1996-04-12 - Re: GPS-based authentication

Header Data

From: jim bell <jimbell@pacifier.com>
To: pmacdorn@isrinc.com
Message Hash: 77d5bf790e01b8ce2c44b8d9313ffdc862e1944351f648b0f5b4e6c01b3c18c7
Message ID: <m0u7Y7v-00090jC@pacifier.com>
Reply To: N/A
UTC Datetime: 1996-04-12 18:55:13 UTC
Raw Date: Sat, 13 Apr 1996 02:55:13 +0800

Raw message

From: jim bell <jimbell@pacifier.com>
Date: Sat, 13 Apr 1996 02:55:13 +0800
To: pmacdorn@isrinc.com
Subject: Re: GPS-based authentication
Message-ID: <m0u7Y7v-00090jC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:33 AM 4/11/96 -6, Peter Trei wrote:
>Ms Denning, Mr. MacDoran
>
>I've read with interest your proposed GPS-based authentication 
>mechanism (it was posted to the cypherpunks mailing list). Can you
>confirm that you wrote this? Some people on the list think it may be
>a forgery.
>
>The participants of the list have noted some apparent vulnerabilities
>in the system, and I am curious as to how you address them. If you
>respond to me and give permission, I'll forward your response to the
>list.
>
>The problems are two-fold:
>
>1. The system is easily spoofed.
>2. It leaks sensitive location data.

It should occur to all of us that what you (and we) call "problems" are, to 
government sympathizers, actually FEATURES.  Identifying people's locations 
is probably going to be considered enormously important to the government 
(if it lasts that long).  And since the government runs all the GPS 
transmitters, and can presumably modulate the S/A function any way it 
wishes, it has a leg up on all of us who have to depend on the integrity of 
the system.  There is also the possibility of them jamming the system 
locally to either deny the user the ability to make the identification 
system work and thus deny access, or detect the location of the user by 
subtly modulating the local signal in such a way as to leak through the 
otherwise-secure system.  (If we trust it that far, which I don't.)







Thread