Tuesday, 29 May 2007

Miniature Security System

I have just had a look at a new type of security device that takes an interesting approach to securing desktop and laptop PCs. The Yoggie Pico is a small USB device that looks like a chunky flash drive but is, in fact, a full Linux system with its own 520MHz processor, RAM and applications.





It starts working when you plug it into a PC. It then starts intercepting network traffic, analysing it using a range of security tools including Kaspersky AntiVirus software; the popular and powerful Snort intrusion detection system; and a range of other programs.



The idea is that, because the tiny outboard computer does all the work, the main PC doesn't have to waste processor time and memory capacity handling resource-hungry desktop security packages.



The device has USB drivers that create a layer between the network drivers and the rest of the Windows operating system. This means that it can watch all of the data flowing between the PC and the internet and, when the gadget is removed, the computer loses its network connection.



This is a really interesting idea, although the network is only one way that viruses and other malware can enter a system. Such a device does provide home users with a similar security model to that used by some big companies, whereby a perimeter of systems includes anti-malware measures to prevent bad files from even reaching the user's computers.



Using layers of defense is much better than relying simply on desktop software, particularly as some programs are less effective than others. Using more than one is better in theory, but this can slow down a PC quite dramatically and may even cause instability. Not only that, but the people who write malware are increasingly adding 'features' that attack anti-virus programs. Running an anti-virus system externally to the PC takes the pressure off your computer and increases the chances of detecting malware.



Postscript:
During this meeting, Yoggie's founder and CEO Shlomo Touboul showed me his specially-unlocked version of the product, which allowed him to log into the device using SSH and to run standard Linux commands. Geeky and/but fun.