Beta

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Sonar Keyboard Logs You Out To Protect Your Data

CmdrTaco posted more than 3 years ago | from the i-just-had-to-pee dept.

Input Devices 175

Zothecula writes "While the simple act of logging off a workstation is an obvious way to protect sensitive data – like that used by healthcare providers, pharmacies, banks and government agencies – it is all too easy for users to forget and leave the data not only viewable, but also editable by anyone who happens to pass by. Custom keyboard supplier Key Source International (KSI) has developed a keyboard that does the remembering for you, logging out as soon as the user physically leaves the keyboard."

cancel ×

175 comments

Sorry! There are no comments related to the filter you selected.

Hey, I've got an idea. (0)

intellitech (1912116) | more than 3 years ago | (#35282722)

Simply instruct your employees on the importance of not leaving a workstation unsecured (i.e. locked, logged off, etc.). Use a 3-strike system, if you must. There really shouldn't be a need for such fancy equipment.

In the end, though, I guess it comes down to whichever method of prevention is less expensive, or less time-consuming..

Re:Hey, I've got an idea. (3, Informative)

Anonymous Coward | more than 3 years ago | (#35282754)

Rule 1: The weakest link in computer security is the user.
Rule 2: See rule 1.
Rule 3: See rules 1 and 2.

Re:Hey, I've got an idea. (2)

_0xd0ad (1974778) | more than 3 years ago | (#35282924)

...which is why, after a couple of times of this thing logging them out when they didn't want it to, they'll find a way to defeat it.

I wonder if unplugging it from the PC would work?

Re:Hey, I've got an idea. (1)

gstrickler (920733) | more than 3 years ago | (#35283008)

Well, given that the description says the keystroke sequence to lock the terminal is stored in the keyboard, unplugging the keyboard seems like it's a likely way to bypass it.

Re:Hey, I've got an idea. (2, Insightful)

Anonymous Coward | more than 3 years ago | (#35283078)

Tried sonar mounted above the monitor at our hospital already. Unsurprisingly, you a corrrect. The genius docs and nurses taped tongue depressors with a small index card to hang in front of the device so it wouldn't log off...

Re:Hey, I've got an idea. (1)

gstrickler (920733) | more than 3 years ago | (#35283180)

Don't you just love security products designed by people who don't ever think about how they can be bypassed? Or test them in real user environments?

Re:Hey, I've got an idea. (1)

Yvan256 (722131) | more than 3 years ago | (#35283212)

Companies who make security should really have two teams:
- Team A in charge of security
- Team B in charge of defeating/bypassing security

Re:Hey, I've got an idea. (1)

peragrin (659227) | more than 3 years ago | (#35283376)

They usually do.

However Team M (managers) never let the two team mingle, or even know each side exists.

look at HBGary for more information. They never bothered to look at their own systems, or audit their own processes for flaws.

Re:Hey, I've got an idea. (1)

v1 (525388) | more than 3 years ago | (#35283290)

Don't you just love security products designed by people who don't ever think about how they can be bypassed? Or test them in real user environments?

It's not terribly unreasonable to expect some cooperation from the people you're trying to protect. If you have locks on your building at night but people keep propping the door open, you don't look for ways to defeat the door propping, you go beat heads and tell them to knock it off.

The only time it makes sense to get involved in a forced-security escalation war is when you're dealing with a mob of minimum wage workers that care more about their job being easier today than being there tomorrow. (been there done that, two words: "wire ties") Professionals should behave like professionals and not intentionally break the rules because they're inconvenient.

But if you're making it unreasonably inconvenient for an inequitable increase in security, then you're just plain being a BofH and need to start considering the people you're supposed to be supporting.

Re:Hey, I've got an idea. (1)

Reverand Dave (1959652) | more than 3 years ago | (#35283310)

Yeah, this seems to be a bit short sighted. The idea is not even really sound. (da-da-ting!)

Re:Hey, I've got an idea. (1)

fahrbot-bot (874524) | more than 3 years ago | (#35283246)

...after a couple of times of this thing logging them out when they didn't want it to

It can also be programmed to simply lock the session.

Re:Hey, I've got an idea. (5, Insightful)

Sigmon (323109) | more than 3 years ago | (#35282788)

I'm sure that would work GREAT in a hospital setting where a nurse keying in data has to jump up and run down the hall to a patient who is crashing..... and then gets fired because she forgot to log herself out on 3 occasions. /sarcasm

Re:Hey, I've got an idea. (3, Interesting)

hedwards (940851) | more than 3 years ago | (#35282900)

There are solutions to that kind of problem. Basically you can have a wireless token. I've seen them advertised before where they automatically log you out as soon as the token gets out of range. It's not perfect, but fine for situations where you absolutely need to be logged out.

Re:Hey, I've got an idea. (1)

Rary (566291) | more than 3 years ago | (#35282928)

There are solutions to that kind of problem. Basically you can have a wireless token. I've seen them advertised before where they automatically log you out as soon as the token gets out of range. It's not perfect, but fine for situations where you absolutely need to be logged out.

This does more or less the same thing.

There can be multiple solutions to the same problem.

Re:Hey, I've got an idea. (1)

Bill_the_Engineer (772575) | more than 3 years ago | (#35283028)

I like the wireless token idea better, since this keyboard doesn't appear to be washable. I love hospitals that work hard to reduce infection rates and then decides to install keyboards that are prone to collect dust next to patient's beds.

Re:Hey, I've got an idea. (2)

Wolvenhaven (1521217) | more than 3 years ago | (#35283194)

I've been using a program with ubuntu for a year or so now that you just connect your phone and laptop with bluetooth and then tell it to lock/suspend/logout when the phone gets X feet away. Works great as long as you keep your phone in your pocket at all times.

Re:Hey, I've got an idea. (1)

Belial6 (794905) | more than 3 years ago | (#35283422)

What is the program. And is it available for Windows and Mac? I have always wondered why more companies don't use the wireless token. It gives the user all of the convince of leaving their computer unlocked, and give the Administrator more security than expecting users to make their jobs harder. The cost isn't large. A phone based wireless token system like you say your are using would be a better solution in many situations. The battery issue would be pitted against people leaving the token on their desk when they went to lunch.

Re:Hey, I've got an idea. (1)

ceoyoyo (59147) | more than 3 years ago | (#35283782)

I use Proximity [google.com] on the Mac. It lets you run an Applescript when your phone comes in range, and another when it goes out of range.

Re:Hey, I've got an idea. (2)

EvanED (569694) | more than 3 years ago | (#35282812)

Right, because everyone who knows the dangers is perfect and is never distracted. Way better to force the user to conform to the computer than make the computer conform to the user.

Re:Hey, I've got an idea. (1)

rogueippacket (1977626) | more than 3 years ago | (#35283172)

Seriously, mod this guy up. All too common in our industry is the mentality that the user needs to conform to the technology. If you want to be truly successful in everything you do, try understanding the needs of your users before throwing "solutions" at them.

Re:Hey, I've got an idea. (3, Interesting)

ColdWetDog (752185) | more than 3 years ago | (#35282830)

Simply instruct your employees on the importance of not leaving a workstation unsecured (i.e. locked, logged off, etc.). Use a 3-strike system, if you must. There really shouldn't be a need for such fancy equipment.

In the end, though, I guess it comes down to whichever method of prevention is less expensive, or less time-consuming..

Bigger problem: The whole concept of logging in / logging out doesn't work well for lots of people. Let's say I have to key some data in or look something up - OK, log into the system. I then have to move away from the terminal to do something (just a reminder to Slashdotter's - not everyone is physically chained to their desk nor locked in the basement all day). I do this day in and day out. If the system logged me out every time I moved away from the keyboard or I had to log out every time my head didn't block the screen I would be one annoyed camper.

Sure, there are 'technical fixes' - use a laptop (doesn't work well if I'm standing), use a tablet (none one them yet work with clunky Enterprise software that will not be significantly upgraded in my lifetime), use a smart card system (we don't have one, aren't likely to get it). So yep, there are security holes all around the place but you always have the balance between security and usability.

A more useful system, IMHO, would be one that automatically logged off every PC in a room after a motion detector noted a period of inactivity. We do have issues where people leave for the day, go into another area or just close the door and leave systems up. That's a much bigger attack surface than leaving a PC logged in with 8 other employees wandering around.

Re:Hey, I've got an idea. (2)

EvanED (569694) | more than 3 years ago | (#35282860)

A more useful system, IMHO, would be one that automatically logged off every PC in a room after a motion detector noted a period of inactivity. We do have issues where people leave for the day, go into another area or just close the door and leave systems up. That's a much bigger attack surface than leaving a PC logged in with 8 other employees wandering around.

And that depends on your domain. In many places, e.g. a software development house, sure. However, in something like a doctor's office, where even the other people in an office shouldn't have access to all the systems, this is much less true.

Re:Hey, I've got an idea. (1)

Rary (566291) | more than 3 years ago | (#35282958)

The intention is for this to be used in environments where unlocking the computer can be done with a proximity card or a fingerprint, and scanners for both are built into this keyboard. So, all it takes to return to your work is sit down, wave your card over the keyboard, and get back to typing.

Re:Hey, I've got an idea. (1)

hawguy (1600213) | more than 3 years ago | (#35283174)

Sure, there are 'technical fixes' - use a laptop (doesn't work well if I'm standing), use a tablet (none one them yet work with clunky Enterprise software that will not be significantly upgraded in my lifetime),

Run your clunky enterprise app on an Windows Terminal Server and RDP into it, the application need not know that you're on a tablet.

A more useful system, IMHO, would be one that automatically logged off every PC in a room after a motion detector noted a period of inactivity. We do have issues where people leave for the day, go into another area or just close the door and leave systems up. That's a much bigger attack surface than leaving a PC logged in with 8 other employees wandering around.

Isn't a simple inactivity timer just as effective? Just set your PC's inactivity timer to whatever you'd set your motion sensor inactivity timer to (5 minutes, 10 minutes, whatever) and you've removed most of the threat of computers running unattended all day without the added complexity of a motion sensor (which, if it works as well as my office light sensor, will lock your computer out 5 times a day until you jump up from your chair and wave your arms so it can see movement).

use a smart card system (we don't have one, aren't likely to get it)

So your employer won't install a smart card system, but will install motion sensors linked to your computers?

(just a reminder to Slashdotter's - not everyone is physically chained to their desk nor locked in the basement all day). I do this day in and day out. If the system logged me out every time I moved away from the keyboard or I had to log out every time my head didn't block the screen I would be one annoyed camper.

I must have missed the part in the article where it said this was a solution for everyone. It seems that this sonar keyboard is best suited for places where confidential information is keyed in and the computer should be locked immediately once someone steps away -- like at a doctor's office or pharmacist. Why would you think it would be applied to your case where you and your coworkers (who all have equal access rights to the computer) are in a room together?

Re:Hey, I've got an idea. (1)

peragrin (659227) | more than 3 years ago | (#35283442)

inactiviety timers fail easily. 5 minutes is enough time for a nurse to get called away, walk up to her terminal do something and walk away. for such a timer to be secure in a high secure environment you need it to be 30 seconds long at which point it is more of a hassle.

The best so far is the id/RFID tag to login, logout when out of range. To log in the card must be present and a finger scanned.(two factors), every 15 -30 seconds the computer checks the proximity of the RFID tag or it logs you out.

If you want even more security embed the RFID tag in the wrist of the user.

Re:Hey, I've got an idea. (1)

hawguy (1600213) | more than 3 years ago | (#35283520)

inactiviety timers fail easily. 5 minutes is enough time for a nurse to get called away, walk up to her terminal do something and walk away. for such a timer to be secure in a high secure environment you need it to be 30 seconds long at which point it is more of a hassle.

Please read my post - I was responding to the poster that said he has a PC in a room with 8 other employees, he's not a nurse in a patient's room:

A more useful system, IMHO, would be one that automatically logged off every PC in a room after a motion detector noted a period of inactivity. We do have issues where people leave for the day, go into another area or just close the door and leave systems up. That's a much bigger attack surface than leaving a PC logged in with 8 other employees wandering around.

Isn't a simple inactivity timer just as effective? Just set your PC's inactivity timer to whatever you'd set your motion sensor inactivity timer to (5 minutes, 10 minutes, whatever) and you've removed most of the threat of computers running unattended all day without the added complexity of a motion sensor (which, if it works as well as my office light sensor, will lock your computer out 5 times a day until you jump up from your chair and wave your arms so it can see movement).

I guess the point I was trying to make (but was remiss in not stating it plainly) is that there are different solutions for different environments. It's pointless to look at a solution for one person's environment and say "Bah! That's stupid! It would never work in my (completely different) environment.

Re:Hey, I've got an idea. (1)

fuzzyfuzzyfungus (1223518) | more than 3 years ago | (#35282888)

Fighting known cognitive weaknesses and common patterns of poor prediction in humans really isn't worth the effort(nor, arguably, is it even in good taste) if relatively cheap technological solutions are available.

Humans forget sometimes. Some enough to describe them as "sloppy and incompetent" and fire them; but almost anyone will fuck up occasionally if they have to do it enough.(Plus, I'm guessing that nurses forget a little more often than average if their distractions include such minor items as "patient coding suddenly and dramatically in the next room'...)

Humans also get distracted fairly easily, and can't always predict when. "Just stepping away from the computer for 15 seconds" can easily become "get dragged into something and come back half an hour later".

Whether this particular(almost certainly overpriced) product is the way to go(when you could just use a $5 webcam that can also detect presence/absense and can even prevent naive attempts at presence spoofing, facial recognition is weak; but it is easier to impersonate a human-shaped lump than it is a specific face, without prior planning); but the idea that we should just buck up and strengthen our moral fiber, when a machine could easily do the job for us, is a masochistic recipe for poor results.

Re:Hey, I've got an idea. (1)

_0xd0ad (1974778) | more than 3 years ago | (#35282952)

Humans also get distracted fairly easily, and can't always predict when. "Just stepping away from the computer for 15 seconds" can easily become "get dragged into something and come back half an hour later".

Which is why, if I'm only stepping away from the computer for 15 seconds, I lock it. And it's why, even if I'm just driving the car across the street to park it on the other side, I buckle up.

Habits work to your advantage if you let them.

Re:Hey, I've got an idea. (1)

natehoy (1608657) | more than 3 years ago | (#35283726)

Me, too.

But I'm not a duty nurse who might be on the other side of my cubicle grabbing a file to get a single bit of data off it when I get a code blue. Do I take the two steps back to my desk and tap "WinKey-L" or run in the other direction to get the crash cart?

Is that even a decision?

If I were a duty nurse, a system that locks my workstation when I step away further than the bounds of my cubicle would seem to be ideal. I get to turn around and answer the phone or answer a quick question from a patient or doctor, and turn back and not have to log back in each time, so my normal workload proceeds efficiently. However, when I have to jump up and dash away, I can focus on what I absolutely need to be doing (running like hell for the crash cart), rather than what the computer needs me to do (lock it because it's too stupid to figure out I've left the area).

Think about choosing a relatively secure password and having to enter that password every time you had to turn around (on a job that you spend a lot of time turning around). You'd very quickly figure out some sort of workaround to keep the computer unlocked rather than have to type your password 200-300 times during an 8-hour shift. Either that, or you'd be fired for gross inefficiency and replaced with someone who was clever enough to find a workaround.

Breaches are rare. Logging out and in happens every few minutes. What do you think the average desk nurse's priority is going to be? Can you blame them?

Re:Hey, I've got an idea. (1)

_0xd0ad (1974778) | more than 3 years ago | (#35283834)

The simple fact of the matter is, if it's often enough to be annoying, they won't like the automated system either, and they'll find ways to defeat it. Compared to the hassle of typing the password to unlock it when you get back, it's not really that inconvenient to hit Win-L as you're leaving.

Re:Hey, I've got an idea. (1)

ewieling (90662) | more than 3 years ago | (#35282898)

You can NEVER EVER trust users to do anything that might be the least bit inconvenient for them, no matter what the consequences are.

For all the employees you want, the new hires will do the same thing.

What might work is to make something painful happen, like losing all their work when they get up and walk away from their computer and their keyboard logs them out.

It's the companies work, not the users. (1)

Belial6 (794905) | more than 3 years ago | (#35283530)

It's not the users work. It is the companies work. I would fire any administrator that suggested we destroy the companies work as a punishment to users that didn't do what we wanted. OK, I wouldn't fire them for suggesting it. I would point out how they are suggesting that the company's property should be destroyed. Then if they implemented it, I would fire them.

Re:Hey, I've got an idea. (0)

Anonymous Coward | more than 3 years ago | (#35283062)

Step 1: Create a folder with a NSFW name and move it to a prominent location on the desktop.
Step 2: Take a screenshot.
Step 3: Set that as the wallpaper.
Step 4: Delete the folder.

Optional: plug in a 2nd wireless mouse and move it at random intervals while the absent-minded coworker is present.

There are all sorts of things that can be done with an unattended workstation other than accessing restricted data.

Re:Hey, I've got an idea. (1)

gknoy (899301) | more than 3 years ago | (#35283604)

Better yet, set the wallpaper to "LOCK YOUR WORKSTATION" , rather than somethign NSFW. The former is not something you'd get in trouble for having/creating, whereas bringing NSFW stuff into work is, by definition, not safe.

Re:Hey, I've got an idea. (1)

dunkelfalke (91624) | more than 3 years ago | (#35283656)

I changed the wallpaper picture of a colleague to hello.jpg once and hid it under a maximised application.
Then the colleague and his boss walk in, the colleague minimises the application, hilarity ensues. Needless to say that the colleague has always locked his workstation after that.

Re:Hey, I've got an idea. (1)

Jake Griffin (1153451) | more than 3 years ago | (#35283714)

Or, even better, use a script on startup that checks every x minutes to see if a folder exists on the desktop, and if not, create it. That way they can keep deleting the folder, but it will keep coming back. AutoHotKey can even be used to simulate your "Optional" step. I have an AutoHotKey script that moves my mouse a single pixel every minute to keep my (password protected) screensaver from coming on whenever I'm at my computer but not actively using it.

Re:Hey, I've got an idea. (1)

jayhawk88 (160512) | more than 3 years ago | (#35283374)

Far too often, however, the problem comes not in whether you can properly educate your users/punish them for non-compliance, but whether you, as an IT entity, have the power to do so. If you do, awesome, but if you don't have the favor of the high muckity-mucks, phrases like "3 strikes" are going to get you stricken from the payroll records. This is particularly a problem in educational or medical environments, where profs/docs rule the roost, have for years, and aren't particularly interested in you coming in and changing things.

The point being, you sometimes have to pick your battles. A device like this is potentially a good way to avoid a particularly nasty battle, if it allows for increased security without having to constantly berate the people who have the ear of your CEO/Board of Directors/Dean.

Re:Hey, I've got an idea. (1)

PopeRatzo (965947) | more than 3 years ago | (#35283516)

Use a 3-strike system, if you must.

Maybe try not overworking them to the point where they're exhausted after you've laid off 1/3 of the workforce in a "cost-cutting" move and expected the remaining 2/3 to pick up the "slack" even though your company has earned record profits and has paid a huge bonus to the new CEO who decided on the "cost-cutting" measure. Having employees that are underpaid, overworked, having their benefits reduced, monitored with cameras and keyloggers, are allowed two bathroom breaks a day, and who have just had their health benefits cut back to the point where they're paying three times as much every month out of their pay checks with a new $5000 deductible and yearly cap on benefits so that if they were to get sick they'd be wiped out (and who know you'd fire them anyway if they got sick) might not be the best situation when you're looking for "zero-tolerance" in the security area.

Any employer who talks about a "3-strike system" really needs to see their facility shut down in an old-fashioned strike and then have someone strike them across the forehead with a rotting fish.

And anybody who works in IT, probably as a low-level end-user support functionary for minimum wage, who would recommend to management that they institute a "3-strike system" because they're so deficient in real security (because they're paying $11.00/hr to their tech workers after all, so what do you expect?) needs to have a stone tied around their neck and be cast into the sea by the rest of the employees (who can't stand the guy anyway because he's got horrible hygiene and never seems to be able to solve any of their computer problems anyway).

And "intellitech"? Seriously, fuck you for even thinking that some low-paid clerk ought to have a "3-strike system" just because you can't figure out how to do real security.

What does "physically leave the keyboard" mean? (1)

maxwell demon (590494) | more than 3 years ago | (#35282790)

What does "physically leave the keyboard" mean?

Not touch it any more? What if he's using the mouse?

Re:What does "physically leave the keyboard" mean? (1)

doubleplusungodly (1929514) | more than 3 years ago | (#35282820)

Probably means something akin to being AFK.

Re:What does "physically leave the keyboard" mean? (1)

Thud457 (234763) | more than 3 years ago | (#35283478)

BRB party van^W^W secret police

Re:What does "physically leave the keyboard" mean? (1)

Anonymous Coward | more than 3 years ago | (#35282848)

Read the article and find out. In fact, don't even read the article, read the caption on the image at the top of the page.

Re:What does "physically leave the keyboard" mean? (2)

Rary (566291) | more than 3 years ago | (#35282910)

What does "physically leave the keyboard" mean?

Not touch it any more? What if he's using the mouse?

Click the link and watch the video. It detects when you've physically left your seat and locks the OS (note: it locks, not logs you out like the summary claims). It has a little pointer that you adjust to point at wherever you're sitting, and when you leave that spot, it triggers the lock function. It also has a proximity card scanner and fingerprint scanner so the person doesn't have to type in a password each time they return to their seat.

What a great practical joke this would be. (3, Interesting)

olsmeister (1488789) | more than 3 years ago | (#35282796)

I think I'll sneak into the office and swap all the keyboards out with these.

Swap all the keyboards out with these (0)

Anonymous Coward | more than 3 years ago | (#35283042)

WITH the sonar/sensor covered with black tape.

Re:What a great practical joke this would be. (1)

Captain Centropyge (1245886) | more than 3 years ago | (#35283544)

Have fun with that bill, at $150 per keyboard!

Switch in a seat cushion and xlock... (2)

mlts (1038732) | more than 3 years ago | (#35282800)

When I worked about a decade ago at a place where people with dubious intentions could access the work area, I ended up making a switch embedded in a seat cushion that was connected to the serial port of my workstation. When I got up, the program sitting and monitoring that port would automatically xlock the machine.

It was an ugly hack, but I never had unattended terminal issues unlike some cow-orkers.

Re:Switch in a seat cushion and xlock... (0)

Anonymous Coward | more than 3 years ago | (#35283056)

I just press Windows-L. I wish I had that much time to waste...

Re:Switch in a seat cushion and xlock... (1)

mlts (1038732) | more than 3 years ago | (#35283148)

You were assuming Windows... the SPARC workstation I was using back then definitely didn't have a Windows key.

Yes, I had a macro with CDE that would lock the screen, but I wouldn't trust my job to making sure I nailed it for a quick coffee break. Especially with people who would be zooming for an unattended machine with a root prompt on it.

Re:Switch in a seat cushion and xlock... (1)

NFN_NLN (633283) | more than 3 years ago | (#35283354)

When I worked about a decade ago at a place where people with dubious intentions could access the work area, I ended up making a switch embedded in a seat cushion that was connected to the serial port of my workstation. When I got up, the program sitting and monitoring that port would automatically xlock the machine.

It was an ugly hack, but I never had unattended terminal issues unlike some cow-orkers.

In 90% of office scenarios the general public doesn't have access to the office computers. I can see guarding against the public in a hospital setting for example, but for most people the office should be secured against outsiders only.

My computer is like the "pocket watch" in "Gangs of New York". I leave it out in the open and invite people to mess with it. Yet they don't... because they know, if they do, there will be repercussions... and they will be horrific.

Re:Switch in a seat cushion and xlock... (0)

Anonymous Coward | more than 3 years ago | (#35283614)

The concept reminds me of how a lot of mechanical workstations will have a control setup that requires both hands be on the controls in order to operate. Speaking of dubious intentions... I'm reminded of the saying "Both hands on the keyboard"...

annoying (0, Interesting)

Anonymous Coward | more than 3 years ago | (#35282802)

so every time I get up to check something on my bookshelf it locks my station? seems annoying to me.

Risk Analysis (2)

pnuema (523776) | more than 3 years ago | (#35282814)

Being a performance tester, I constantly engage in risk analysis. Yes, it may $600,000 to performance test your app. How much does an hour of downtime cost you? Depending on how costly a security breach might be, the $100 keyboard (or whatever it costs) could seem like a bargain, even per employee. Smart idea.

Re:Risk Analysis (1)

geekoid (135745) | more than 3 years ago | (#35283038)

Bad idea.

Most people do work at their desk, not necessarily at the key board. all this will do is frustrate employees and the will work aorund it.
No, A web cam the detect when you physically leave your desk would be a good idea.

Re:Risk Analysis (1)

Anne_Nonymous (313852) | more than 3 years ago | (#35283058)

>> No, A web cam the detect when you physically leave your desk would be a good idea.

No, an RFID chip implanted in each employee's head would be a good idea.

Re:Risk Analysis (1)

Belial6 (794905) | more than 3 years ago | (#35283600)

Or, just a wireless dongle that they could keep in their pocket, or a bluetooth connection that can detect that their phone is nearby. Sonar is built into a specialized keyboard is just a bad idea. There is a time for integration, and times that it is bad. Keyboards are WAY to varied, and this keyboard would be too expensive for the integration to make sense. Heck, I would be better if it was just a USB dongle that sat on the desk than being integrated into the keyboard.

Re:Risk Analysis (1)

knarfling (735361) | more than 3 years ago | (#35283748)

No, an RFID chip implanted in each employee's head would be a good idea.

(Stolen from Dogbert's School of Managment's How to spread rumours.)

Boss: No, we are not considering implanting implanting RFID chips into each employee's head! Not even with the added bonus of a partial lobotomy during the same surgery. It never even occurred to us to think about that. And certainly not at the prices we were quoted.

How about locking instead? (0)

ZorinLynx (31751) | more than 3 years ago | (#35282822)

Wouldn't a keyboard that simply locks the terminal make more sense? I don't want to be completely logged out just because I leave my desk to use the can.

Re:How about locking instead? (1)

Scutter (18425) | more than 3 years ago | (#35282940)

Wouldn't a keyboard that simply locks the terminal make more sense? I don't want to be completely logged out just because I leave my desk to use the can.

FTFA:

The SonarLocID Keyboard connects to a PC via USB and can be configured via an included programming application that allows the user to program custom keystrokes as well as delays and a sequence to lock the computer when the user walks away.

These keyboards are horribly insecure (2)

Anonymous Coward | more than 3 years ago | (#35282836)

These keyboards are completely hackable by dolphins.

If you work at an aquarium or have dolphin coworkers, I would avoid these keyboards.

IT Support? (4, Insightful)

mfh (56) | more than 3 years ago | (#35282854)

This is going to be nightmarish for IT and it will generate all kinds of useless calls as a result. My guess is we'll be seeing some people using duct tape over the sensors on the first day too, making these expensive keyboards totally useless, apart from being a great way to inflate IT budgets, to ensure they stay plump.

Re:IT Support? (1)

d6 (1944790) | more than 3 years ago | (#35283222)

I think you are right about the duct tape.

I've seen employees tape over lights that annoyed, tape foam over speaker grills that alarmed and habitually lay small weights on their keyboards to avoid an AFK logout. For some folks, this keyboard will just be another annoyance to overcome. This might allow someone who _would_ log out anyway to do so automatically, but if pitched as a "fix" for not following policy, think again.

Can't fix people with hardware.

Re:IT Support? (1)

mfh (56) | more than 3 years ago | (#35283638)

Because management won't spring for the sonar badges that log you in automatically or the badges will turn out to be flawed and insecure as hell, so they will be disabled. And employees won't want to be micromanaged, so they will slap tape over the sonar which will then react as though someone is within range of the keyboard.

RFID? (2)

Midnight Thunder (17205) | more than 3 years ago | (#35282856)

Couldn't a solution using RFID be used. Basically you have a RFID detector with 1m radius of detection. The detector would poll the card to see if is there and logs you out or locks your session if you leave the zone.

Re:RFID? (1)

fuzzyfuzzyfungus (1223518) | more than 3 years ago | (#35282990)

RFID/smartcards in the employee IDs would work. You just want to be very careful that you don't set up a system that simply encourages people to leave the card on the computer in order to stay logged in... Then you have stolen IDs floating around, and unlocked terminals. Whether or not people will do this probably depends on how tyrranical you are, and how fast they can log back in/unlock. If your horrible mess of a system image takes 5 minutes to log in, you'll need an overtly totalitarian IT security group to keep people from doing that.

If, as with the Sun Rays of old, your session(complete with state) pops up within seconds of inserting the smart card, people will be much more likely to take reasonable precautions...

Re:RFID? (1)

Midnight Thunder (17205) | more than 3 years ago | (#35283396)

I suppose this is where having virtual computers is useful, since you would essentially always be logged in, but your session would only be accessible as long as you are connected and could simply switch to which ever terminal you are at.

Re:RFID? (1)

peragrin (659227) | more than 3 years ago | (#35283488)

The answer there is to use the same card but a different RFID token as a door unlock.

Leaving the ID card behind is fine but you can't enter the employee lounge, or access other areas.

Re:RFID? (0)

Anonymous Coward | more than 3 years ago | (#35283046)

You could use RFID for both logout and whole or partial login, and my Dr has for at least a year or two. This slashdot posting is an ad for a lacking product, not news.

Re:RFID? (0)

Anonymous Coward | more than 3 years ago | (#35283122)

Back when I would do programming for devices like RFID, biometrics, smartcards, and sign on solutions, me and my coworkers would joke that the best authentication devices would be an anal probe embedded in your chair. You would sit down on the probe, it would recognize you, and automatically log you into the computer. When you stood up, the computer would log you off.

This took care of all of the standard biometric issues. Fingers go missing by accident or profit. Eyes are pretty good, but expensive to work with. With an anal probe, you will never loose your ass, and it would be pretty much impossible to fake someone else's ass.

I still look back on this with a grin.

Re:RFID? (0)

Anonymous Coward | more than 3 years ago | (#35283224)

As somebody with a colostomy bag(got my ass shot off in the war^h^h^hpolice action), I have a problem with your probe placement, you insensitive clod! :)

Re:RFID? (0)

Anonymous Coward | more than 3 years ago | (#35283584)

This is already available. Kaiser Hospitals uses this on their workstations in the examination room. If there isn't a fob within some small number of feet, it locks the station.

Re:RFID? (1)

scorp1us (235526) | more than 3 years ago | (#35283820)

I've looked at this, and the commercially available ones are only good for a few (4-6) inches. that's 10-15cm for metric folk.

Tech (1)

Spad (470073) | more than 3 years ago | (#35282864)

All the technology in the world won't fix staff who don't want to do what you tell them. All this will do is piss off people who have to keep going to and from their desk while in sight of their machine to get files or talk to visitors until they figure out a way to trick the keyboard into thinking they're always at their machine, at which point you've spent a lot of money for nothing.

Put reasonable security policies in place, punish your staff proportionally if they repeatedly violate them and don't try to fix people with gadgets.

Duct tape (2)

mfh (56) | more than 3 years ago | (#35282876)

Will fix the problem of these keyboards logging you out when you leave for a quick coffee. Once again, any kind of security is thwarted by duct tape.

Re:Duct tape (1)

fuzzyfuzzyfungus (1223518) | more than 3 years ago | (#35283040)

Will fix the problem of these keyboards logging you out when you leave for a quick coffee. Once again, any kind of security is thwarted by duct tape.

They've got that one figured out: If the sensor detects a range of zero, corresponding to the duct-tape trick, your workstation will play a tinny rendition of "Don't Stand so Close to Me" at earsplitting volume until one of your enraged coworkers rectifies the situation and then shoves a pen into your eye...

Vaporware? (0)

Anonymous Coward | more than 3 years ago | (#35282930)

I've been looking for this exact sort of thing and was in the middle of designing my own solution but I can't find this product available anywhere, has it even been released? Is it just a demo/prototype? What's the deal?

Prior art? (1)

dasdrewid (653176) | more than 3 years ago | (#35282976)

I hope this works better than those public toilets that flush as soon as you "leave." Reach down to tie your shoe and suddenly...*whoosh* all over you naked buttocks.

Another alternative - bluetooth phone as a sensor (3, Informative)

gQuigs (913879) | more than 3 years ago | (#35283014)

For linux:
http://blueproximity.sourceforge.net/ [sourceforge.net]
For Win:
http://btprox.sourceforge.net/ [sourceforge.net]

For linux users... (3, Interesting)

mmell (832646) | more than 3 years ago | (#35283340)

Just use this script:

#!/bin/bash

#

#####

# Use 'hcitool scan' to find the MAC address of the desired bluetooth device

MACADDR="00:00:00:00:00:00"

STATE="$(hcitool name ${MACADDR})"

if [ "${STATE}" = "" ] ; then

echo "Bluetooth device not found at startup. Exiting..." >&2

exit 1

fi

LOCK="UNSET"

CHECK="$(ps -ef | grep gnome-screensaver | grep -v grep | cut -c49- )"

if [ "${CHECK}" = "gnome-screensaver" ] ; then

LOCK="gnome-screensaver-command -a"

UNLOCK="gnome-screensaver-command -d"

fi

CHECK="$(ps -ef | grep xscreensaver | grep -v grep | cut -c49- )"

if [ "${CHECK}" = "xscreensaver" ] ; then

LOCK="xscreensaver-command -lock"

UNLOCK="xscreensaver-command -deactivate"

fi

if [ "${LOCK}" = "UNSET" ] ; then

echo "Supported screensaver not running" >&2

exit 2

fi

SLEEP_TIME=15

# Enter main loop

while true ; do

if [ "${STATE}" = "" ] ; then

${LOCK}

else

${UNLOCK}

fi

sleep ${SLEEP_TIME}

STATE=$(hcitool name ${MACADDR})

done

exit 0

obligatory meme (-1, Offtopic)

Drakkenmensch (1255800) | more than 3 years ago | (#35283032)

In soviet Russia, software logs out of YOU.

Irritating (1)

CAIMLAS (41445) | more than 3 years ago | (#35283114)

Wow, that is potentially (highly) irritating.

Imagine:

* You duck down in your chair to grab a pencil you drop
* You lean over to open a desk drawer
* You lean back to take a moment of reflection
* You step to the side (if standing) to grab something
* You're skinny and the sensors can't see you
* You (potentially) don't move enough while watching something on the screen
* You do a lot of back-and-forth in a small area (eg. a pharmacy, where you've got to fetch medications after looking them up, then come back to the next person) and leave the keyboard frequently without leaving the system uncontrolled (ie it's always in view). ... and then you've got to take the time to log back in and for everything to load back up again. Hopefully you weren't working on something and the data got lost...

A more sensible meme would be to lock the machine when the user steps away instead of logging them out, to be sure. Hopefully the sensors are accurate. Even then, there are many cases (within the designed use case) where this probably isn't appropriate or useful. Biometric logins/unlocking would likely be a bare minimum additional component, IMO.

Can be done in software on most laptops (1)

Pedant (75947) | more than 3 years ago | (#35283126)

A research group at the McCormick School of Engineering and Applied Science at Northwestern University did this a while ago [slashdot.org] using the built-in speakers and microphone on most laptops.

PFFFT! Thats nothing! (1)

DarthVain (724186) | more than 3 years ago | (#35283132)

My computer has a state of the art dynamic temporal activity sensing program that will automatically lock my workstation! I can even set it for different amounts of time!

So if at ANY time I am not doing any activity on my computer, for a period of time, say 5 or 10 or even 15 minutes (Whatever I want!) say if I get up, or fall asleep or stare out the window too long, it will automatically and magically lock up my computer. Talk about safety! Amazing!

Re:PFFFT! Thats nothing! (1)

peragrin (659227) | more than 3 years ago | (#35283510)

So your computer is secure as long as your nearby enough to notice it, and no one can walk into the room 30 seconds after you run to the bathroom and use your computer.

5 minutes is enough time to walk into an unlocked house and walk out with a computer and TV.

Re:PFFFT! Thats nothing! (1)

_0xd0ad (1974778) | more than 3 years ago | (#35283514)

I have a script specifically written to simulate a keypress every 14 minutes and 30 seconds (the screensaver time-out is 15 minutes). Most people, though, just set a weight on the Ctrl key or something.

Or... (1)

EnsilZah (575600) | more than 3 years ago | (#35283134)

You could just, you know, use that option that that requires a password after coming back from screensaver and set the screensaver idle timer rather low.
(By screensaver I mean turning off the monitor, I haven't used an actual screensaver since the 90s)

PFFT! Thats Nothing! (1)

DarthVain (724186) | more than 3 years ago | (#35283144)

I just created my own motion sensing system to log you out. It melds the security of handcuffs to the authenticating power of a USB key. BAM!

Must be from Soviet Russia (1, Funny)

Megahard (1053072) | more than 3 years ago | (#35283152)

Computer with sonar keyboard pings you.

Exploit (2)

arunce (1934350) | more than 3 years ago | (#35283242)

There's an exploit for it already: stickers.

User testimony (1)

Dalzhim (1588707) | more than 3 years ago | (#35283274)

This keyboard is so great that I am now even more likely to forget my sessions open on computers that aren't equipped with it compared with before.

No more baggy pants! (1)

EmagGeek (574360) | more than 3 years ago | (#35283402)

I guess this will put a stop to that!

Peer Enforcement (1)

Kylock (608369) | more than 3 years ago | (#35283424)

In my office, it's typical for someones workstation to be vandalized by employees if left unattended AND unlocked.

alias cd="you suck"

Of course people get much more creative. We had one guy get over 40 entries added to his local host file and his mouse buttons reversed.

Logs you out? (0)

Anonymous Coward | more than 3 years ago | (#35283476)

Automatically logging you out is a horrible idea. How many web based applications do you use in a day? Do they all auto-save your data for you? Imagine how annoying it would be when you were in the middle of writing an e-mail using a web browser, and you stepped away from your computer for a minute and lost everything? You would be in perpetual fear of accidentally moving too far away from your desk. If I was forced to use this, I would put duct tape over the sonar sensor so that it always thought there was a person there...

Re:Logs you out? (1)

natehoy (1608657) | more than 3 years ago | (#35283808)

Trusting the summary to be accurate is an even worse idea. TFA talks about LOCKING the workstation, not logging it out.

Military grade sonar? (1)

Clay1985 (1998750) | more than 3 years ago | (#35283612)

Would tape/a postcard/stickers/etc. really stop sonar? It's obviously the first thing I would try. This keyboard really looks like a waste of money unless the administrators are going to write up anyone found trying to work around the keyboard's security, which wouldn't be ideal. This seems like a keyboard more for a company where everyone understands how important security is, and is just for when you forget to lock your screen. It only takes one temporarily absentminded user to create a security hole. So, I think it's a good idea to create hardware/software precautions, just in case. But it sounds (from prior posts) as though this sonar keyboard can be hacked, which makes it useless. Also, how secure are fingerprint scanners, really? Do the hacks from the movies really work on those?

Our solution (1)

screwzloos (1942336) | more than 3 years ago | (#35283626)

Occasionally the director here will wander through and look for machines that have been left unlocked and unattended. Email is a big part of what we do, so since I started working here we've seen a couple emails sent to our department's mailing list stating more or less "Hi, I have left my computer unattended and am posing a security threat to this University."

That mailing list goes to about thirty people, all of which are more than happy to berate and tease one another. There was never a formal punishment or even a direct scolding from the director afterwards, but it made enough of an impact to make it a one time issue for the people involved. At this point, locking the machine is as much a natural part of leaving my cube as is getting out of my chair. I'd say it worked - I certainly wouldn't want that kind of attention.

Users will bitch (0)

Anonymous Coward | more than 3 years ago | (#35283772)

We have computers at our office set to lock after 10 minutes of inactivity. People bitch and don't understand why they 'have to keep logging in'. They don't care about security. They don't care about their files because someone can restore them from backup.

Why a whole keyboard? (1)

scorp1us (235526) | more than 3 years ago | (#35283860)

Why not just a USB transducer?

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?
or Connect with...

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>