in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Archives

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Full Disk Encryption, Victorinox Presentation Master, Being All Thumbs

If you haven't heard by now, Victorinox (the guys that make Swiss Army Knives, SAKs) has come out with a SAK that dubs as a presentation tool, which includes a laser pointer and a USB drive that is protected with disk encryption, along with the traditional blade, nail file, and other assorted tools.

The company issued a challenge to be held this week in London, where it will pay £100,000 to anyone who manages to hack into the encrypted USB drive--which can be accessed via a built-in fingerprint scanner.  There is a condition, though: the hacking has to occur in two hours.  And, the devices are not being given out in advance, as far as I can tell.

Of course, this means the competition is geared towards nobody successfully hacking the contraption (a successful hack being very bad for PR); two hours is generally not enough, and hackers in the real world don't face such restrictions.

I have even read a comment somewhere that the challenge is further geared towards preventing a successful hack since anyone--hacker or not--can show up at the challenge, preventing or slowing down actual hackers from reaching the counter where the knives would be handed out (which is a rather tortuous argument: I'd imagine the two-hour limit would kick in once the knife is in the hands of the potential hacker, and not at the official start of the event?)

Knives on Planes

The greater problem that I foresee is uniformed guys at airports and other restricted areas confiscating such a device because it comes with a blade.  Sure, they're these tiny things, depending on the model, but they're still knives, see? (Actually, I don't, but that's the argument given to me by one airport official.)

Victorinox, however, also makes a bladeless version, supposedly, so you can still play at being MacGyver at the airport's gates, if you so desire.  Just don't blow anything up....

Counting to Nine?  Google "Malaysia Machete Mercedes"

Whenever I read about thumbprint scanners, I remember the Mythbusters episode where such biometric security was easily defeated with a photocopy of an authorized print.

I'm also reminded of all the jokes people make about cutting off someone's finger to gain access to such security measures.  Well, I thought it was a joke until I read a comment on reghardware.co.uk:

"Every time somebody shows me biometrics i ask them to google "malaysia machete mercedes" which leads to a grisly story of a man who can only count to nine after robbers took his 'key'."

I did google it, and the story is not pretty.  Apparently, a gang in Malaysia hacked off a man's thumb after finding that a Mercedes-Benz S-class wouldn't start without scanning the owner's fingerprint.  Yikes!

On the other hand, with nearly seven billion people in the world, it was bound to happen to some guy at some point.  I love technology and all, but for the time being, I'd rather stick to password-based access to my data protected by encryption software.  Paranoid?  Sure.  But, if it's happened before, it's bound to happen again....


Related Articles and Sites:
http://www.reghardware.co.uk/2010/03/22/victorinox_swiss_army_knife_hack/
http://www.gadling.com/2010/01/12/review-victorinox-presentation-master-bluetooth-usb/
http://news.bbc.co.uk/2/hi/asia-pacific/4396831.stm

 
<Previous Next>

UK Information Commissioner Can Fine Company £500,000

Data Security: Credit In The Dumps? Personal Info Can Still Be Misused

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.