I’ve written about TrueCrypt in the past, and mentioned how it has suddenly become hot news "thanks" to a ruling that US Customs can search the contents of your laptop without "probable cause".

TrueCrypt just updated this powerful open source application to version 6, and added several new features. TrueCrypt 6 now supports multiple core processors (which you’ll find in almost every new PC). It can spread the encryption/decryption load over these cores, making things much faster.

It also adds support for a hidden operating system. With a hidden operating system you can completely hide and encrypt your entire Windows installation. If you do end up getting asked to turn your machine on, you can even boot into a decoy operating system where you can show that you have nothing to hide!

TrueCrypt 6 is free, and be found here.

• 0 Comments

Dell and the Ponemon institute released the findings of a study of "lost laptops and business travelers". The results are beyond alarming.

• Up to 12,000 laptops are lost in United States airports each week
• Between 65 and 70 percent of lost laptops are never reclaimed
• Most laptops are lost at security checkpoints
• 53 percent of business travelers surveyed carry sensitive corporate information on their laptop
• 65 percent of those who carry confidential information have not taken steps to protect it while traveling
• 42 percent of respondents say they do not back up their data

12,000 lost laptops every week is a staggering number. But the worst part is that most of them (40%) are lost at a TSA checkpoint and that two thirds of them are never even reclaimed!

Some simple math shows that over 400,000 laptops are lost and never reclaimed each year. The worst airport is LAX, where 1200 laptops are left behind every week. That is about 8 laptops an hour.

To me, this doesn’t only reflect badly on us users, it reflects badly on the TSA. The findings of this report make it clear that the TSA has extremely poor safeguards in place to prevent people from forgetting their equipment.

The TSA needs to take a close look at these results and do the right thing. Business travelers are losing $975 Million worth of laptops each year during their checkpoint procedures and it is obvious they need to develop a better solution. Of course the stress of travel is going to make people forget a few things, but these numbers are a disgrace.

That said; it isn’t 100% clear how the data in the study was gathered, nor does it appear that the TSA supplied the exact numbers.

Nevertheless, the loss of a laptop at the airport can be prevented, and losing your machine does not necessarily mean it is gone for good. Later this week I will post some helpful tips on how to retrieve your laptop.

You can read the full results of the study here.

• 2 Comments

Zoombak is a fantastic little GPS tracking device that can keep an eye on you, your car, your pet, your children, or anything else you want to be sure doesn’t get too far away.

It isn’t the only device out there that is capable of this, but it certainly seems to have one of the best feature sets I’ve ever seen.

I’ve got one here and will be posting a full review soon. But I can already reveal that it’s a marvel of technology, not to mention tons of fun!

If you don’t want to wait for my review, you can pick one up today from Bestbuy.com or directly from Zoobak.com. A special version for your dog can be found at the local Petsmart.

• 0 Comments

When you surround yourself with sun, sand and surf, it is pretty easy to forget minor things like putting your GPS unit out of sight (or removing it from your car). But every year 1000’s of GPS units will be stolen.

So, as a public service to all my readers, I’m going to give you 3 simple tips that will make things a little harder for thieves, and may even skip your car.

1) Always remove your GPS unit from your vehicle. It sounds like such a logical thing to do, but we have all left it in plain sight before (I know I have). Don’t just take the unit itself out, but also remove the windshield mount and charging cord (otherwise it’s just an open invitation to check out the rest of the car).

2) Enable the security function on your GPS unit.

Of the "big manufacturers", only Gamin and TomTom seem to understand the threat of your device being stolen, so they have added a PIN protection option. Garmin even include warning stickers for your car, alerting wannabe thieves to their security features.

On a TomTom unit, go to your preferences screen, select "set owner", then "options" and set a 4 digit pin.

3) Remove as much personal information as possible. I’ve always suggested removing your home address from your GPS unit.

If someone steals your bag (containing your home keys and GPS unit), then it’s pretty easy for them to head over there and help themselves to some more goodies.

Of course, it is always handy to have your home address programmed in the unit, so feel free to do so, but call it "police station" or "grocery store" to fool the thief.

Set the "home" address to your office or a mailbox service (if you have one) so the device can be returned if an honest person finds it. But an even better option is to attach a Stuffbak locator sticker to it.

• 1 Comment

If you’ve been keeping up with the news, then you’ll know that US customs can seize and inspect anything on your laptop, without your consent or without probable cause.

There are many ways around this, including drive encryption or carrying a USB memory key. But those will always present the risk that Customs simply seize them too.

One place you may not have thought about for storing documents is your iPod. Apple conveniently allow iPod owners to enable a portion of the drive on their iPod for non music/video storage, and access is as simple as opening it up in Explorer. Of course, if the documents are of a really sensitive nature, then you’ll want to store them in a Truecrypt file.

Of course, this system also works if you just need a quick and dirty way of storing anything else you need a backup of (photos for example).

You can learn more about enabling disk usage on an iPod in this Apple knowledge base article.

• 0 Comments

With the large variety of malware and attack surfaces for systems on public networks, protecting your laptop is a critical aspect of working on the road.  Keeping out viruses, spam, spyware and other attacks generally requires several different applications, either from a “security suite” package or individual apps from several sources.  Yoggie, an Israeli-based security company, addresses this need from a very different angle.  They provide a USB (or PC Card) security appliance: full security in a dongle the size of a normal USB thumb-drive.  The appliance promises an integrated hardware firewall as well as complete security protection, and it does so without installing the bloat-ware that most security suites seem to have become.  I took the Gatekeeper Pico for a test drive the past few days, with mixed results.

The device arrives as promised, with almost zero software to install on your local machine.  That is a great benefit, preventing the scanning process from taking over your machine and killing the performance.  I connected the device, installed the driver and hit my first snag.  A quick reinstallation of the software cleared that up and I was off and running.  The installation process places a network shim on your computer, effectively intercepting all network traffic and passing it through the Yoggie appliance before allowing it to or from your computer.  The concept is great, especially since it offloads the overhead.  Unfortunately, the implementation appears to be lacking based on my testing.

The appliance claims 12 built-in security appliance functions.  I was not able to test all of them, but the ones I did test had mixed results.  The anti-virus feature worked great, blocking the web page with the virus on it from loading with a very clear indication of what it was doing:

For other functions, such as the firewall feature, the indication of the Yoggie intervention was not as clear.  I spent several minutes attempting to copy some files via FTP and TFTP without any indication from Yoggie that it was blocking the traffic, either actively during the action or passively during in the log files.  Still, disabling the Yoggie appliance resolved my connectivity issues, so I can only assume that the appliance was the cause of those troubles. 

The folks at Yoggie make grand claims about performance impact of their device, specifically that the impact is virtually zero on the computer.  And while I generally found this to be true, I also found that there was a bit more to it.  While the Yoggie was enabled I found that download speeds on my cable modem connection were significantly impacted:

Not only was the performance impacted by ~35% for bandwidth and way worse for the ping test but the appliance actually prevented the upload speed test from running. And again, it did so without any useful information to me as a user.  I was concerned that it would prevent general file uploads via web connections and confirmed that to not be the case - I was able to upload flies just fine using web forms or ActiveX controls, but there remained some questions in my mind at this point.

I took a look at the UI to confirm the settings and found the dashboard interface to be pretty, but not really all that useful:

The gage indicators are easy to understand, but even the detailed logging still didn’t contain information about the actions that the device had taken.

I had to head in to the office at this point and pulled the device out for the travel.  Upon connecting to the office network I quickly learned that the network shim remains active, even when the appliance is removed.  This meant zero network connectivity if it wasn’t plugged in.  I like this configuration as it allows for administrative control over the appliance setup and prevents users from overriding those settings without permission.  As an added bonus, if you’re deploying a lot of these appliances you can configure them to receive their configuration instructions from a central source rather than individually programming them.  This is a huge benefit for enterprise environments.

I disabled the device for a bit to get some real work done since I didn’t have time to worry about testing it for a couple hours.  This is when things started to go VERY wrong for me.  I experienced three Windows crashes (Blue Screen of Death) in the next 8 hours of system usage.  These were the first BSoDs I’ve had on my Vista laptop in months, if ever.  All of the crashes indicated device driver issues and all happened with the Yoggie appliance in the disabled mode for the software and the hardware not connected at all.  I cannot say for certain that the Yoggie caused these crashes, but it is the only thing I changed on my system.  I also noticed that each crash was triggered by my initiating a network connection to a web site or other service, which means that the Yoggie Gatekeeper was involved in the action.

I didn’t get to test the built-in Anti-Spam or Anti-Phishing tools since I don’t have any accounts that would need extra protection there.  And I have no idea what a “Layer-8 Security Engine (TM)” is since last time I checked there were still only 7 layers in the OSI model.  I also don’t know what “PENTAGON LEVEL security protection” is, so I cannot evaluate how well they performed on that front.  The Anti-Virus is only active on the network connection, so if you use a USB-drive or other means to bring files onto your computer you are not protected there.  That is a benefit of having locally installed AV software installed, though there are the obvious performance issues there as well.

Overall I was not particularly impressed with the Yoggie Gatekeeper Pico appliance.  For very basic usage by non-technical users it probably would provide OK protection, but without indications that it is intercepting traffic, users would likely get very frustrated very quickly if things stop working.  For someone more technically inclined it seems that the interruptions in service would be more pronounced and more frustrating, though hopefully those users would know how to get around the issues.  I love the concept of the security appliance that you take with you, but this one seems to miss on the implementation, at least on my laptop.

• 0 Comments

If you thought that the new laptop search rules were baloney, then this new proposal will really anger you.

Members of the G8 plan to meet in Tokyo in July to discuss a new measure that will turn customs agents into copyright inspectors/police who’ll have the authority to take a closer look at your iPod or other electronic device.

The proposal is dubbed the "Anti-Counterfeiting Trade Agreement" (ACTA) and will give customs agents the power to levy fines and seize equipment.

I’m not entirely sure how a customs agent plans to determine that the content on my iPod is illegal, but I can’t say I care for the direction this is heading, as more big brother tactics at the airport won’t help anyone.

Source: 9to5mac

• 0 Comments

With all the recent hullabaloo about US Customs officials no longer needing "probable cause" to search the contents of your laptop, the EFF (Electronic Freedom Foundation) have put together their own list of tips and advise on how to safeguard your data, and keep sensitive stuff out of reach of the Government.

Some of the tips have been covered here before, but it’s always good to hear the thoughts of an organization like the EFF.

Source: eff.org

• 0 Comments

Egrips non-slip strips are custom cut plastic strips that attach to your gadget(s). Why is this important? Because most gadgets nowadays are nice and shiny, and shiny = slippery. Take for example my BlackBerry 8800;  it’s all nice and slick.

The egrips strips (they call them appliqués) are thin pieces of plastic with a bubbly like grip texture (as you can see in my close-up).

The egrips set for my Blackberry comes in 6 pieces; 2 for the back, 3 for the sides, and one for the front. Once applied you have non-slip protection all around the device.

Read the rest of this entry »

• 1 Comment

If you’ve been keeping up with the news, then you’ll have seen that a recent court ruling has decided that it is no longer required to have "probable cause" to check the contents of your laptop. When you pass customs and immigration upon entering the USA they are free to inspect anything/everything on your machine, including any confidential files.

If you think it doesn’t impact you, then check out this discussion. In the coming days I’ll put together an article suggesting some ways you can keep your files safe, and possibly even prevent Customs from seizing your laptop.

• 3 Comments