A while back I had a splendid idea of positional cryptography. basically, your computer system just needs to be hooked up to a GPS with disks encrypted to your location in 3-D space. Use your system at home with no problems. Bad guys come and steal your computers and hook them up and all they get is random encrypted noise.
The devices are now at their offices. The equipment has changed location so now the key to decrypt your systems have changed.
I thought it was a brilliant idea. Worked on a little code to read GPS positions from USB port, started looking up ways to pass that data off to Linux disk encryption scripts, etc.
Watched an episode of Agents of Shield and one of the characters was using my damned idea in the show. Even found a whitepaper from Microsoft Research detailing the particulars.
So, was sort of a kick to the junk. Mothballed the project and haven't went back to it. It's still a mighty awesome idea in some (limited) use cases. Also a perfect example of there being no new ideas.
quick edit: You guys are some amazing cheerleaders ;) That being said, if you have seen the contents of my 'abandoned programming projects' folder, you'd probably understand my blasé attitude toward the idea. I literally have hard drives crammed full of abandoned projects, hacks, and code stretching back a decade. If it found it's way in there, then it's probably unworkable for some reason or another. ideas are fun, cheap, and easy. implementations are the difficult bit.
It's a great idea! Don't be discouraged just because someone else thought of it as well. In a lot of these "product" type projects the only thing that REALLY matters is execution. Do you think the iPod was the first MP3 player? That Google was the first search engine? Think again. An academic prototype or a paper describing an idea is worth next to nothing. Getting it to work, and getting it to work well, and getting people to use it – that's what separates the winners from the also-rans. Go for it :-)
That really is a great idea. Of course it would only be really useful in some very specific situations but I think there would be a demand for it. I wouldn't have abandoned the project if I were you. I don't think there are any actual commercial applications that do this on the market right now. So what if other people already thought of it? You can be the first to do a commercial implementation.
It's an interesting idea, but I think the problem is going to be that it either becomes predictable, and/or problematic. If you know where the computer comes from or where it would be used, you know the key, and it's not hard to feed fake data in. You're also working with a relatively limited subset of the entropy space (I just made that I up) unless you get really granular on the coordinates, in which case you need a good, reliable signal to make sure the GPS coordinates are stable. You also have the issue of only being able to unencrypt the device at a specific location (i.e. I take my laptop to Starbucks to work and now can't get it to boot), or you have to know the GPS coordinates of where you're going and you have to be able to program in multiple keys.
However, it would be pretty awesome if you combined positional cryptography with traditional, in the sense that you could set a different password based on location. I.e. a 6 character password for at home, 10 for at work, 15 for at Starbucks and a 64 character password for anywhere else.
/u/idlethread, I think you have an idea here. Why would you feel discouraged because a show thought of it? In my opinion, that is perfect validation to why your idea will work!
A while back I had a splendid idea of positional cryptography. basically, your computer system just needs to be hooked up to a GPS with disks encrypted to your location in 3-D space. Use your system at home with no problems. Bad guys come and steal your computers and hook them up and all they get is random encrypted noise.
The devices are now at their offices. The equipment has changed location so now the key to decrypt your systems have changed.
I thought it was a brilliant idea. Worked on a little code to read GPS positions from USB port, started looking up ways to pass that data off to Linux disk encryption scripts, etc.
Watched an episode of Agents of Shield and one of the characters was using my damned idea in the show. Even found a whitepaper from Microsoft Research detailing the particulars.
So, was sort of a kick to the junk. Mothballed the project and haven't went back to it. It's still a mighty awesome idea in some (limited) use cases. Also a perfect example of there being no new ideas.
quick edit: You guys are some amazing cheerleaders ;) That being said, if you have seen the contents of my 'abandoned programming projects' folder, you'd probably understand my blasé attitude toward the idea. I literally have hard drives crammed full of abandoned projects, hacks, and code stretching back a decade. If it found it's way in there, then it's probably unworkable for some reason or another. ideas are fun, cheap, and easy. implementations are the difficult bit.
It's a great idea! Don't be discouraged just because someone else thought of it as well. In a lot of these "product" type projects the only thing that REALLY matters is execution. Do you think the iPod was the first MP3 player? That Google was the first search engine? Think again. An academic prototype or a paper describing an idea is worth next to nothing. Getting it to work, and getting it to work well, and getting people to use it – that's what separates the winners from the also-rans. Go for it :-)
That really is a great idea. Of course it would only be really useful in some very specific situations but I think there would be a demand for it. I wouldn't have abandoned the project if I were you. I don't think there are any actual commercial applications that do this on the market right now. So what if other people already thought of it? You can be the first to do a commercial implementation.
It's an interesting idea, but I think the problem is going to be that it either becomes predictable, and/or problematic. If you know where the computer comes from or where it would be used, you know the key, and it's not hard to feed fake data in. You're also working with a relatively limited subset of the entropy space (I just made that I up) unless you get really granular on the coordinates, in which case you need a good, reliable signal to make sure the GPS coordinates are stable. You also have the issue of only being able to unencrypt the device at a specific location (i.e. I take my laptop to Starbucks to work and now can't get it to boot), or you have to know the GPS coordinates of where you're going and you have to be able to program in multiple keys.
However, it would be pretty awesome if you combined positional cryptography with traditional, in the sense that you could set a different password based on location. I.e. a 6 character password for at home, 10 for at work, 15 for at Starbucks and a 64 character password for anywhere else.
/u/idlethread, I think you have an idea here. Why would you feel discouraged because a show thought of it? In my opinion, that is perfect validation to why your idea will work!