Schneier on Security
A blog covering security and security technology.
« Pocketless Trousers to Protect Against Bribery |
| Why People Don't Understand Risks »
July 7, 2009
More Low-Tech Security Solutions
Anti-theft lunch bags, for those who have a problem with their lunches being stolen.
Only works until the thief figures it out, though.
Posted on July 7, 2009 at 7:31 AM
• 31 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
I like it, its a bit like sticking a large yellow tape on a car radio to make it appear out of order :p
And it doesn't work if you anything except sandwiches.
It also introduces a new risk. If a coworker decides to clean the fridge your lunch is just as gone.
Reminds me of this joke of the guy who is in a bar and doesn't want anyone to steal his beer while he goes to the bathroom. So he puts a coaster on top of the glass with the words, "I spat in it."
When he comes back from the bathroom, his beer is still on the counter, only someone wrote on the coaster, "So did I."
M: that actually works, but you have to be present so that no-one can do the same thing back.
Lets say that you are going to watch a movie with a couple of friends who are cheapskates. You notice that they do not buy their own potato chips, but you know that they will eventually ask you for your chips. All that you have to do is visibly lick one chip, announce it to the others, and then put it back in to the bag. After that they will stop asking for your chips.
Razor blade down seam, pocket from old pair of pants, needle, thread… Need I say more?
Oops. Posted my previous comment to the wrong blog - please move it to the one about the customs/bribery/pocketless pants one... doh!
@ S. Spiff
"Razor blade down seam, pocket from old pair of pants, needle, thread… Need I say more?
Oops. Posted my previous comment to the wrong blog - please move it to the one about the customs/bribery/pocketless pants one... doh!"
Actually, keeping your sandwich in a pouch made from your old trousers would definitely deter me from stealing your lunch.
T: If I really wanted a chip, I'd still take one.
the easiest way to get those chips is just to take one, lick it, and put it back first. now the bag is yours. works great on open beers too. just take a swig, swish it around, and spit a little back into the bottle/glass/can. presto! free beer and chips.
When I was in college, I used to add blue food coloring to my bottle of milk so that my roommates wouldn't take it.
Didn't you once blog about a combination lock for a tub of ice cream?
A trick I found that worked against a "fridge thief" was to find out who they where (via a covert little CCTV camera I have).
And then when I saw them going to the fridge ask them if they had stuff go missing a few times. Then one day mention I was going to "adulter one of my doughnuts with a nasty surprise" they asked what and I showed them the Korean Chilie paste I had with me and talked about how I was going to inject it into the jam of a doughnut every day.
Oddly my doughnuts stopped disapearing after that...
"Actually, keeping your sandwich in a pouch made from your old trousers would definitely deter me from stealing your lunch."
How about a pouch made from a kangeroo's scrotum?
Somebody I used to work with had two, one they kept their lose change in the other their hand rolling tabaco, oddly nobody ever asked him for a smoke.
Someone at my work used to steal the cheese out of sandwiches.
For the chip bag response... I only know a few friends that would stop. The rest would keep on eating just to spite me. I suppose I could make up a little lie about having a virus...
Heh, you were too kind telling the thief about the plan you were bluffing. I would have covertly found a way to make sure the thief didn't suffer from any specific alergies. Meanwhile I'd use that awesome CCTV setup you got going to find out his/her favorite food of theft was.
Asides from Chili powder I also suggest some of the following: oregel, wasabi, cayenne pepper... nix that, habanero pepper, ex-lax (or laxative of your choice), etc
Anyone sell a goatse version?
There is probably a better solution through food science. Add a bitter/sour/odorous agent to your food. Carry a neutralizing agent with you and add it to the food before consuming. You could disguise the neutralizer so few would be the wiser.
I can see the anti-honey pot project coming... what can you do to put people off from attacking your network/server/application? Green mould won't do.
>what can you do to put people off from
>attacking your network/server/application?
Make the login prompt "Schneir's Own Special Server" ???
It worked for a bakery and Chuck Norris, after all.
Variation on the beer joke:
A farmer stored all his apples outside until the weekend, when he'd take them to the farmer's market. Trouble was, folks would regularly load apples into their cars and drive away. He was busy in the fields and could never quite catch them.
One day he thought of a brilliant idea. He posted a sign above the apple barrels, stating "ONE APPLE IS POISONED."
It worked great! No one took any apples. Then on the day he was ready to take his load to the farmer's market, he glanced at the sign. Someone had crossed out his handwriting and scrawled "TWO APPLES ARE POISONED."
Regarding food adulteration - When I was a chemistry grad student, another student who had lost an apple in a refrigerator put up a note announcing "WARNING - the apple you stole had MALIC ACID in it. Don't steal from a chemist." A janitor went to the health center complaining he'd been poisoned.
Malic acid is what makes an apple taste tart.
Not to put to fine a point on it, but I think the point the beer and apple stories are making is that if you don't have an eye on the food 100% of the time you really don't have any idea as to the food's edibility.
The edibility of the food is still in an indeterminate state until consumed. Schrodinger's Apples if you will. Attempts to discourage tampering that don't actually increase the difficulty of a successful attack may or may not be a deterrent by virtue of taking away an incentive. But you are now instead providing a new incentive for an attacker by way of playing the provocateur. So have you altered the probability of the attack at all? Or did you just pay too much for a sandwich bag?
Those bags have been around for years, along with a similarly-minded paper bag. The most obvious flaw is that if someone actually picks up the bagged sandwich, it will immediately be obvious that the "mold" is on the bag rather than the bread.
Ultimately, all these tactics fall under "bluffing", with (as noted above) the usual hazards of that strategy....
A more effective (non-bluffing) version would be to spike the food with one of various chemicals which people vary in their ability to taste -- of course, the owner would need to themselves be a non-taster! Cilantro has great possibilities in this regard....
A more generic version of that would be to bring in weird-looking food -- which, of course, is to your own taste. Natto, anyone? Or even kimchee? For that matter, even quinoa looks pretty odd to those unfamiliar with it.
Yeah, I'm trying to think of how the apple joke parallels infosec. I feel like it relates in some way, but I can't figure out how. Any takers?
"Heh, you were too kind... ...ex-lax (or laxative of your choice), etc"
I sort of did that once before by proxie nearly 30 year ago, and well...
A company called "competitive video" was set up by John "the crab" (so called because he kept putting his hand down the front of his trousers) and employed three people.
One was a young lady called Louise I was rubbing along with and another was Roger an old school friend, the third a leather clad engineer called Steve.
Well John was trying to get Louise to be his (bit on the side) but as he was twenty years older Louise did not want to know but still wanted to keep her job. Well various minor problems started to occure for John like his car would have minor break downs when ever he had arranged to take Louise for a drink etc.
But john did not take the hint. Well after discussing it with Louise and Roger a "cunning plan was hatched". The next time the instant coffee ran out either Louise or Roger would get "French instant" with the burnt bitter chicory flavour and keep an ordinary jar of instant hidden away.
After a few days of this whenever Roger or Louise made John a coffee they would dislove a couple of senna pod tablets in the hot water and add ordinary instant so the bitter senna flavour stood in for the chicory.
Apparantly john developed bad guts for several days but appeared to recover. On the morning of an important show they where attending just before they left John asked Roger to make him a cup of coffee. Having upset Roger the previous day Roger decided to up the medicin to ten tablets. John being somewhat distracted actually drank most of the foul brew.
Anyway shortly after arriving at the show John called Louise from the show to say he was not feeling well and to tell Steve to take over. However partway through the call he had to ring off as he urgently needed the toilet. Apparently he made it about half way to the toilets when his guts let lose ruining his suit and leaving an unplesent trail on the show floor.
What followed ended up with John being carted off to hospital, where it was put down to some form of bug possibly from something he had eaten or drunk. John apparently put it down to being under a lot of stress and being triggered by sour milk in his coffee that morning. His doctor convinced him he should live a more healthy life style and he concentrated on that and left Louise alone, where upon his health suddenly improved a lot and his car etc stoped breaking down.
Shortly there after Steve left to set up on his own, and he offered Louise a job. A little after that Louise decided Steve's leather clad charms where better than mine.
And you didn't feel that this "cure" was just a few teensy weensy orders of magnitude worse than the disease, and, in fact, a serious crime?
There are two issues with the stained bag: firstly, once anyone becomes aware of the concept, or even picks up and moves the bag, the ruse is obvious and will never work again.
Potentially you can get around this by, say, dropping a few drops of green food colouring directly on the bread itself. But that works even worse with problem two: in many offices, the problem of unattended rotting food in the communal fridge is far worse than the problem of lunch theft, so there is a policy of allowing anyone to immediately discard anything that appears "off."
Plans of spiking a "bait" lunch are even worse. If poisoner doesn't understand exactly what he / she is doing (which is very likely), or if the lunch thief has any kind of unusual sensitivity, the poisoner is likely to get into a lot of trouble, and rightly so. (And no, the courts will not show much leniency just because the poison was not expected to be seriously harmful.)
As I see it, the real issue here is not lunch theft. It is not a hugely common problem and there are many valid alternative solutions. (For example, you can now quite cheaply get small insulated bags that will keep a pre-refrigerated lunch cool all day, just sitting in your locker or desk drawer.) The real issue is that persistent lunch theft indicates that you have a dishonest co-worker. This creates a corrosive atmosphere of distrust, and you might quite rightly wonder what else the thief is getting up to.
As such, the objective should be identification of the thief. Whereas stopping theft of lunches is a minor issue of purely personal importance, I believe identification of the thief should be considered fairly important. Quite a few methods to do this are no doubt possible, dependent on local circumstances, but one widely deployed, commercially available solution is a "thief detection powder". The treated surface needs to be quite dry, and you wouldn't put it on food, so it will require a little ingenuity to apply to lunches, however it results in the thief being caught literally red-handed.
(If you google this you will get a zillion hits from commercial suppliers; I strongly suspect it is just finely powdered potassium permanganate.)
Well the lunch bag amounts to "obscurity security". It relies on making the target less obvious rather than less available. The several admissions to poisoning of coworkers could be related to "honey pots". Make a tempting target, then slap the wrist. The apples story is sort of like the "Hacker Challenge" *cough* strongmail *cough*. It's essentially drawing attention of a possibly malicious nature. All good and well if you learn from the lesson (assuming there was a lesson left to be learned *cough* avsim *cough*) but certainly not an action to take if you want to lower the odds of a successful attack in the here and now.
I think if you carry the infosec metaphor all the way through you need to get a tamper evident lunchpail with a strong lock, chain it to your desk, and have a interior GPS that sends periodic position reports of the lunch pails location to your mobile:) Or you could just eat out... (I guess that'd be what, OpenID?)
@Aaron amounts to "obscurity security". It relies on making the target less obvious ...
I disagree Aaron. It reduces the object's apparent value. I was thinking that this reduces the impact value...but the value to us is the same (less the cost of the bag)
I guess a thief has a complementary profit calculation that parallels our risk calculation. What would that be?
Profit = (Item value) * (Risk of capture + consequence of capture)
While we usually try to control risk by reducing vulnerability and impact variables; this tactic reduces the value variable in his calculation.
A similar tactic was performed by a jewler who put a BIG hairy spider in his jewlery store window to deter thieves.
Screwing with their heads is within the rules.
@BF Skinner "Screwing with their heads is within the rules"... That belongs on a bumper sticker:) I'll concede the point of possibly altering the attack probability in the short term. But this approach has all of the problems of "secret method" encryption. Namely, once the "secret" is out, all future uses of the method are rendered useless. Does it have value until discovery? Sure. But just as it alters the equation before discovery, it alters the equation after discovery too. Because now you are in the attackers headspace. If the attacker has a sense of humor they may give it a pass because they think it's funny (ala Chuck Norris's bakery) or they may feel like "turnabout is fair play" (ala 2 apples are poisoned). Before taking the defensive measure you were only worried about one attack. Theft. Now you are worried about theft or a Trojan horse. And while you don't have to worry about either until the "secret" is compromised, you won't have any way of knowing the secret has been compromised if the attacker attacks with a trojan first. Hence you have to worry about both from the beginning. So the act of taking one precaution causes the precaution to be inadequate.
Another way to think about it is this: I have a secret text file. Weak encryption makes reading the text file harder, therefore more secure. However I have to email the text file through a compromised network. On this network the only files that are attacked/examined are the encrypted ones. My weak encryption will not be able to withstand attack. So by using weak encryption am I actually safer from attack?
A co-worker once confronted someone about to steal his lunch from the office fridge.
"I didn't know it was *your* lunch," the perpetrator said.
"But," my friend replied, "you knew it wasn't YOURS!"
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.