back to article You can hack a PC just by looking at it, say 3M and HP

Top security minds at HP have discovered that if you look at a PC, you can read what's on its screen. And if you're not the intended reader of that screen, it constitutes “visual hacking”, a terrifying menace that Must Be Stopped. The good news is it Can Be Stopped With This One Amazing Sheet Of Plastic, aka a 3M “Privacy …

Page:

  1. David Knapman

    Is this "our screens have poor viewing angles, so we're going to make them worse and call it a feature?"

    1. g e

      This is far cheaper...

      https://www.youtube.com/watch?v=zL_HAmWQTgA

      1. Anonymous Coward
        Anonymous Coward

        Re: This is far cheaper...

        True, but that's harder to take with you when you're travelling and I expect it's only going to take someone wearing polarised sunglasses to undo your security..

        1. Anonymous Coward
          Anonymous Coward

          Re: This is far cheaper...

          "True, but that's harder to take with you when you're travelling and I expect it's only going to take someone wearing polarised sunglasses to undo your security.."

          I plan to start a Kickstarter for a mobile phone secure screen that consists of two sheets of polarising material glued together with the polarisations 90 degrees apart. I've just tested it and it seems to work admirably.

      2. Geoff Johnson

        Re: This is far cheaper...

        That would look better if the screen was black without the goggles. Working at a monitor that looks off would really confuse people.

        EDIT: before anyone mentions it, I know it wouldn't work that way, but it would look cool if it did.

    2. Nolveys
      Devil

      Call it a feature?

      They had to figure out some way to market that batch that was made of nothing but glass and black.

    3. Anonymous Coward
      Anonymous Coward

      dave +1

      Do you work in marketing ?

    4. joed

      I was going to say the same thing. HP's laptops are pain to look at straight, and forget about trying to see anything from any side.

  2. saif
    Linux

    Firewall

    And unencrypted verbal communications can be easily intercepted by any one in the same room. Ultimately what is required is a firewall at the universal ports not just at the the digital to analogue transformation layer...the interface between man and machine. We need the firewall between man and man. Speaking gibberish or Welsh might do it.

    1. knarf

      Re: Firewall

      I think PMs already use a secret language that means nothing to nobody, not even each other most of the time,

    2. Alien8n

      Re: Firewall

      My father in law used to work at NatWest and they had an issue with their Swansea branch many years ago, so they sent one of their head honchos over to sort the branch out. Every time he walked into a room the staff would switch from English to Welsh so he couldn't understand what they were talking about. Imagine their horror when on the final day he says goodbye to them in fluent Welsh. Turned out that despite no longer having the accent he was Welsh as well...

      1. Bota

        Re: Firewall

        I had a very similar situation where our contractors were Portuguese, and I picked it up many moons ago from an ex. Was quite interesting what they wanted to do to the girls in accounting lol

        1. Yet Another Anonymous coward Silver badge

          Re: Firewall

          >Was quite interesting what they wanted to do to the girls in accounting lol

          Migrate them onto a cloud platform despite the inherent security risks ?

    3. Steve Evans

      Re: Firewall

      I believe the solution to this is encrypting it at source.

      A few hours in the local pub should do it... Now where do I apply for the research grant?

    4. chivo243 Silver badge

      Re: Firewall

      @saif

      I work in The Netherlands, Welsh, Dutch... it's all greek to me.

      1. Anonymous Coward
        Coat

        Re: Firewall

        ..and english is the linguia franka, pity I know no latin

    5. tony2heads
    6. TitterYeNot
      Coat

      Re: Firewall

      "And unencrypted verbal communications can be easily intercepted by any one in the same room"

      This is known in the black-hat trade as aural hacking.

      Definitely not to be confused with oral hacking, which is something else entirely (and may or may not involve someone wearing a poorly fitted dental brace.)

    7. Yet Another Anonymous coward Silver badge

      Re: Firewall

      That's why the police need to ban all those forms of encrypted voice communication known as "speaking foreign"

    8. Bill M

      Re: Firewall

      I know a lot of people who speak gibberish, but only 1 who speaks Welsh.

    9. HonestAbe

      Re: Firewall

      That's why I always conduct meetings in the original audio-signal VPN, igpay atinlay.

    10. Trigonoceps occipitalis

      Re: Firewall

      Navaho shirley.

      1. PNGuinn
        Holmes

        Re: Firewall

        "Navaho shirley."

        Indeed. I call Bulls**t

        I bet you've never met a navaho called Shirley.

        1. Anonymous Coward
          Anonymous Coward

          Re: Firewall

          I did, bach when I was six and running rampant with the Chief's eldest son.

  3. Anonymous Coward
    Anonymous Coward

    I keep my laptop screen secure by not opening the lid, 100% secure and free. Beat that HP.

  4. Warm Braw

    As an alternative

    You could get out your knitting needles,

  5. Alister

    the unintended consequence of making it harder to gather around a PC to check out that really funny new thing on YouTube.

    ...and the further unintended consequence that the number of internal emails suddenly rises, as people send each other the link to the new You Tube Funny, instead of gathering round one notebook...

    1. Alien8n

      One company I worked at one of the senior managers came in complaining that his laptop was really slow. A quick search for all emails with attachments confirmed the issue was the thousands of emails containing videos and pictures. Including a rather inordinate amount of porn that was being emailed to him by one of the machine operators. We hit delete and told him not to be so stupid again or he'd be losing his redundancy pay (the only reason they weren't reported to HR was the fact that both he and the operator were leaving 2 months later on redundancy and the redundancy pay was in the 4 to 5 figure range). Same company had another user who we didn't report for downloading music and movies from file sharing sites. Turned out the IT manager had his download folder set up as a network share to save him from downloading the same files...

    2. Michael Strorm Silver badge

      Please... won't someone think of Corbis?

      Don't they realise that this would decimate stock image libraries' investment in office types crowding round a corporate laptop?

      (Fact: Such images constitute approximately 47% of all stock photos in existence. Another 35% consists of groups of socialising woman apparently laughing at something highly amusing one of them has just said, while showing off their perfect white teeth and- in a very odd coincidence- none of them happen to have their eyes shut nor have been caught in an awkward-looking mid-expression change, like always happens when anyone normal tries taking such a photo).

  6. xeroks

    virtual monitors

    A more effective solution might be the use of an occulus/hololens type device to present the data to a single user.

    I don't believe anything out there is capable enough as a monitor replacement, but I wonder if HP have any devices like this in the pipeline. This might be the first step in a bigger marketing campaign.

    Or a cheap trick to make a quick buck.

    1. Anonymous Coward
      Anonymous Coward

      Re: virtual monitors

      Not yet, but they are improving. There are Oculus prototypes that are full 1080p, plus for business purposes you don't need stereoscopy; a single screen, even a Cardboard solution with a sufficiently-high-res smartphone will suffice.

      1. Yet Another Anonymous coward Silver badge

        Re: virtual monitors

        for business purposes - you could leave out the phone and just have a cardboard hat with a single powerpoint slide with "leverage synergy" and "dynamic growth potential" printed on a distracting background

      2. Cryo

        Re: virtual monitors

        "Not yet, but they are improving. There are Oculus prototypes that are full 1080p, plus for business purposes you don't need stereoscopy; a single screen, even a Cardboard solution with a sufficiently-high-res smartphone will suffice."

        The VR headsets like the Oculus Rift, HTC Vive, and other upcoming models that have been getting attention lately probably wouldn't be great as monitor replacements for at least the near future, simply because they're designed more for spreading their resolution out over a wide field of view. You don't need a 100+ degree viewing angle for a virtual monitor, so under that usage scenario, much of their resolution would be wasted. For a privacy-minded head-mounted display that isn't concerned with putting people in immersive 3D environments, a much narrower field of view with pixels more tightly packed together would probably be ideal.

        And even if you're not sending different images to each eye, you'll still need a separate display for each eye (or half of a larger display dedicated to each eye) since optics aren't going to let you view the entirety of a screen right in front of your face with both eyes at once. And again, the design of these headsets that use a single smartphone screen divided in two are more suited to providing a wide field of view than they are a sharp central resolution. And of course, you probably won't want to be using a bulky solution with a screen much larger than you need for any considerable length of time.

        For "business purposes" you would be better off with a headset that makes use of two much-smaller screens that could be optimally positioned in front of each eye. And if you plan to use the thing in a public place, you'll probably prefer an augmented reality solution to something designed for virtual reality. What good is the security gained from using the headset if you're getting pickpocketted in the process?

        I agree that the tech is improving though, and within a few years or so, there may be AR headsets that are not much bulkier than a pair of glasses, that can provide dual-screen output suitable as a proper monitor replacement.

        1. Anonymous Coward
          Anonymous Coward

          Re: virtual monitors

          "And even if you're not sending different images to each eye, you'll still need a separate display for each eye (or half of a larger display dedicated to each eye) since optics aren't going to let you view the entirety of a screen right in front of your face with both eyes at once."

          True. That's why Cardboard positions the phone several inches in front of you, thus putting it within the view of both eyes (either directly or by half-silver optics). It's also IIRC less disorienting than a dual-screen solution since you can have screen mismatch as well as the extremely close-up focus that can strain eyes.

    2. Alien8n

      Re: virtual monitors

      Wasn't this one of the original premises for Google Glass? The idea that you could "project" a screen for work which if you look slightly to the side the screen "disappears"?

    3. BlindProgrammer

      Re: virtual monitors

      I have the solution. As a totally blind programmer I don't even have a monitor. Nobody can hear my screen-reader through my headphones. If everybody else did the same for security's sake maybe somebody would give me a job on the back of my 25 years experience and not care about my blindness

      1. Anonymous Coward
        Anonymous Coward

        Re: virtual monitors

        Braille terminals are fairly discrete too.

        Not sure I could adapt to using either though, being sighted myself. (Then again, if I were to go blind, I'd have to.)

        1. Zog_but_not_the_first
          Joke

          Re: virtual monitors

          "Braille terminals are fairly discrete too."

          I'm sorry, I'll feel that again.

          With apologises to Peter Cook.

      2. Bota

        Re: virtual monitors

        That's actually an amazing feat! I wish I had half your determination and a third of your skill!

  7. James 51

    Had one of these for my phone. Added advantage that it stopped glare. Only problem was that with a touch interface the coating soon wore off.

  8. deive

    Would be useful if they integrated this into screens, allowed sections of it to be turned on and off by software and then turned it on over password fields only. Until then, meh!

    1. Michael Thibault
      Mushroom

      >allowed sections of it to be turned on and off by software and then turned it on over password fields only.

      I must assume that you're of the belief that that software would remain in the nominal user's control exclusively.

    2. Kubla Cant

      Would be useful if they integrated this into screens, allowed sections of it to be turned on and off by software and then turned it on over password fields only.

      Useful, but only when you're logging in to a system that displays the password characters. If you're still using something like that then people spying on your screen is probably the least of your problems. I'd guess that the last such system became obsolete in 1980.

  9. Anonymous Coward
    Anonymous Coward

    "Or "mal-looking" as it may one day come to be known"

    Love it.

    A well-written article, holding idiots up to ridicule - damned by their own words.

    'Visual hacking' indeed. I thought that meant poking someone's eyes out.

    1. Anonymous Coward
      Anonymous Coward

      Re: "Or "mal-looking" as it may one day come to be known"

      Hacking is entirely the wrong description of the problem - hence the ridicule.But nevertheless a real problem and if we can come up with a better solution than a grotty piece of scratched plastic that we slide over our svelte laptop screens, so much the better.

    2. Anonymous Coward
      Anonymous Coward

      Re: "Or "mal-looking" as it may one day come to be known"

      Perhaps it simply means the person looking is called "Mal"?

    3. PNGuinn
      WTF?

      Re: "Or "mal-looking" as it may one day come to be known"

      Personally, I prefer the expression usually used in Blighty - Shoulder Surfing. Somehow it seems to trigger the imagination....

  10. TeeCee Gold badge
    Facepalm

    Hmm.

    when visual hackers ply their dark art by sneaking up behind someone

    Er, surely if you've snuck up behind the user you'll have direct, on-axis LOS and this "security technology" will be defeated?

    1. DropBear
      Joke

      Re: Hmm.

      That's only true for the 1.0 version. Mark II will include patented lightsaber technology, and the photons will stop propagating past half a meter or so from the screen...

    2. Preston Munchensonton
      Coat

      Re: Hmm.

      Er, surely if you've snuck up behind the user you'll have direct, on-axis LOS and this "security technology" will be defeated?

      Fortunately, most self-styled ninjas are more Pauly Shore than David Carradine.

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like