The adapter essentially acts as a proxy between your computer and a USB drive, meaning it needs no software, has no operating system requirement, and works with everything from a flash memory stick to an external hard drive. All communication with the USB device is encrypted on the fly using 256-bit AES via a certified FIPS 140-2 Level 3 crypto module, but the key isn’t stored on the drive: at the front of the hiddn adapter is a smart card slot.

When you insert a smart card, you have to enter the corresponding PIN code to use it. (After three unsuccessful attempts, the card becomes locked until a longer PUK code is given.) The device does not appear as an active USB device in the OS until a card is verified, and becomes “unplugged” when the card is removed. The encryption key (or half of it in split-key mode) stays on the smart card, making an encrypted drive unusable without it.

Setting up and operating the hiddn system is very straightforward. You connect it to your computer with a USB cable, plug a drive into the top USB port, insert your smart card, and then enter your PIN. From there, the experience is no different than using a USB drive normally – there’s not even a difference in speed.

When I first connected an unencrypted drive on a Windows machine, it appeared as an unformatted drive. After formatting, it behaved just as it would when plugged in directly. (A few times I had to reconnect the adapter to get Windows to recognize a new drive if I didn’t “eject” the drive first or tried a bad PIN, but those were minor issues.) Trying to use the drive without the hiddn adapter after it had been encrypted brought up another prompt to format – Windows could tell there was a volume, but it was completely unreadable.

After using the hiddn Crypto Adapter for a short time, I started wondering why no one else had thought of it before – or at least why I’d never heard of it before. It’s a great tool for anyone wanting a no-hassle method to encrypt removable storage. The only potential drawback is pricing; two adapters and two sets of pre-configured smart cards can run almost $900. High Density Devices offers a few different packages of units and cards, ranging from one of each to ten, as well as an enterprise key management system for creating new cards. But while some users may find hiddn too expensive for personal use, its flexibility, ease-of-use, and high security make for a combination that’s hard to beat.

One of the top fought battles right now, and the subject of many people’s criticism of Apple’s app store, is their approval process. This in comparison to the open source community and what is now being found on Google’s Android phones.

History has shown that the open source community is actually pretty good at creating secure software. This is usually one of the defining factors behind a lot of the software. Users don’t agree with some of the decisions proprietary applications make, so they create their own and use the community to help secure it. But is this enough nowadays with the massive flood of applications hitting the mobile market?

What actually takes place during Apple’s app approval process is somewhat vague. Most would argue it’s simply to ensure Apple doesn’t lose money from a competing application, but I like to at least think they are doing some kind of security reviews against the applications, to ensure that the end user isn’t being opened up to some sort of attack vector.

So, with the rise of mobile applications, which do you think is the more secure venue for application distribution? Would you prefer your apps to go through a formal approval process (even if it is not known what that actual approval process screens for), or would you like to take the chance of having the open source community, with the ability to gather experts from many different fields, though not guaranteed, handle the approval process of your applications?

The debate is still open. Let’s hear your opinions in the comments.

iPhone vs Droid - XKCD

Thanks XKCD

However, I recently came across a video detailing a real attack against a real voting machine, carried out by real engineers, using real tools and data, and showing very real results.

The Sequoia AVC Advantage, a pretty old piece of electronic voting equipment, was broken pretty badly by hardware reverse engineering and return-oriented programming. The following video shows how it was done by a team of computer scientists and engineers from the University of California, San Diego, the University of Michigan, and Princeton University:

More about the attack details here.

What’s really interesting is the ease in which they were able to get a voting machine to play with in the first place. They didn’t steal one or bribe a government worker. Instead, they bought 5 of them… online… from a government surplus auction for less than $20 a pop. Craziness… especially considering some states still use these same machine models. A few months later and these guys have a well-structured attack that can swing the vote any way they want.

This just goes to show how thin the line is between hypothetical voting machine attacks carried out by insiders with special knowledge and real voting machine attacks carried out by smart people with a couple of dollars and some spare time on their hands.

• 12,000 laptops are lost in US airports each week.
• 65-70% are never reclaimed.
• 53% carried sensitive corporate information.

Guess how many of those machines were protected with encryption.

You can read the entire report [pdf] and find out on page 7.

iPhone 3G S offers highly secure hardware encryption that enables instantaneous remote wipe. You can even encrypt your iTunes backups.

…according to that, it would sound like the remote wipe is dependent on the hardware encryption, which makes me believe that instead of actually wiping the data (as in a format), it would simply delete the private key – therefore making the data inaccessible. (Since iTunes stores a backup of all your iPhone data at every sync, securing this also seems important.)  This also assumes it’s using a strong form of encryption. I’ve also read in other posts…

…hardware encryption for Exchange users…

…as the listed feature. Does this mean it’s only available through Exchange, and at what level is it being used? Is it only securing your email? We know the iTunes songs and videos are already being encrypted on the device. Is this the same form of encryption they’re talking about?  We’ve asked an insider at Apple to help us out with some of these questions and are still awaiting a response.

All of this brings up major questions about the REAL security behind all these marketing terms. How much do companies actually care about security, and how much do they actually do to help protect their users? Is everything just a marketing ploy these days?

Users were upset about the lack of security in our last model of product X. Let’s add minor revisions and throw some good marketing verbiage in the features list and hope that fixes everything.

Is this how security is being treated? Apple isn’t the only company being vague about these types of issues; it rolls all across the board. They just happen to be the ones asking for the most attention at his current point in time.  Stay tuned as I hope to find and relay some answers to many of these questions as more details are revealed.

ATM skimmers like those shown in the video require a camera set up to see you PIN as you enter it. Aside from the obvious advice or not using and ATMs with wires or protruding panels, they recommend shielding the number pad as you enter in your PIN code. I’d add going inside of a bank to withdraw cash when at all possible, but now a days most debit cards double as credit cards and your PIN is pretty useless. The crooks can just take the card number swiped from the magnetic strip to go shopping online or sell to someone else.

• Quantum Cryptography Will Be Broken With Quantum Technology - Current computing technology uses methodical means to encrypt and decrypt data. Quantum physics doesn’t work sequentially or even follow the laws of classical physics.
  • The first quantum hack will be done with quantum technology.
• The Human Factor - I always like to think about the “gun to head” method of cracking security. Put a gun to the right person’s head and they’ll tell you whatever you want. Quantum cryptography can be cracked by blackmailing, intimidating, and threatening the right people.
  • Not to mention that people lie, cheat, and steal for money or other personal gains. No technology in the world is immune from people.
• Maybe God Isn’t Playing Dice - Einstein never believed that quantum physics was random famously saying, “God doesn’t play dice with the universe”. I agree with him, consider it’s just that we don’t completely understand what’s happening to entangled particles – making them seem “magic”.
  • The entire physical universe works according to a set of very well defined laws and rules. Why quantum physics should be an exception is unlikely.
  • If that is the case, quantum cryptography could be unraveled by a brilliant physicist one day.

All of the above is purely theoretical, but you should always be wary of “completely secure”, “unbreakable”, and “perfect security” – because it doesn’t exist. There are other theoretical ways to possibly disrupt or eavesdrop on a quantum message – but again they’re purely theoretical.

Well, so is practical quantum cryptography.

I’m speculating here, because I ride coasters a *lot*, and the newer systems are controlled by general purpose computer systems – I’ve seen the Millennium Force at Cedar Point blue screen, and it was built in 1999/2000. I don’t know if these systems are networked at all, but I could see a business use for it: letting people know what rides were having problems, or just generally monitoring the health of each ride. These computer systems (like many at hospitals) control life or death literally, not just storing someone’s personal data. It’s a lot like the pacemakers that are bluetooth controlled. Do we really want to network these devices?

There are arguments on both sides of the fence, and I can see both sides – it’s easier to monitor and make changes (without having to go through surgery again), as well as “but someone could get killed”. Both sides make great cases (someone could die during surgery too), but the networked (whether bluetooth, wi-fi, RF, etc) devices also present the accidental hazard. What if I want to just play around with the bluetooth protocol and start sending garbage to a device I own (say my cell phone), and someone with a new pacemaker just happens to be sitting across the way at the coffee shop?

To network or not network is probably going to be an eternal question, and the answers are going to be different each time we ask that question. It all depends on what risks we’re willing to accept, and what ones we’re not.

[T]he… sinister specter of an electronic Trojan horse, lurking in the circuitry of a computer or a network router and allowing attackers clandestine access or control, was raised again recently by the F.B.I. and the Pentagon.
The new law enforcement and national security concerns were prompted by Operation Cisco Raider, which has led to 15 criminal cases involving counterfeit products bought in part by military agencies, military contractors and electric power companies in the United States. Over the two-year operation, 36 search warrants have been executed, resulting in the discovery of 3,500 counterfeit Cisco network components.

Cisco routers are everywhere. According to Cisco’s web site, “Cisco is the leading supplier of networking equipment and network management for the Internet.” The likelihood that you received this web page over one or more Cisco routers is extremely high.

Also, what if this wasn’t just counterfeiting?

The F.B.I. is still not certain whether the ring’s actions were for profit or part of a state-sponsored intelligence effort.

It’s one thing if largely used networking components get compromised through a flaw to allow “back door”, privilege escalation, or other nefarious access to data which flows across them. It’s an entirely different thing if these devices were (re-)engineered with villainous intentions. Such additions could be nearly impossible to detect. One more quote from the NY Times story:

The threat was demonstrated in April when a team of computer scientists from the University of Illinois presented a paper at a technical conference in San Francisco detailing how they had modified a Sun Microsystems SPARC microprocessor by altering the data file on a chip with nearly 1.8 million circuits used in automated manufacturing equipment…
“It’s very difficult to detect and discover these issues,” said Ted Vucurevich, the chief technology officer of Cadence Design Systems, a company that provides design tools for chip makers. Modern integrated circuits have billions of components, he said: “Adding a small number that do particular functions in particular cases is incredibly hard to detect.”

If this doesn’t give you nightmares, it should.

In a whitepaper published this month, Jarrod A. Roy and Igor L. Markov (of the University of Michigan) and Farinaz Koushanfar (of Rice University) outline the problem and details of how their proposed technology will help solve the increasing piracy of chip designs.

Markov will present the group’s proposal at the Design Automation and Test in Europe conference, to be held in Germany on March 13, 2008.

It’s a very technical read, but still interesting to see the diversity that public key cryptography can be used for.