anelok: main case, top: corners [1/4]

Dave Ball qi-hardware at daveball.org.uk
Mon Dec 2 05:04:32 EST 2013


On 02/12/13 05:18, Werner Almesberger wrote:
>> I'm not sure if you're already planning this, but one thought I've
>> had since you announced this project is whether it would be worth
>> integrating Anelock with some keychain software on the host
> Yes, of course :) For example, it would be very nice if, say,
> a Web browser that encounters a password prompt could tell
> Anelok the site and maybe the account, and ask for the password
> (and maybe an account). Anelok could then pre-select the
> information and the user would only have to approve the
> transaction.
>
> By using a "proper" protocol, one could make sure passwords
> don't get typed into the wrong field or even window by accident.

Ahh - great. I'd clearly been thinking of HID in too narrow terms. I've 
never been particularly convinced by external password management tools 
supplying password data to a browser, so tend to use the build-in pwd 
manager for low security sites, and keep important passwords in 
encrypted text files.

> Anelok could also be used to store other things. I haven't
> looked at the technology, but maybe it could hold a Bitcoin
> wallet.
Yes - I had the same thought :-)
> <snip>
> But if we want to be able to also reach people afflicted with Windows 
> and such, making it a straight USB protocol level choice may not be 
> the best idea. Instead, one can abuse the HID reports for sending and 
> receiving "special" messages. This avoids having to write a special 
> USB device driver. There's even a nice multi-platform library for it: 
> http://www.signal11.us/oss/hidapi/ - Werner

Oh wow - such abuse is both fantastic, and a little disgusting at the 
same time! :-)

Dave




More information about the discussion mailing list


interactive