Example Security Review #5

By Tadayoshi Kohno at 2:03 pm on January 7, 2008Comments Off on Example Security Review #5

Michael Levine provided this example CSE 490K Security Review.

Summary:
The Emotive product is a headset for use in video games and other applications. The user places it on their head and it uses EEG to somehow detect emotions, thoughts, and facial expressions. These are broadcast wirelessly using a proprietary protocol. I am working under the assumption that it will need to “tune” itself to some brain.

Assets:

  • The user would probably want to keep their emotions a secret. They can be considered very sensitive information, and they may wish to hide them or disable them
  • Likewise, the users thoughts are also very sensitive. It would definitely pick up on other stray thoughts that aren’t related to the game.
  • The thoughts and emotions should not remain on storage for long, as a “history” of someones thoughts can be incriminating evidence or something.

Potential Adversaries/Threats:

  • Someone who has an interest in breaking proprietary protocols (read: hackers) can make it possible to intercept and decipher (or modify) the transmissions.
  • Police men/SS officers can intercept it and use it in some form of Orwellian police state to find “thought offenders”
  • Game developers who write their own SDK for handling the devices input may have nefarious ideas in mind, like using targeted advertisements based on player reactions, etc.
  • Professor X (leader of the X-Men) already has the ability to read minds; he may find this device offensive or threatening and decide that it must be eliminated no matter the cost. Of course, he is a superhero and not a super villain, so we should probably worry more about Jean Grey/Phoenix.

Weaknesses:

  • Proprietary protocol should be ringing alarm bells; the second that thing is cracked, there better be a way to update the firmware to do something else. Better yet, use something established like WPA while still allowing firmware upgrades.
  • Wireless in general is a pretty bad idea when transmitting sensitive information; they should consider switching to a tethered system even if it does limit motion a bit.
  • The firmware and SDK itself is susceptible to malicious users in that it can possibly be replaced/augmented by an adversary to collect different information, send false information, or relay information elsewhere.
Filed under: Announcements,Security ReviewsComments Off on Example Security Review #5

Comments are closed.