Google’s ATAP team has announced Vault, a hardware-based, cross-platform microSD card based solution for encryption of data both at rest or in transit.
Google Vault MicroSD Hardware
ATAP is a Google unit that looks at Advanced Technologies and Products and among a number of their announcements on the Google IO stage in San Francisco was project Vault. With the help of former L0pht member .mudge ( Peiter Zatko) the team has developed a hardware encryption device that they think anyone, and any system can use. Starting with a developer kit and a business-focused customer based the team aims to solve the problem of encrypting communications by having a simple hardware unit (inside the MicroSD card) and a simple file system based input and output mechanism. The open-source developer board was demonstrated on stage.
It looks simple, and that’s good because people and business don’t use security methods properly if they are too complex and time-consuming but inside there’s a “suite of cryptographic services” along with an NFC chip, a hardware random number generator and 4 GB of isolated sealed storage. “Two Vault users can communicate end-to-end without exposing any cryptographicly sensitive data to the host systems” says Zatko. Vault is operating system agnostic.
You’ll obviously need to trust Google though but with the development kit being fully open-source, including the CPU and the software this might become the best solution, even if you don’t trust Google. Don’t expect peer reviews to be done in a week though!
We haven’t found a Google page for the ATAP Vault project yet but the ATAP page (which redirects to project Tango) is here.
I wrote last Thursday about how my old technology would be useful while I was away on a weekender but something happened during my weekend in Holland that puts another angle on the tactic. Perhaps an expensive smartphone is worth taking with you because we had over $3000 of smartphones and laptops stolen from a holiday home at the weekend and because one of the stolen items had GPS tracking enabled we were able, with the help of local police, to find the equipment and thief in under 2 hours.
‘Headless’ friends in Holland wish to remain anonymous.
It’s over 9 years since I posted the first set of articles on the Carrypad blog…which became Origamiportal….which became UMPCPortal. I wanted to relay some thoughts on my personal need for a mobile internet device I called the Carrypad. I wrote about 5-7-inch screen sizes, web browsing, operating systems, GPS and use cases: Bed, sofa, toilet, plane, train and ship. I was, even if I do say so myself, spot-on, especially with the toilet! But I didn’t think enough about security.
My first mention of security was when I did a mini review of the Pepperpad 3 in October 2006.
…I was able to check for software listening on IP ports. It all looks pretty clean and with the automatic updates, there should be no need to worry too much about security. Low maintenance is always a good thing.
Admittedly the threat-level was lower 9 years ago but I should have paid more attention to security over the last 9 years and today there’s absolutely no excuse because the Internet is now a messy place.
Security is, in my opinion, one of the biggest advantages of Chrome OS over a Windows and even if you’re worried about Google, the guest mode allows a tracking-free secure experience. Of a list of 13 Windows security and privacy checks the Chromebook requires just 7. Let’s take a closer look.
I was going to present this at BarCamp Bonn this weekend (auf Deutsch sogar!) but as I’m going to be flying to Mobile World Congress now I won’t be able to attend. I thought I’d publish it anyway, along with some BarCamp Bonn links to help the cause. This check-list applies to anyone using a Windows PC (but please don’t use Windows XP – it’s past its use-by date!) and some of the tips are relevant if you’re using other operating systems. The list is focused on helping you improve security and privacy when connected to public WiFi (WLAN) hotspots where the dangers are generally the highest. Think about this list when you connect to the WLAN at #bcbn15.
I’ve also published a variation of this list on my main website, UMPCPortal.com where it has a slightly different audience. For you though, my Barcamp Bonn friends I have a few other thoughts as I know there will be people at that event that have few Windows administration skills and even less desire to be messing around with a PC. If you really don’t want to have to mess-around with Windows, think about a Chromebook.
Für die die kein bock auf Windows Administration haben werde ich einfach sagen, bitte ein Chromebook! Warum? Weil wenn man ein Chromebook nutzt reduziert sich diese liste von 14 punkte auf nur 5 punkte. Ein Chromebook, auf Chrome OS basiert, ist ein super, einfachen weg ein sicheres und privates Internet Erlebnis zu haben. Preiswert ist es auch!
I’m preparing to go to Mobile World Congress where one of my worries will be security and privacy. To that end I’ve hardened my Windows build and written it up below as a checklist of tasks that I urge you to look at and consider, especially if you’re connecting to unknown hotspots.
With an annual budget of $100-$200, journalists in Ukraine have a problem with their computing equipment. Each journalist needs a mobile phone and, if they want to work away from the office PC, a laptop. Financial restrictions mean that little attention is given to licensing, security and privacy or quality. Privacy and security risks are huge but some journalists have no perception of this at all. Fortunately it doesn’t take much to improve the level of online literacy with some basic training and organisations like the Deutsche Welle Akademie are able to provide it. I joined DW in Ukraine for two weeks in November to give some training and I learned that the new range of low-cost, lightweight Windows laptops are going to help these journalists a lot, despite Chromebooks being better for privacy and security in some situations.
Your privacy is important. While you might be happy with people watching you doing ‘acceptable’ things, what if you change in the future? What if the definition of ‘acceptable’ changes and you don’t agree? What if you live in a country where freedom of speech is restricted? Chromebooks can’t hide you on the internet but they can perform as a clean client from which you can work and walk away knowing that there’s no locally-stored record of your activity.
Over at UMPCPortal last week I took a long look at Windows 8 security features. One of the weak-points in my opinion is authentication. It’s single-channel, requires no proof of ‘personal presence’ and it leaves the user to choose the level of security. Poor passwords are a killer and as a result I’ve been looking at alternative and two-stage solutions. PalmSecure is a palm-vein detection technology and it’s pretty much the best technology out there for laptops right now.
Computer and digital security has changed a lot since I left my job as a security architect for a major ISP many years ago. At that time we were adding very expensive intrusion prevention technology into server farms and now the same technology is being used in consumer security software built into low-cost operating systems. The knowledge, tools and methods available to the consumer are vastly improved and a lot easier but, as always, the hacking techniques are more complex, the potential for vulnerabilities is greater and the rewards for the attacker increase as consumers move more information and financial transactions online.
As users we need to become more aware of the risks but even more accepting of the new ways to increase our personal data and identity security. Some of the tools are easy to use, others require more effort, and all of them require the end user to trust a third party.
In this report I take a look at security on consumer-focused Windows mobile PC products and I compare the features available to common security requirements for individuals.
For author background and audience notes, see footnote. A consumer-focused summary is provided.
I’ve been using a Bitlocker encrypted drive for a month now and it’s been totally transparent in terms of speed. I’m surprised. I’m also surprised that it was available on my Windows 8.1 (not Pro) OS. Inspired to boost security on my Ultrabook I’ve also enabled secure boot, increased the security level, made sure Defender and Firewall are working and, this is contentious, made sure my login is only via Windows Live account so the password can be changed remotely. Given the reporting and password / device management in the Microsoft Live account though, it seems worth it. Here’s how you can do it too.
How many times have you been asked if you can recommend a product without really having much to go on? It’s true to say that there are many customers out there that are not really sure what they want and so in that case you have to interpret requirements, add a bit of crystal-ball gazing and come up with an answer. Here’s an example I received recently and three choices for an Ultrabook to run Office apps and store media.