Networking

IronKey: Simple, safe, and secure surfing over Wi-Fi

The IronKey USB flash drive is a very secure data storage device with virtually fool proof encryption and password protected access. I would like to discuss another equally interesting feature of IronKey that allows simple, safe, and secure web browsing.

Fellow TechRepublic writer Paul Mah has written a great post, "Secure your data on the go", that explains why the IronKey USB flash drive is a very secure data storage device with virtually foolproof encryption and password-protected access. I would like to discuss another equally interesting feature of IronKey that allows simple, safe, and secure Web browsing.

"Simple, yet secure"

For a very long time I have been trying to find a "simple yet secure" way for road warriors to browse the Web while on the road. As I see it, there are two key requirements to achieving a "simple yet secure" answer. First, the setup process required by the road warrior wanting to browse the Web must be simple or the road warrior will not use it. Second, the underlying network technology has to be secure or the IT department will not allow it to be used.

Simple yes, secure no

The ultimate in "simple" would be to allow the road warrior to just plug into an open Ethernet port or associate with an open Wi-Fi network at the hotel or hotspot. That's all there is to it, with the road warrior happily surfing away. So what's wrong with this picture? We all know that an unencrypted data stream is what's wrong. There's a multitude of ways to capture network traffic, allowing most anyone the ability to reconstruct the data stream, or even worse, learn username/password combinations used by the road warrior.

Secure yes, simple no

Most would agree that the ultimate in "secure" is having the road warrior use a VPN application after plugging into an open Ethernet port or associating with an open Wi-Fi connection. The encrypted data stream will appear as gibberish to anyone capturing the network traffic. Well, this sounds great --why not just use a VPN all of the time? If it were only that easy. VPN applications have additional requirements that may not be enabled on the network being used by the road warrior. For example, certain additional ports may have to be opened and the network needs to be able to handle added management overhead created by the VPN.

What if?

So VPN technology is secure, allowing the road warrior access to the company network as well as the Internet through the company firewall. What if the VPN will not set up or authenticate correctly using a certain hotspot? Or what about the road warriors that are not part of a business entity that has VPN service? Is it OK to just plug in and open the Web browser? As we know -- it is not, but that is exactly what happens. There is just no way around it. Or is there?

Actually there are several methods to secure Web browsing when you are using open wired or Wi-Fi networks. The problem is that they usually require adding client software, and require payment to the party supplying the secure service. Examples of this would be Anonymizer and Megaproxy. Both products are secure, but not simple enough for the road warrior to automatically use them.

IronKey comes close

The closest approximation of "simple yet secure" that I have found is the IronKey. Besides creating a secure storage device with bullet-proof access protection, the development team at IronKey has added what they call "Secure Sessions Service" -- described by Dave Jevans CEO of IronKey:

"If you want to surf the Web safely and privately, use your IronKey. With just a click of a button, the onboard Firefox browser enables IronKey's Secure Sessions Service for high-speed, encrypted Internet communications. You can safely tunnel through insecure wireless networks, public Wi-Fi hotspots, and prying ISPs without worry because your traffic will be encrypted and directed through a secure IronKey server. Also, your IP address, geographic location, and other personally identifiable information will be protected as you pass through the Tor network, which IronKey has extended and optimized for speed and security.

If you ran a Web browser from a regular flash drive, you may end up burning out the memory chips. This is because most flash drives use inexpensive flash memory. But the IronKey uses super high-quality SLC NAND flash memory for extended data longevity. These chips have been optimized for speed, giving you a smooth Web experience."

The secret to the success of this approach is that IronKey uses TOR technology but not the TOR Project relay servers. That means the exit point to the Internet is an IronKey server/firewall that is maintained to provide user anonymity and protection from Internet threats.

One of the interesting features of using TOR network technology is the ability to surf without revealing your public IP address. The idea is to bounce the data stream between several IronKey TOR servers and finally exit from the IronKey network. The only visible public IP address is that of the final TOR server. IronKey allows you to decide what servers you would like to use, and you can see the path of the data stream as seen in the example below. If you want to change a leg of the circuit, you just right-click on the line representing it and close it.

tormap.JPG

One unique feature that adds yet another layer of security is the ability to change the visible public IP address at any time during the browser session. You select this feature from the control panel and the IP address is changed as shown in the window below.

differentip.JPG

One negative attributed to networking security applications, is that they increase network management overhead. Developers try to keep this additional traffic to a minimum as it slows data throughput. If data throughput appears to be a problem, you can see the current send and receive rates on an included bandwidth meter. For example, there maybe a slow leg on the circuit and by choosing a different leg, the rates will improve as shown by the bandwidth meter.

bandwidth.JPG

Final thoughts

There are many solutions that achieve an acceptable level of access security for the remote user, but most require a dedicated computer or equipment that the mobile computer connects to. I try hard to remember the mantra of "simple, yet secure" and using IronKey's "Secure Sessions Service" on any available computer seems to come pretty darn close.

About

Information is my field...Writing is my passion...Coupling the two is my mission.

23 comments
info
info

The problem I see with this is that it only secures your connection when using the embedded Firefox browser. So no secure ftp, messenger, IM, Outlook etc. A traditional VPN would secure all your network connections. In addition even though I love Firefox (using it right now) I've run into sites that had problems with it and had to revert to IE.

Michael Kassner
Michael Kassner

I personally do not keep information on any computer, so moving to an IronKey from a regular USB key using TrueCrypt was almost a no brainer for me. I would like to hear what other members think and if this is indeed a device that enterprise entities would use.

Michael Kassner
Michael Kassner

It really is, and the ease of use is what makes it even more valuable. I have already convinced several clients that use VPNs to access their company network to also include the IronKey as part of their kit. Its ability to securely store data as well as allow secure Internet access if the VPN will not setup or if just Internet access is required is an easy sell.

Michael Kassner
Michael Kassner

I agree completely with your assessment. A typical VPN is as you mentioned the best solution, if available. The problem as I mentioned is that it is not available to most people and I think you will agree that it is certainly not simple. IronKey offers an alternative that allows everyone to at least gain secure access to the Web under all conditions. I would estimate that my VPN applications work on less than 50% of the remote locations that I have tried. If I need to access the applications you mentioned I use a function like LogMeIn tunneled through the IronKey's web browser to connect to a server at my office and then use those functions from that computer. One final note is that I have yet to find a location or situation where IronKey was not able to setup up a secure tunnel. To me that is important as it eliminates the risk that most remote users will take because they just need to access the Web.

markm
markm

@MK, I note from the IronKey website that the product has two flavors, Personal and Basic. Basic claims to permit no access to external networks. Thus I assume all your remarks have pertained to the Personal version, but please confirm. Thanks for this valuable info.

itdept
itdept

The Iron key has a virtual keyboard that is suppose to combat key loggers. I have not tried it on a computer with a key logger installed yet.

Michael Kassner
Michael Kassner

Sure, now I've something to read as well. Just kidding, thanks for the link. It looks to be just what I need. I'll probably forget it way too soon though. Getting old.

Michael Kassner
Michael Kassner

I'd appreciate your input. I'm pretty much a network person (15 years since I was focused on systems), so my specific computer knowledge is waning. Let me know what you think.

Neon Samurai
Neon Samurai

I couldn't see the loading mechanism in a ten second scan so I could be way off still. If it's a boot sector infection then the hard drive boot sector would have to be loaded. With a liveCD, I believe the hard drive boot sector is left inactive so you should be good. If it's in the bios and able to become active before the boot sector load then it doesn't matter what OS is booting after it. I'll be reading this white paper in detail when I get a chance though as this is somewhat new to me also.

Michael Kassner
Michael Kassner

I was thinking of the cafe machine being compromised. I've seen so many that were, it's the first thing I think about. And yes the memory snapshot application would load at boot/keylogger application loads at boot and is ready to snare any information it can. This link is where I first read about this: http://www2.nict.go.jp/y/y212/ruo/pdfs/ICISC07_RuoAndo.pdf

Neon Samurai
Neon Samurai

There are just far too many holes waiting to be exploited in poorly managed Cafe provided machines.. I hadn't even considered them as an option in this specific case. And yes, BT3 requires the network to be turned on manually. My only grief with it is not seeming to support the wireless in my T60 but I've not put enough effort into that specific point other than noting that the T60 is not in the list of officially supported notebooks as of the last time I checked. Maybe BT3 picked up support though; it seems odd that thinkpad would be left off the list.

Neon Samurai
Neon Samurai

but how does that malware get there to take the snapshot in the first place? If it's something already infecting the OS on the hard drive, the liveCD doesn't care since it doesn't load the drive stored software. A linux hard drive install may present some risk to a linux based liveCD but the liveCD OS in ram still has to run the software before it can do anything. If it's something in the bios, there's other issues to worry about really but it's loading before the liveCD so potentially, it can get at the active ram. If it's the liveCD that is infected, that means your ISO is compromised, someone swapped bootable CD with you somehow or the repository is infected but those are pretty big challenges for a criminal to work around. The only way onto a clean liveCD booted OS I can think of is through the network so you have to breach the ssh or vpn channel or fool the user into pulling it down through a browser. Once on the local system, it has to become executable (Unix file permissions), then it has to break out of the user account and into something that can view all of your ram. Not impossible by any means but pretty hard from what I can tell.

Michael Kassner
Michael Kassner

Correct me if I'm wrong. A liveCD will still require to use onboard memory. Thus any malware that takes snapshots of the memory will capture your data.

Dumphrey
Dumphrey

and booting from a live cd, whay not go the extra step and pull the HD. This would provide one less area for an exploit to live once in the system. And for the truely paranoid, removing the battery to discharge the capacitors on the mobo would also be a choice. As for cafe computers, I would just assume they are non-trusted. And most cafes get grumpy at you if you try to reboot off a live CD. But in terms of physical machine security Neon, I can't find any obvious holes in your strategy. I alos like backtrack since it requires you to manually bring up your interface (at least the version I have does, has this changed in 3?). And using a VPN on non-standard ports would ensure a certain level of network privacy (this was covered several posts up the chain iirc).

Neon Samurai
Neon Samurai

If I understand correctly, there are only a few ways your going to capture an image of the ram. Cold boot ram attacks are the first that come to mind but you'd have to get ahold of the machine within minutes of it being shutdown. Keep your notebook physically secure and you should be good for this one. A bios infection would be an issue for anything loaded after the bios so that would be able to hit any liveCD you used. Malware on the hard drive is negated since your loading from liveCD and probably an OS the harddrive malware doesn't work with. In similar fashion, a preinfected liveCD has you from the start but that'd be a heck of a trick to comrpomise the ISO in repository or already in your possession. I wouldn't recommend DVL of course. I'm still more the Backtrack or Mandriva One type if I can't install on the drive unless I require one of the more specialty liveCD tools. You also have the chance of drive by websites depending on browsing habits. I can see that being a way into the OS once the clean image is booted into memory. My paranoid approach would be my trusted flashdrive and a liveCD distro without enabling the physically switched wireless nic. Also being aware of what angles my screen is visible from and who is checking it out. No network connection, tools clean from liveCD boot, saved data on trusted flashdrive; I think that would cover a temporary work space in an untrusted environment. Generally, outside of physical thieft of the flashdrive or notebook, I think your good with a liveCD meant for desktop/workstation use; no listening ports open, clean image loaded into memory. Anyone out there think of a way in I'm missing?

Michael Kassner
Michael Kassner

Is it possible to take snapshots of memory? If so, wouldn't the LiveCD route still be vulnerable? I like that idea and have used MojoPac on occasion for that very reason. A friend told me that logging memory still makes that vulnerable as well.

Neon Samurai
Neon Samurai

Keyloggers will be in the form of malware or a hardware addition. In the case of hardware loggers, you just need to check the keyboard cable all the way back to the computer socket and confirm that there is no extra bit of hardware. If someone has placed a hardware keylogger inside your machine (eg. within the notebook chassis), you've got far bigger issues to attend too. ;) In the case of software, you could negate it with a liveCD since you get a fresh OS install each reboot. With your data on the ironkey, there is no need to access the hard drive or any malware that didn't load into memory with it not being booted. Granted, it's not nearly as comfortable as having a harddrive installed OS to work from but if your working some place that untrusted it may be worth considering.

Michael Kassner
Michael Kassner

The Ironman key is a great product for everything, except what you are asking about. Key loggers are a real problem and I don't have a solution for them. I'd like to learn more about your travels and what you use. I'm a road warrior as well, yet I try to at least have one computer with me that is trustworthy. Also, I hate to admit to the extravagance, but I have an AT&T as well Sprint data card and between the two I get access and the inherent amount of security. I'd love to hear of some sort of application that was capable of determining if there was an active key-logger on the system in question. As an aside, it must be just absolutely amazing to be based out of Singapore

aumnx
aumnx

Thanks Michael for going over the IronKey product. It looks ideal in many situations for me. It reminds me to some extent of the Realmsys product of a couple of years ago (company dissolved from what I've gathered.) However, I still worry about keyloggers. Can you confirm that IronKey can't really get around those either? From all I've researched, nothing can get around them. I 'backpack' a good deal and frequently use internet cafe's. My policy is to never use cafe's for anything sensitive including banking web sites. There is simply no safe way to use them or is IronKey (personal- with the Firefox app hosted) the answer?

Michael Kassner
Michael Kassner

The personal version is the one you want. The basic model is used for authentication and enterprise situations. I hope it works out for you, I have several at clients and of my own. If you have any more questions regarding the IronKey, just let me know.

Editor's Picks