UW Computer Security Research and Course Blog

Erin Covington provided this example CSE 490K Security Review.

Product Summary

Project Epoc is a new kind of interface for the human computer interaction. It is based on recent developments in neuro-technology that have made this kind of product possible. The product is basically wireless head-gear with sensors. These sensors pick up the electrical signals produced by the brain of the person wearing it. The claim is that that it can detect thoughts feelings and expressions. The intended use of this headset is to use it to control games with the brain’s electrical signals, and according to the manufacturer, the user’s facial expressions, conscious thoughts and emotional states. The information regarding a person’s thoughts and emotional state would be transmitted to the game allowing for an experience that could be programmed to respond accordingly to that information.

Assumptions

For the purpose of this evaluation, I will assume that the manufacturer’s claims are true, and the Project Epoc headset can, in fact, relate the conscious thoughts, emotional states and facial expressions to a PC through its wireless interface.

Assets and Security Goals

• The content of the transmission: a person’s thoughts and feelings, is an asset to that person. It is a reasonable security goal to wish that your internal thoughts and emotions will remain private unless you wish to share them. While it is sometimes obvious that a person is very scared or uncontrollably happy, people can expect to keep all but very intense emotions private if they so choose. This content should only be available to the game the user is playing.
• The identity of a player as well as the duration, frequency and time of play at a given game is also considered an asset. One goal should be that no information about a person’s identity is gathered when playing games as this would infringe on privacy. This relates to the concept of confidentiality.
• The ability of the software to correctly interpret thoughts and emotions would be an asset. If the headset did not accurately transmit the brain’s electrical signals or process facial expressions the usefulness of this product would be questionable, and the game playing experience would be less than satisfying. This can also be related to the concept of integrity, ensuring that the correct signals reach the end device.

Potential Adversaries and Threats

• The maker of a game could be a potential adversary. If we assume in this case that the user is playing on a PC, the manufacturer could be monitoring how the player responds to the game in order to do market research, improve scenarios, or for other business purposes. The player would have no idea that their responses were being monitored in this way.
• Anyone with access to the PC the game is played could be a potential adversary. This includes friends, family members, repair people, roommates, etc. The adversary could put software on the PC to record the times, duration and content of any gaming session. This is a threat because it could be used to track a person’s location at a specific time, and their thoughts.
• The government is a potential adversary (duh!). Government agents could create a game that uses this technology, and tracks a player’s responses to certain situations. This game could require an internet connection for “enhanced content”. These recorded responses could be used to create profiles of individuals, and could be updated with new scenarios as long as a player uses the equipment. Excellent players could be targeted for recruiting into government agencies.

Potential Weaknesses

• The headset transmits information wirelessly, and this information could be intercepted by someone within range. Even if it was encrypted, the development kits used to interpret the signal are available from the manufacturer. The ability to intercept the conscious thoughts and emotions of someone is a potential weakness. Ensuring that the transmission is encrypted and isolated in the game only would be important.
• Another potential weakness is that the game responds to your thoughts and feelings, thus allowing anyone that can observe the game (either over the internet, or if they are in view of the screen) access to your non-verbalized brain processes. This sort of transparency of thought opens the door for someone to gain intimate knowledge without consent. One way to eliminate this would be to have some elements of the game that depend on chance as well as a player’s thoughts.
• Okay, this one is way out there, just warning you. One other weakness that could be exploited in this scenario is that this could be applied to some real event, where players are using their brainwaves to kill adversaries in the game, detonate bombs etc. and without knowing it, they actually ARE activating bombs or pulling the trigger, or maybe even commanding real intergalactic ships on a mission to kill the buggers…..