[gatehouse]

Up to now I had never considered the need for protection against a mid-keystroke attack. Ideally it would have to involve no unusual hardware or software, or you might as well just slap a "I'm a criminal" sticker on your forehead.

Second, I can't see it working properly if you need to do something specific when you're being struck.

Closest thing I can think of:

- headphones must be plugged in to launch a certain program

- if headphones are unplugged before program is closed, lock and begin wipe

- don't, under any circumstances, let go of the headphones

At this level of paranoia you probably also need interrogation training. Ideally you'd also have your sensitive stuff on a machine that is both hidden and protected, and only access it remotely. You want to be able to deny its existence to have any chance of withstanding a torture attack.

Edit: iphone earbuds have a switch that you might be able to use in your hand/mouth as a deadman switch, but I can't see that being workable for more than a few seconds.

Also, if you're in public, they could film your monitor... so that would need to be sanitized somehow as well.

[bashinator]

The problem with schemes like this, is that they show premeditated intent to destroy evidence. I hear that courts don't like that. Maybe there wouldn't be evidence that specifically unplugging the headphones is what caused the drive to self destruct. But a good forensic security analyst should be able to show that the system was intentionally destroyed.

If you can come up with a plan for plausible deniability when it comes to, say, permanently deleting the keys for an encrypted drive, then that's worth way more than the deadman's switch is on its own.

[gatehouse]

You won't know in advance who is going to rob you, in this case it was the FBI but for this attack it could be anyone, even a reasonably organized group of 13 year olds could probably pull this off. For example the situation could be the same but DPR is a tech CEO working in a coffeeshop in Asia, and someone has just ran off with a copy of his email and financials. He chases them out of the door, gets hit in the face with a bike chain, and wakes up in the hospital, not even knowing if they were just aggressive petty thieves, or if he was targeted and someone knows all this plans.

I think that "lock and wipe" might be too much though, and locking only would be more practical, wouldn't constitute destruction of evidence (as far as they know), wouldn't punish mistakes so much. Right now, off the shelf, a computer will lock up on screensaver, or sleep/poweroff. For a high paranoia user, you could add headphone unplug, power cord in/out, any usb in/out, even monitor the mic for certain codewords to trigger the lock. And if it happens it isn't such a big deal, just re-authenticate.

[bashinator]

So now it's the locking mechanism that's gotta be made plausibly deniable. The beauty of it being done in software via (say) an HID interrupt is that the software itself is protected by the act of locking the computer.

[anonbanker]

Do I need to pay you royalties for implementing such a headphone-based security scheme in my device?

[gatehouse]

Not at all.

[jqm]

That sounds fine... until you turn your head and jerk your headphones out.

[detaro]

You have to evaluate the risk: how "expensive" are occasional miss-triggers compared to a failure to trigger when necessary, and where is the optimal balance? (the always/never problem)