Schneier on Security
A blog covering security and security technology.
« Orlando Trusted Traveler Program |
| Torah Security »
June 13, 2005
Ice Cream Locks
Security isn't always about criminals and terrorists. Sometimes it's about your roommates or your kid sister. Here's a lock you can fit over your pint of ice cream so no one else eats it. Of course they can cut a hole through the packaging, but that's not the kind of adversary we're worried about here.
Posted on June 13, 2005 at 8:22 AM
• 23 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
you need to improve your sense of humor
You're kidding, right? Imagine the evil that can be perpetrated by the al Queida if they had access to my rocky road!
Hey, at $3 a pint, I'd protect it as well. Of course there are more important things to worry about other than ice cream.
My father used to quote this bit of truth decades ago: "Locks only keep honest people out."
You forgot to add "and a chalenge to the rest of us" ;)
We are acquainted to the term "snake oil" to describe certains kinds of crypto with little more than fancy ads and technobabble. Now we have another term for those overkilling crypto stuff. ¿Zillion-bits-long keys? Triple-DES-encryption for your school locker? "Not-even-Bruce-can-dream-of-decrypting this" encryption? Welcome to the world of Ice Cream Lock technology! ;-)
Now if could have a really serious analysis on why trusting a 3-digit-long lock is real security; or whether a 5-year-old kid is fast enough to try a brute-force search before the ice cream melts down..
I like the product-denial aspect: take too long fiddling with the lock, and the contents melt.
> take too long fiddling with the lock, and the contents melt.
Drill appropriate (small) holes. Let the ice cream melt, have content drip over second glass container, lock the glass container. Deny everything.
Re-frozen ice cream isn't that bad.
What, no identity management or fingerprint recognition? What if you want to share ice cream access with three out of five people?
Let's see...how about something tied into the fridge-log (tm) to track not only which unique identity accesses an ice cream container but when and for how long.
This consumption data, correlated with local and national felony data, might help take a "bite out of crime".
Or, since it has been proven that when the rate of icecream consumption goes up so too does the rate of crime (both actually due to warmer temps), it seems that Ben and Jerry might want to market this as the Ice Cream Element for Crime Reduction by Execution of Antiterror Measures (ICECREAM).
Sorry, that last comment should have been "take the crime out of bite".
Don't think of it as a lock, think of it as a personality test. (In fact, two personality tests -- one for the person who thinks its a good idea, the other for the person who has to decide whether having free ice cream right now (or perhps the right to free ice cream right now) is more important than ignoring the owner's clearly-embodied intentions.)
Publicized audit trails are like that; I'm not sure what else offhand.
Roommate or sister? How about giving them the key so you don't eat it all yourself, in one sitting. To me, that's the bigger problem :)
Data correlation? Yet another attempt of big brother at tracking everyone's slightest moves! First they will use it to protect the ice-cream, but the data is out there, and soon enough the insurance company will up your rates because you are eating too much ice-cream! Next thing you know you start getting ads for fitness centers.
Coming to think about it this comment didn't come out as funny as I wanted it to be.
Aren't the tubs just card or thin plastic? Couldn't you just pull the thing off?
Someone should buy one, test, and report back! :)
Access control using a secret, no token or biometric. Less than 10 bits of 'secret' at that!
Authorisation without identification or authentication. There's no privacy shield to prevent 'shoulder surfing', no duress code either.
Inability to revoke authorisation, no one-time access control.
No audit facility. All-or-nothing access.
Bypassing the system is ridiculously easy by installing a backdoor.
No published schematice or blueprints so that the device can be audited by independant security experts.
And what's the security trade-off here? How much liberty are you giving up for the sake of a little extra "security"? How valuable is the asset protected compared to the cost and inconvenience?
Are we realy meant to take this seriously?
Dear Arik at June 13, 2005 05:33 PM,
We at Globo-Gym can't help but notice how many excellent posts you have on this web-site. Given todays busy lifestyles we understand how difficult it can be to fit everything into a day.
Please print out the attached barcode and redeem it for a free 3-month menbership at your nearest Globo-Gym.
This comment thread is HILARIOUS. Ahaha, I'm crackin up. Does that make me pathetic? Now I feel bad about myself. I need some ice cream....
Hey, for it's purpose it is a whole lot more intelligent and effective solution than most of what the government does in the name of "anti-terrorist security."
You gotta remember that the purpose of locks in general is to make it hard for an attacker to circumvent it without leaving a trace. If the only way to get around a lock is to break it or stuff around it (forcing an attacker to leave obvious evidence about the entry) then the lock works. The most obvious "attack" against your ice cream pint would probably be to eat just a bit from it so that you wouldn't notice. If you need to break the pint or the lock to get to the ice cream then the lock actually works (even though it's only an ice cream lock).
I have a brother who has downs syndrome. He is also diabetic and has no impulse control. We desparately need a 2 quart model made out of some sort of aluminum or something. He is smart and tricky but not smart enough to overcome a lock
I could use something like that, a lock you can fit over your pint of ice cream, my sister used to steal my stash and now its my hubby or my daughter. You come home from work looking for some comfort in a pint of Ben & Jerry's and you see that there is about 3 spoonfuls left and no one admits to eating it. Site security though I am not too concerned about I have my IT guy on it.
Schneier.com is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc.