Awesome Stuff: Security Hardware For The Masses
from the stay-safe-now dept
Securing your computer and phone are something that is increasingly important, especially in light of all of the stories about privacy intrusions we've been discussing the past few months. For the most part, the average person has tended to rely on software-based security offerings, rather than hardware. While company may invest in hardware solutions, that's always seemed to be a bit too much for the average consumer. However, perhaps that's changing. This week's awesome stuff covers three crowdfunding campaigns, looking to build different types of secure hardware for the mass market.- First up, we've got the amusingly named, Don't Snoop Me Bro (or DMSB for short). It's a VPN in a box. You hook it up to your network and turn the key (literally, it has a physical key) and it turns on a VPN tunnel via a VPN service routing your data through another country. These guys sent me a prototype to check out, and it looks interesting (though won't work with my network setup). They're still deciding what VPN service provider it will use, and it seems like that's something that could make a difference in terms of overall usefulness. Of course, you can already pay for a VPN service that just runs on your computer (I've got a couple), but the DSMB guys properly note that those aren't always the most user friendly and they only secure the one device, rather than the entire network (of course, they also work outside of your home/office). Still, if you're looking to VPN tunnel your home network, this is an interesting project to check out:
- Another project with a great name is the Tuit mobile security ring. With all the talk of Apple trying to make security easier via their fingerprint ID reader, lots of people have pointed out that it's dangerous to have a security token that can't ever be changed -- such as your fingerprint. Of course, plenty of people like the general ease of use of the fingerprint reader over a pin or password. The tuit project seems to be an interesting attempt to offer a better solution overall, creating a ring that uses NFC (near field communication) to unlock your (Android only, it appears, though there are stretch goals for Windows) phone just by touching it with the ring on your hand. In other words, the theory is that if you're holding your phone, it'll unlock automatically, but no one else can do that, unless they take your ring or hold your hand up to it. It's obviously not perfect security since someone could get the ring in some way, but it does seem like a nice idea in terms of good convenience for the user (since many people don't use any lock screen at all because it's too inconvenient) while still creating some security, especially if the phone is taken from you. Also, as they note, you can still use a password to lock the screen and make it much more complex, since you won't have to type it in so often.
- Finally, we've got the not so wonderfully named Qi4BOX, which is a USB key that encrypts all your local documents and documents in your Dropbox account. I'd imagine it's really only useful for those who are big time Dropbox users, but it's an interesting approach as a way to try to make the documents you put on Dropbox even more secure, without making it more user-unfriendly.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: awesome stuff, encryption, hardware, nfc, passwords, security, vpns
Reader Comments
Subscribe: RSS
View by: Time | Thread
VPN
[ link to this | view in chronology ]
Re: VPN
[ link to this | view in chronology ]
Re: Re: VPN
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
MAME has a way to build binaries consistently over many platforms that is why every ROM they produce is exactly the same no matter what machine you use at least as SHA1 is concerned.
About EM-shielding, well you can always knit a bag with metal treads.
knitkitjewelry blog: Knitting with Wire
kobakant blog: Circular Knitting Machines
Open source firmware can be found already.
http://www.openfirmware.info/Welcome_to_OpenBIOS
http://www.coreboot.org/Welcome_to_coreboot
h ttps://www.fsf.org/campaigns/free-bios.html
Open hardware
http://www.ohwr.org/
It is not impossible is just hard.
Still I agree 100% security may be impossible, but you can have high security using open source and open hardware.
All that hardware can be made at home except from the silicon, those still need some specialized equipment mainly optics and high vacuum quality chambers to be produced properly.
Because it is still difficult this could be a market where anyone with some electronics knowledge and capable of building things could start a business.
Still, people can be more secure if they really want to.
[ link to this | view in chronology ]
Re: Re:
I can't help but nitpick this a bit. You probably mean 100% security, and if so, then you're right.
But effective security is totally possible, because whether or not something is secure isn't a technological question. It's an economic question: something is effectively secure if the cost of obtaining the information exceeds the value that information. It's not a matter of "can they break in", it's a question of "is it worth the effort".
The vast majority of information you wish to keep secret (personal correspondence, credit card numbers, medical records, etc., etc.) is actually fairly low-value in market terms. It's high value to you, but not to anybody else. For example, your credit card # is only worth a buck or two on the black market.
It doesn't take anything near 100% security to make it uneconomical enough to get that information that thieves wont' bother.
If you have information that is high value to everybody, then you should be taking extraordinary measures to secure that information. For example, you should not be placing it on any device that is connected to a network, you should be paying attention to the physical security of it, etc. In short, there is no, zero, all-in-one technological solution for this sort of problem. Real security is all-encompassing, involved technological aspects (encryption, etc.), physical aspects (safes, guards, etc.), and behavioral aspects. Being weak in any of these means that your security as a whole is weak.
[ link to this | view in chronology ]
When someone comes up with an anonymous P2P VPN now that would be a game changer.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
You can't trust anyone, so Trust Us. We've put the key in your hands!
P.S. Here's a random quote from Bruce Schneider that may or may not have anything to do with the product we offer.
[ link to this | view in chronology ]
Re: Capitalism
[ link to this | view in chronology ]
Re: Re: Capitalism
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Still that's watched as well so it could never be 100 percent.
There has to be unencrypted communication fist or how else would you make the handshake? Magic? Akio, bum?
Plus tapping at ISP level allows them to directly inject malware without even having to open an infected site. It could be done anytime they feel like it as long as your connected.
Yes it could be safe, but what happens once the NSA forces them to start handing over their global keys that the software relies on?
Only a few things could happen-
1. They give the key up, shut the fuck up, and continue to run an unsafe services.
2. They refuse and keep their service running at the risk of some extremely serious charges based on absurd laws.
3. The refuse and close their doors.
Their price to keep us "secure" is just too high for me. I hate actual terrorist just as much as anyone. I'm sorry, but I do not fear their fake spoon fed confession terrorist that mostly consist of 40 to 50 year old borderline retards that can hardly take care of themselves.
Whoops I've veered off the orig topic. Did I mention I make a n awesome apple pie? ;)
[ link to this | view in chronology ]
Re:
There is no reason to not trust the concept of encrypted communication over the internet. That is blind fear of black NSA magic which simply does not exist. The biggest fear to be had of the NSA is their political magic along with the big scary men holding guns that follow their commands.
Even they have admitted that standard implementations of encryption are generally secure. Their workarounds is to force everyone else to talk to them and circumvent you, the user. If your VPN provider isn't playing their game, then there isn't too much they can do about that except sick their gun-wielding goons at them. So the trick is to find a place where they can't send their gun-wielding goons without international incidents occurring. And THEN you can start worrying about the VPN following proper protocol.
Which btw, proper protocol is using all those popular standards that you seem to feel are ineffective against their spying. Those popular standards are still mathematically difficult, and the NSA hasn't found the spell they have to cast to make their computers able to break them in real-time. So it's therefore logical to believe that as long as you can trust the VPN provider (The hardest part by far) and trust that you have the proper protocol in place (You're using a program like OpenVPN) then you're safe. Your communications are being watched, but there isn't an easy way for the NSA to make any sense of them.
We all know it's impossible to have 100% security, but it's like a game of outrunning bears, you only have to be faster than the other 90% of people who are also running away.
[ link to this | view in chronology ]
With the ring, I have problems trusting any security implementation that uses wireless no matter how weak the field supposedly is. It reminds me of the attacks on credit card RFIDs that were supposed to be about the same range as the ring. Where does one put their hand anyway? On doorknobs, on counters, they shake them with other people, the whole time waving around their half of the security token. I would almost prefer if it was in card form or QR code form that had to be visually recognized by the phone for it to unlock.
[ link to this | view in chronology ]
Re:
A thousand times this. There is no signal so weak that it can't be read at a distance. Radio astronomy is all about reading microvolt signals over vast distances. At worst, a weak signal means you need a bigger antenna.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
For Dropbox
[ link to this | view in chronology ]
The first solution seems to be the best idea in my opinion. Poorly executed though, you could provide a dumb-proof ui so the person can set up a custom vpn.
[ link to this | view in chronology ]
DSMB
[ link to this | view in chronology ]
Security
[ link to this | view in chronology ]