From: mgream@acacia.itd.uts.edu.au (Matthew Gream)
Date: Thu, 30 Sep 93 17:27:08 PDT
To: 72114.1712@compuserve.com (Sandy)
Subject: Re: POISON PILL
In-Reply-To: <930930175113_72114.1712_FHF68-1@CompuServe.COM>
Message-ID: <9310010028.AA19383@acacia.itd.uts.EDU.AU>
MIME-Version: 1.0
Content-Type: text/plain


In reply to (Sandy):

| POISON PILL--What, if anything, can be done to booby-trap a
| computer?  Once the cops have a machine, one would expect that
| they will paw through everything in it.  In addition, they will
| probably use the stolen computer for their own data processing
| needs.  What could be done have the computer screw up the cop's
| data days, weeks or months after the seizure?  Of course, I would
| never do such a thing myself, nor would I advise anyone else to
| do so.  I do, however, have a passing academic interest in the
| subject.  Same for you folks too, right?

How about this:

Encrypted disk controller that uses 3DES (at a minimum) where the keys
are modified by a low power localised RF transmission. Quite simply one
could use a DDS receiver which looks at any one of X locations for a 
signal strength above some threshold (ie, say 2^16 frequency slots and
only 3 * 56 of these are transmitting), this provides the XOR for the
DES key. In fact, one could almost patch this into an existing DES
controller given some assumptions about the onboard logic.

Your transmitter should be like somewhere else in your flat, preferably
hidden. Of course, once the feds get your computer and it doesn't work,
they will ask you why, and you need some way here to keep them off.

Actually, another idea, how about if the DES key(s) for your controller
are hardwired onto it, an RF detector monitors a carrier on some specific
frequency, if the carrier is not present at bootup, you could leak a high
voltage into the 'key holder' and blow all the connected links.

Once this is gone, there is no way to get back the data, and the feds
can't force you, because 1) you can show how the key was random in the 
first place 2) you can show how the device blew it all (and that there was
no return), and your justification can be for 'data security' reasons
(ie, if theives get your system, they couldn't have extracted anything).

They could probably example the chip substrate itself and see what was
blown recently, so this needs work I guess. Another problem is that
the above assumes they don't examine the disk, realise it is encrypted,
realise the controller is custom, and then work back to figure out
what is going on, and then question you before they do anything.

Disclaimer: the above represents unsubstantiated theorising.

Matthew.

ps; when the feds take your computer (at least here in Australia) they
    take lots of nice pictures of it and take all the cables and 
    stuff. Of course, half of them don't know the fucking difference
    between msdos and unix.

-- 
Matthew Gream, M.Gream@uts.edu.au. "... encryption is the ultimate means of
Consent Technologies, 02-821-2043.  protection against an Orwellian state."