I’m pretty sure you could make a random password generator out of diyaudio threads. Most start oscillating randomly in terms of topic, thus should doo well to create random words for passwords. 🙂
Iris recognition? Perhaps. On a portable key. Hold key to eye, get login if it matches.
Passwords are too fallible.
Passwords are too fallible.
I worked at 26 Broadway in that era. We could open the windows, but most modern buildings were sealed. I think I witnessed two ticker-tape parades, one for some astronauts, the other for the NY Giants. Sealed windows or not, there was a snowfall of paper out of the windows of buildings below Fulton Street.
The "ticker-tape" was a remnant of a bygone era, but the "broad tape" was still in existence! The broad tape was streaming news from Dow Jones or Reuters.
Getting back to the OP and "Iris Recognition". The US withdrawal from Afghanistan was so haphazard that they left behind scores of iris recognition devices WITH photometric data, you just might as well have left a notebook with names, addresses and phone numbers.
I worked in the advanced research group at Motorola for the last 14 years of my career. When the news broke about a Chinese spy inside the phone development plan in the Chicago area, everyone in a high security job was required to implement a super secure password system that required 12 characters with the usual supply of oddballs and a password change every 10 to 14 days. Writing down passwords in a visible location was a firing offense. Many people bitched about this, but I quietly complied. After a few weeks someone asked why I was uncharacteristically quiet about this "headache." I replied that I had invented a means of compliance that required no thought or memorization, and I kept my passwords in plain sight, but nobody ever figured it out.
I built prototypes. Real hardware to showcase the technology that was designed by the "simulating and calculating" engineers. This meant looking up parts, and part numbers, often in the paper Digikey or Mouser catalogs (remember those?). For about a year I used the first part number on a page that fit the requirements when I changed the 1's to ! and the 4's or S's to $. This was about the time that the catalogs disappeared. It was common to find lots of printed datasheets of various SMD parts on my desk, often with my notes scribbled on them. Some of those part numbers make good passwords and a random looking number scribbled on the data sheet told me which numbers or letters got changed to a "special character."
The RSA security conference was a laugh, people touting security products that are based on flawed maths that the security industry had already indicated as insecure.
If you want iris the simply place a modifed arcade machine at a security conference..
If you want iris the simply place a modifed arcade machine at a security conference..
When I was a field service person we had a credit card size device with a small LCD screen on it. The screen displayed a new series of random numbers every 5 minutes or so. Every time I would use my laptop to log in I would use the most current random number that was displayed. Every few months the device would loose sync with the host servers and a reset would be required to sync up with the server.
early entrust cards were horrible, but the modern ones are suprisingly good. I have 2 plus a soft token on my phone for the various logins I need. until the battery goes flat they just work. woe if the laptop clock drifts though!
I changed my password to "incorrect." So whenever I forget what it is the computer will say "Your password is incorrect."
We used something similar called an ACE card. As stated, the clocks on both machines needed to be synchronized within a few seconds.
I use a big hammer. Perhaps the data could be recovered somehow, but at what cost and time waste?
There was a program called Norton Clean Sweep back in the old days to do just that, clean off HDDs, I keep the old clicking ones as paper weights.
There may be a new version, or a similar one.
Or simply try loading a new incompatible OS, it will corrupt the root directory?
There may be a new version, or a similar one.
Or simply try loading a new incompatible OS, it will corrupt the root directory?
For a full delete you need to wipe a hdd, which means overwriting each single bit. Even then it is theoretically possible to restore the data by looking at the analog magnetization levels, it takes multiple times overwriting to be absolute sure.
Takes forever, I prefer the hammer
Takes forever, I prefer the hammer
I've dismantled older 5.25 drives for the motors and used the platters as cup mats. Probably good enough....
A while back way too many services required a password for open stuff. I always used the same simple password for those sites. Every so often I get a hacked password warning. It is always that password.
For everything that actually has a reason to use a password, I always use a unique password. However I have a simple unique password generator that provides a prefix and suffix to my basic password that is uniquely derived from the site that requires the password.
I also like having computers in my network that are full of dummy data. A great use for older computers.
As to retired hard drives, they are removed and stored.
I also have computers that are not on my network.
Of course every so often something does get through. That is new hard drive and software time. Next is determining whose computer got infected. Easy with ransom demands. Second time it occurs to the same person….
For everything that actually has a reason to use a password, I always use a unique password. However I have a simple unique password generator that provides a prefix and suffix to my basic password that is uniquely derived from the site that requires the password.
I also like having computers in my network that are full of dummy data. A great use for older computers.
As to retired hard drives, they are removed and stored.
I also have computers that are not on my network.
Of course every so often something does get through. That is new hard drive and software time. Next is determining whose computer got infected. Easy with ransom demands. Second time it occurs to the same person….
Dead drives, or old working drives that I will never use again get the output of a 400 volt vacuum tube power supply raked across the PC board until sufficient smoke is released. Then I drill a few holes right through the entire drive and subject it to a few sledgehammer whacks, usually along the side to crack the case and trash the platters.
For something that I may want to use again, I use an old trick I learned from a person who worked in computer forensic analysis:
Delete all files from the drive. This does not delete anything but removes the first letter of the file name from the FAT (fille allocation table).
Format the drive, full format, not a quick format. This writes a new blank track set on the platter, but there is still some information on either side of the new track from "bleed" similar to print through on an analog tape recorder.
Start recording a stream of audio, video or other source of large non critical data to the drive in an attempt to fill it completely up. You can simply copy music or movies from another drive to do this.
Delete the files you just wrote and repeat a few times with different data, or the same data in a different order. This helps bury those "ghost tracks" on either side of the newly formatted track set into the noise.
Last edited:
Any bluetooth or wi fi enabled device (like a printer) is an entry point. A guy showed me this about 5 years ago. We were in the parking lot of an office building and he found a printer on his cell phone and was able to get into the computer with just a few clicks. It took about 20 seconds, no lie. He was then just one click away from editing or deleting thousands of files! Scary to think it's that easy for a hacker to access our bank account, but it's easy I guess with a little practice.
And I saw a news item about ten years ago where a cybersecurity expert was walking around a wealthy Chicago neighborhood with a laptop. He was using the cameras in the houses to see if there was anything worth stealing. When he found a house full of goodies, he had the garage door open in mere seconds. He could have walked right into the house and heisted all the goodies right then.
Bluetooth speakers in your house? OK. Bluetooth cameras, locks, and garage door openers? Not OK. You might as well leave your doors unlocked and post a sign "free stuff inside" by your entrance.
Bluetooth speakers in your house? OK. Bluetooth cameras, locks, and garage door openers? Not OK. You might as well leave your doors unlocked and post a sign "free stuff inside" by your entrance.
How many of us have a Wii or Xbox with a Kinect in your living room. Unplug the Kinect when it's not in use. Both of my laptops have tape over the camera and microphone whenever I don't use it. I only used the camera for a few Zoom meetings during the lockdown. This PC is left on a lot, but has no camera or microphone. The mic jack on my other PC has an electric guitar plugged into it. Hack that!
I'm sure a good hacker could connect to my Ring doorbell, but that would only get them a view of the dirt / mud road and part of the driveway.
I'm sure a good hacker could connect to my Ring doorbell, but that would only get them a view of the dirt / mud road and part of the driveway.