosub, LockOut
      return
   }
   if(nInternalTimer<=nWarningTimer)
   {
      Gosub, ShowWarning
      return
   }
   
   bIconOff := !bIconOff
   if(bIconOff)
   {
      Menu, Tray, Icon, Shell32.dll, 174
   }
   else
   {
      Menu, Tray, Icon, Shell32.dll, 173
   }
   
return
}


ShowWarning:
{
   TrayTip, Autolock, %WarningMessage%, 30
return
}

LockOut:
{
   SetTimer, InternalTimer, Off
   if(DebugMode)
   {
      msgbox, LOCKOUT
   }
   else
   {
      DllCall("LockWorkStation")
   }
   
return
}

tmpusr

  • Member
  • Joined in 2005
  • **
  • Posts: 154
  • Instantiation stuck in meatspace with no backup
    • View Profile
    • Donate to Member
Appreciated. There's a small security hole: you can close it.

Looking for:
Ability to do the other things, not just lock, though lock does the job - unless you have no password relying on the pre-boot authentication of TrueCrypt (the system drive is encrypted).

If you miss the bubble and don't press the key in time, for example because you're in a full screen Remote Desktop, it should have a grace period of n seconds that displays a conspicuous countdown timer regardless of what is on screen (if playing a game, it switches to the desktop), during which you can press a key, or enter a password. Sort of like UAC, with the background dimmed.

No icon in the tray, especially not an animated one.
« Last Edit: June 08, 2009, 07:51 AM by tmpusr »

tmpusr

  • Member
  • Joined in 2005
  • **
  • Posts: 154
  • Instantiation stuck in meatspace with no backup
    • View Profile
    • Donate to Member
Playing a ticking sound (wav) per second or just once, and when key is accepted, would be good features for no-visuals operation.

r0bertdenir0

  • Supporting Member
  • Joined in 2009
  • **
  • Posts: 50
    • View Profile
    • Donate to Member
Well the close option is not a security hole it's a debugging hole 2 stop the thing locking me out.
I don't run anytyn without absolutely no user interface until I'm sure the bugs are out.

The idea 4 the animated icon is that it flashes very slowly at first & then faster as the timeout approaches but if you dont want it there then I could just take it out.
I think a "grace" period is just matter of perspective - if you want a "grace" period of 60 seconds, then just set the Warning period to 60 seconds. If you want a warning period of 60 seconds & a grace period of 10 seconds, just set yr warning period as 70 secs.

I suppose along with showing the bubble you could bring the Taskbar to the foreground, that should deal with games & the like...
Altho this script does just a Lock Work Station, you cud easily add other actions to the LockOut procedure, to dismount yr encrypted drives & such.
But doncha think in most theft situations locking the desktop is sufficient?
Even if yr mounted volumes are accessible, the thief wud have 2 guess yr password first & if they restart yr drives get dismounted anyway.
But like I said you can customize the LockOut procedure to tell TrueCrypt to dismount all mounted volumes or anything else you want.

I can try out the sound idea 4 you & use sound cues rather than visual balloons.

tmpusr

  • Member
  • Joined in 2005
  • **
  • Posts: 154
  • Instantiation stuck in meatspace with no backup
    • View Profile
    • Donate to Member
Can you overlay (transparent) text on screen? You should see it even when you're in a full screen Remote Desktop. It could start in the corner counting down and during the last seconds move to the center and get larger. Or it could just be in the center of the screen big and bright so that it certainly catches your attention. Or a combination of subtle yet conspicious: a full screen very transparent font.

I prefer the notification to be as subtle as possible most of the time, but if you just don't notice it, it'll get "louder" just as people would. So it could start almost totally transparent and start getting less transparent and darker or brighter. The balloon isn't very subtle when it unhides a hidden taskbar, but it's too subtle sometimes if the taskbar is not hidden. Screens are big and you may have looked away when it appeared so you didn't notice the change.
« Last Edit: June 08, 2009, 09:27 PM by tmpusr »

tmpusr

  • Member
  • Joined in 2005
  • **
  • Posts: 154
  • Instantiation stuck in meatspace with no backup
    • View Profile
    • Donate to Member
A tooltip at the cursor (mouse or text or both) with a countdown. The necessary code is here http://www.autohotke...iewtopic.php?t=40165

tmpusr

  • Member
  • Joined in 2005
  • **
  • Posts: 154
  • Instantiation stuck in meatspace with no backup
    • View Profile
    • Donate to Member
Something like this
<a href="http://www.mediafire.com/?wtgywzo2znt">AutoLockTooltipTest.ahk</a>
It plays accept.wav and warning.wav if in the same folder.
Since I'm no autohotkey coder there's plenty of suckiness, but you get the ideas.
« Last Edit: June 08, 2009, 09:26 PM by tmpusr »

tmpusr

  • Member
  • Joined in 2005
  • **
  • Posts: 154
  • Instantiation stuck in meatspace with no backup
    • View Profile
    • Donate to Member
If your "heartbeat" isn't rapid enough, there's still a vulnerability if you haven't disabled the USB ports (or passworded them - can it be done?); the thief can insert a USB stick and run a program that suspends/kills all non-system processes. How to prevent this from suspending/terminating? Some low level system code, perhaps a driver?

I'm pretty happy with the tooltip blinking (erratically because of sucky code) at the cursor. I usually don't miss it because it's where my eyes are, but when I have, the SevereWarningMessage that blinks the whole screen by drawing a transparent fullscreen tooltip, has caught my attention. This version often leaves a transparent tooltip on screen when I press the key. Information wants to be free and code wants to be wrong.
« Last Edit: June 08, 2009, 09:09 PM by tmpusr »

r0bertdenir0

  • Supporting Member
  • Joined in 2009
  • **
  • Posts: 50
    • View Profile
    • Donate to Member
Yeah a semi-transparent countdown window that's always-on-top is an option but if you want subtle then isn't a big bright countdown timer in the middle of yr screen just screaming 2 a thief that they better do sumthing quick?
If you remember Arnie in Predator - that countdown wasn't even in human numbers but he figured out wat was gonna hit the fan easily enuf...

I like yr sound idea, perhaps a clicking every second when the warning period is reached, becos it's obvious 2 you who knows about the lockout but not a stranger.
Even if we add a sem-transparent popup, I wud not put an obvious timer in it but a seemingly harmless message.
If you think about it, you don't need a timer displayed when you enter the final warning stage, cos whether you have 1 second or 100 seconds left, you will hit the hotkey as soon as possible.
But perhaps a misleading progress bar...

The "heartbeat" in this program is 100ms, fast enuf to outpace most thieves accept perhaps a young Peter Sellers.
But as far as sum1 running a program off a USB stick, that wud depend on how small you make the timeout interval so that the laptop locks b4 they have a chance 2 do anytyn. You'd have 2 balance security against annoyance & only you can do that.
I won't be able 2 update the code 2day cos I'm at work but keep yr ideas coming & I'll adopt them as soon as I can.

tmpusr

  • Member
  • Joined in 2005
  • **
  • Posts: 154
  • Instantiation stuck in meatspace with no backup
    • View Profile
    • Donate to Member
'Idle Fast Track - The user has apparently left' feature

If you take a break, the computer notices it: if the cursor and the keyboard have both been idle for n secs, despite still having plenty of countdown left, the countdown is switched to another timer that has only n secs left. If you touch either, the countdown switches back to the original timer. Unless you're just reading or watching without touching the computer this is a useful feature to have. But it can be made useful even in that usage scenario - it can adapt: option to detect the foreground application and if it's a media player, or a PDF reader, even perhaps a browser, it's not active, because it's likely your input frequency is down for a good reason. It increases security without increasing inconvenience so steeply. Option to have normal (+sound), or severe (+sound), or only sound, or no warning. I'll probably use the severe full screen blinker to wake me up or just the sound.


Example

2 min countdown, 1:40 left. You leave the computer without locking it or it's grabbed from you (the adversary avoids closing the laptop which might lock it). 5 secs passes without input. The process is fast tracked: IdleCountdownTimer takes over and only 5 secs remain, instead of 1:30.
« Last Edit: June 09, 2009, 03:18 AM by tmpusr »

tmpusr

  • Member
  • Joined in 2005
  • **
  • Posts: 154
  • Instantiation stuck in meatspace with no backup
    • View Profile
    • Donate to Member
In a super-high-risk situation, where the adversary is watching you, unless you have something covering your hands (typing under a cloth, which is actually useful if the air is cold), having just one hotkey is not good. It provides practically no security. We must assume this security measure is common knowledge, and the adversary expects that you use it. Another layer of security would be to have a USB stick (or more) in the port, without which the system locks, tied to your limb or neck. The only drawback is that the moment of forced separation would feel uncomfortable.

Options to make it harder to detect what to do to keep the system from locking:
Changing hotkey.
N different hotkeys pressed in sequence, the equivalent of typing an n character password.

« Last Edit: June 09, 2009, 04:10 AM by tmpusr »

tmpusr

  • Member
  • Joined in 2005
  • **
  • Posts: 154
  • Instantiation stuck in meatspace with no backup
    • View Profile
    • Donate to Member
It can be used for something else too: I've set this up for 55 minutes now to remember to take a break - when it starts warning, I press the hotkey (since I don't use it for security now), get up and come back after 5 minutes and press the hotkey again. Which made me think of...


'Inevitable Lockout' feature

To make sure the system would eventually lockout even if the adversary knew the hotkey, it would be useful to have two timers running. The other one you can't stop. To use the system you must provide the password every n minutes. This requires preventing terminating/suspending the program - is it possible?
« Last Edit: June 10, 2009, 01:27 AM by tmpusr »

tmpusr

  • Member
  • Joined in 2005
  • **
  • Posts: 154
  • Instantiation stuck in meatspace with no backup
    • View Profile
    • Donate to Member
Maybe the process needs to be run as a service or as a driver and named to look like an inconspicuous system process.

r0bertdenir0

  • Supporting Member
  • Joined in 2009
  • **
  • Posts: 50
    • View Profile
    • Donate to Member
I have a program which is password protected by a launcher & rather than a fixed password the launcher requests a password that is the first 3 letters of the current day + the current clock minutes. So if the time now is 10:47 Wednesday June 10, you'd enter wed47. so maybe in this case you cud just enter 47 as the hotkey. on a laptop keyboard, some1 watching you typing wud find it hard 2 discern that pattern from normal usage & probably not pick up that it's a hotkey, especially since it's apparently random.

we can try this as an AHK script & you can compile 2 an exe & raname it wateva you want.
stopping a service is just as simple as stopping an exe & unless you're willing 2 spend time & money 2 create a robust driver based solution it wud be simpler to purchase something commercial.
If yr data is more valuable than the hardware, protect it with something like truecrypt & you can have an app like this which will dismount that volume along with locking the laptop.
That will protect yr data.

But the best solution is 2 be aware of wats happening around you & neva let the laptop be stolen in the first place.
The first & only rule of pc security is that once sum1 has physical access 2 yr hardware - it's game ova.

tmpusr

  • Member
  • Joined in 2005
  • **
  • Posts: 154
  • Instantiation stuck in meatspace with no backup
    • View Profile
    • Donate to Member
That's a good feature. Optionally you should be able to prefix and/or postfix it with your own string. Apparently you're somewhat security-conscious, too...

Don't give up so quick with the process termination security hole... using the "heartbeat" again looks like a solution:

You run a pair of processes that watch that each other exists (and/or that some file is getting written): if the other one is killed or suspended (checking if process exists is not enough) it will lock out. If two is not enough, use three. Since the termination software the adversary will use won't disable them simultaneously, though the time interval is very small, it should work. Even if all ports and drives are blocked, but it's still connected to the tubes, they will provide the adversary the software on the browser.

You'd need to create a termination/suspending app to make sure it's defeated. You should try to break into the system by all these means and fail.

Were trying to change the rules of the game here: the computer will eventually be bricked, no matter what you do. The time the adversary has available to upload data should be less than the time it takes to issue the commands. In high-risk situations it shouldn't be many seconds or your recent files will end up on someone's server. It seems that with this app running the game is over for the adversary, not for you.

This security hole is patched as long as the lockout time is short enough. With a webcam you could check if the user is present, and if not, lock out in 3-5 seconds.
« Last Edit: June 10, 2009, 07:07 AM by tmpusr »

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
What exactly are you trying to guard yourself against - common thieves or the cops/whatever?

All this keystroke-timeout-fumbling seems like the wrong way to approach the problem. Set a screensaver, check "on resume, display logon screen" (you obviously are using a password for your user account, and of course you're running with a limited account without administrator privileges). Then, you set a system policy that disallows changing the screensaver settings. TrueCrypt has an option to dismount volumes not just when logging off, but also on screensaver activation.

As for trying to keep processes running through usermode watchdogs - not going to work. You can spawn a few hundred and poll every few milliseconds (which is going to put a heavy load on your system, mind you!) but it's still not a guarantee that your processes won't get nuked. A better approach is adjusting the process permissions and removing the SeDebugPrivilege. Since when have common thieves started doing something like this, anyway?
- carpe noctem

tmpusr

  • Member
  • Joined in 2005
  • **
  • Posts: 154
  • Instantiation stuck in meatspace with no backup
    • View Profile
    • Donate to Member
What makes you ask that? There's a huge security industry out there. You can ask them who they're trying to guard against. There are other threats than just common thieves. Capable adversaries include professional criminals, governmental and corporate espionage.

It's obvious to me that a screensaver will never activate. And all this 'keystroke-timeout-fumbling' is already doing its job.

The nuking watchdog solution must be tested. I don't think the strain it puts on the CPU can be significant. So you can prevent program termination in a limited account? Getting a BSOD when the process is terminated would be ok, too.

« Last Edit: June 10, 2009, 08:06 AM by tmpusr »

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
I'm asking because it's not clear which scenario you're really trying to guard against.

If we're talking being mugged in a park, the screensaver approach would be quite sufficient imho - the thieves need to get away with your machine before they can start looking at it. And common thieves aren't interested in snooping around on the machine anyway, they just want to trade it in for cash.

The only situation I can think of where the screensaver setup I described above isn't adequate is when someone can get forceful physical access to your machine and don't need to run away with it. And in those cases, you're pretty much so SOL that your approach isn't going to help anyway :)
- carpe noctem

tmpusr

  • Member
  • Joined in 2005
  • **
  • Posts: 154
  • Instantiation stuck in meatspace with no backup
    • View Profile
    • Donate to Member
Thieves today may know that the contents of the system may be worth something too and will keep on touching the keyboard/touchpad to prevent the screensaver.

This solution is created to address the particular problem where you abruptly lose physical access to the computer or forget to lock it and someone starts using it (the screensaver won't activate). It already provides great (practically perfect, if the timeout is short enough) security.

If the adversary is ready to "persuade" me to reveal the password, that's where plausible deniability is required, which TrueCrypt provides.

I think this is such a fundamental security feature that it should be part of the OS.
« Last Edit: June 10, 2009, 08:43 AM by tmpusr »