Careers & Certifications

05:27 PM
Randy George
Randy George
Commentary
Connect Directly
LinkedIn
RSS
E-Mail
50%
50%

Wanna Hear A Bad Idea? Wireless USB Thumb Drives.

Word on the street is that a company called Touch360, a self-described company of "explorers, innovators, creatives, and researchers with a yen for adventure," has apparently developed a wireless USB thumb drive. Data thieves everywhere, rejoice, because soon your victims...

Word on the street is that a company called Touch360, a self-described company of "explorers, innovators, creatives, and researchers with a yen for adventure," has apparently developed a wireless USB thumb drive. Data thieves everywhere, rejoice, because soon your victims will just walk to within range of your laptop and you'll be able to suck all the data off their thumb drive. I???ve discussed DLP systems quite a bit recently and how they can help you prevent data loss via USB ports and USB thumb drives, but it will be interesting to see how security administrators tackle wireless thumb drives. Without having ever seen a USB thumb drive, it's difficult for me to know which hardware this new device will actually interact with in order for the data transfer to occur. Will the wireless functionality actually be an extension of the USB bus? Or will the data transfer be implemented as some sort of peer to peer wireless network between the thumb drive and host PC?

Either way seems ominous to me from a security perspective. As an attacker, I will either detect your nice new wireless thumb drive as a plug-and-play-aware piece of hardware, or I will see it broadcasting via some 802.11 compatible wireless protocol. Now I'm going to assume that the security implications of such a device were well thought out by Touch360, but then again, I don't imagine that the target market is Enterprise IT. Consumers generally don't care much for security, because they don't generally have the understanding or wherewithal to properly protect their data. And given that people seem to leave thumb drives around like they do pennies, any technology that can further enable data theft is obviously a bad thing.

Using Bluetooth for data communication would certainly appease my security concerns, but not many laptops nowadays have built-in Bluetooth, and a Bluetooth-enabled USB key would certainly cost more. And if it is Bluetooth, hopefully the manufacturer sets the pairing key to something other than 0000. It's bad enough that every time I do a Bluetooth scan on my phone, I seemingly detect 15 Bluetooth-enabled keyboards, mice, computers, and headsets.

Now that I'm done complaining about this new product genre, I'd love to try one out!!!!!! Touch360, if you're reading this, feel free to send me a few free units for demo! I'll ship them to the first readers who speak up here and voice their interest.

Randy George has covered a wide range of network infrastructure and information security topics in his 4 years as a regular InformationWeek and Network Computing contributor. He has 13 years of experience in enterprise IT, and has spent the last 8 years working as a ... View Full Bio
Comment  | 
Print  | 
More Insights
Cartoon
Slideshows
Audio Interviews
Archived Audio Interviews
Jeremy Schulman, founder of Schprockits, a network automation startup operating in stealth mode, joins us to explore whether networking professionals all need to learn programming in order to remain employed.
White Papers
Register for Network Computing Newsletters
Current Issue
Video
Twitter Feed