Yubico YubiKey 4 appears to be an excellent device for a two-factor authentication solution. Two factor authentication means you need two things before gaining access. In this case, one piece of information is your password and the other piece is your finger print.
If you are using a password manager right now, (ie. Last Pass, Dashlane, etc) I would recommend getting this. The benefit of this device with a password manager is you can enable two factor authentication to add a new device capable of signing into your account.
This means if someone knows your password, it doesn’t really matter because they would also need your finger print. Understand that nearly all password managers conform to some sort of security protocol like FIDO U2F, smart card (PIV), OpenPGP, etc which in turn works with Yubikey.
With USB flash drives becoming a big threat to companies for spreading viruses and data slerping it’s smart to take some precautions about how employees use USB ports. I think NZXT Bunker understands that.
NZXT introduced the Bunker which is a 5.25 inch bay with 4 USB ports neatly placed behind a locking front door. Now you’ve got physical security against USB abuse. Granted it still wont stop those with access to spread a virus, intentionally or not, or perform some IP data slerping, but at least it’s a strong deturant.
EverythingUSB made a great quote about this:
As anyone who has ever gone to a LAN party knows, you need to watch your stuff or else something is just as likely to go missing! It really is a sad state of affairs, but the truth of the matter is you don’t bring any expensive peripherals to a LAN party unless you are willing to keep them on your person at ALL times.
The NZXT Bunker sells for $25 and can be purchased right off their site.
Banking giant UBS started deploying a device from IBM which ensures online banking transactions aren’t being manipulated by on-line hackers.
IBM’s ZTIC (Zone Trusted Information Channel) is a smart-card reader that attaches to computer via a USB cable. During an online banking transaction, it bypasses the Web browser and makes a direct connection with the bank. The connection is an industry standard SSL (Secure Sockets Layer) which enables the user to enjoy a secure link between their computer and the bank server.
What is great about the USB secure product is that a hacker could not cloak a transaction via the web and show the user a transaction of one amount, while robbing them blind with a different amount as the “actual” transaction.
What is funny about the UBS press release is the following:
If the transaction has been hacked and the account number is different, the customer can abort the payment by hitting a red “x,” or a green check if it’s fine
Well…if they knew the transaction was hacked, wouldn’t they stop it anyway?
Another nice feature of the UBS secure USB device is that a keylogger could not record keystrokes because the sync process between the user and bank happens through the UBS device, no account numbers are used or typed.
You learn something new every day. Today I learned that Sony has been working on a new bio technology that reads vein structure of a human hand. The project is called “Mofiria.”
Object behind this project is taking the biometric finger reading technology one step further, and using vein structure as the authentication code [after all we have all seen movies where a fake silicon finger gets the burglars in].
So now the biometric technology is all buttoned up, Sony developed a USB vein reader that users could implement in the field.
The Windows IceBox is an interesting little tool. It’s a software program which runs from a USB stick that locks down partitions on your hard drive. The concept is that you lock down partitions on your hard drive so that other users, like your kids, don’t get in there and start accidentally deleting important files, registry entries, uninstalling software,etc.
The USB Windows IceBox includes recovery software for your hard drive and has the ability to block virus software or malware programs from getting into your computer.
From my perspective, it’s a nice little tool, but if you have the smarts to partition up your hard drive, you probably have the smarts to create multiple users as well. See the USB Windows IceBox will lock down your partitions when you walk away [certain amount of idle time] but you can do the same thing with User Login priveleges. Just don’t give your kids
A recent study was just released that suggests over 9,000 USB drives are left, lost or forgotten at laundry mats. The study was done to show consumers how easy it is to have valuable information fall into the hands of a stranger.
Even on our best day, accidents happen. A similar study was done with PDA and cell phones left in taxi cabs. That number is close to 6,200 per year.
Given this information and each of us knowing we are not perfect, it is wise to put some encryption on your USB drive or password protect the device. Many times the manufacturer will supply a utility free with the device…don’t try and format it off, rather use it!
David Porter, head of security and risk at Detica, explained that there was only so much that experts and computer systems could do to thwart identity fraud. According to Porter, final responsibility rests with the consumer. “Identity fraud attacks succeed largely because of human fallibility; however there are simple steps that people can take to avoid being caught out by fraudsters,” said Porter.
So take a moment and protect yourself from the accidents of everyday life.