Screen-blocking systems stop prying eyes

Oculis Labs thinks it has stared down a long-known gaping hole in data protection

You've probably been in this situation before: A colleague strolls up behind your computer during work hours and your personal e-mail is in view.

To protect computer users in such instances -- and some that are much more problematic -- a U.S.-based company, Oculis Labs, has come up with two systems that obscure sensitive content on a computer screen, offering an alternative to plastic overlays that block content unless viewed at a direct angle.

Oculis Labs' first product, Chameleon, is designed for military use. For first-time users, Chameleon does a calibration test to observe how a person's eyes move over the text. For most people, this pattern is different. A user tracks a blue dot around nine positions on the screen.

When Chamelon is in use, a person's eye movements are tracked by a so-called "gaze tracker," which is an infrared camera, said Bill Anderson, president of Oculis Labs and former vice president of encryption at SafeNet.

When a document is displayed, only that authorized user can see the text as the camera tracks the person's eyes. For people who don't have the same viewing pattern, the text changes. Anyone else -- such as a translator employed by the military working with the soldier -- will see content that's been convincingly crafted to look like the real content, but isn't.

For example, a line of text that reads "the cat ran across the road" may appear to a snooper to say "the turtle had a nice lunch," Anderson said.

Those text changes occur in a 23 to 65 millisecond period when the eyes make rapid movements -- known as saccades -- but the user doesn't notice anything in a split-second of relative blindness.

"We are replacing content with equally probably false content," said Anderson.

Chameleon intercepts application content, such as that in a Microsoft Word document, before it hits the graphics card and alters it. The authorized user can slightly detect that the text is changing outside their peripheral vision but in a way that doesn't interfere with their comprehension of the document, Anderson said.

Chameleon alters the text by using a statistical dictionary to come up with convincing yet false content. It means that a soldier doesn't have to worry that the translator may be also gathering intelligence. About 5 percent of the time, however, people can share the same viewing pattern.

Chameleon also resists what is known as a tempest attack, a decades-old technique where electronic signals emitted by hardware such as a graphics card can be detected and then used to figure out content, Anderson said. It also defeats attempts with zoom lenses to take screenshots of content.

Applications sending data to the graphics card are unaware of Chameleon. So far the system just works with Microsoft Windows-based PCs, but could be used with other operating systems, Anderson said.

Chameleon will cost around US$10,000 per seat for a perpetual license. Anderson said Oculis plans to approach the U.S. military and potentially other NATO allies.

Oculis has also developed a spin-off product for consumer and enterprise use called Private Eye, which just went on sale about two weeks ago. Private Eye works with a regular webcam. It detects who is primarily using the computer and if that user turns away, the text is blurred on the screen within 100 milliseconds, Anderson said.

Users often grapple with a decision of whether to close a window when a colleague comes by, which could be perceived as rude or a sign that one employee doesn't trust another, Anderson said.

But when PrivateEye is known to be used, even those scenarios tend to stop: "Nobody wants to be perceived as the one who is always snooping," Anderson said.

With the forthcoming version, PrivateEye Professional, if the webcam sees someone else behind the authorized user, it will display a thumbnail-sized video window with the interloper's image.

"An adversary sees his own face, so he knows he's been caught," Anderson said.

The standard version of PrivateEye retails for $19.95 for a consumer license and $59.95 for a commercial one. The licenses are perpetual. PrivateEye Professional will sell for $59.95 for noncommercial use an $119.95 for commercial use.

Oculis Labs, which started two years ago on about $1 million in financing from family and friends, is hoping its technology could be woven into data leakage security products offered by large vendors, Anderson said. Another option is securing a deal with an original equipment manufacturer to ship PrivateEye with new PCs, he said.

Oculis Labs is working to raise another $1 million to $1.5 million over the next few months during a funding round, Anderson said.

Join the PC World newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags security

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jeremy Kirk

IDG News Service
Show Comments

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Matthew Stivala

HP OfficeJet 250 Mobile Printer

The HP OfficeJet 250 Mobile Printer is a great device that fits perfectly into my fast paced and mobile lifestyle. My first impression of the printer itself was how incredibly compact and sleek the device was.

Armand Abogado

HP OfficeJet 250 Mobile Printer

Wireless printing from my iPhone was also a handy feature, the whole experience was quick and seamless with no setup requirements - accessed through the default iOS printing menu options.

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?