Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Wanna Hear A Bad Idea? Wireless USB Thumb Drives.

Word on the street is that a company called Touch360, a self-described company of "explorers, innovators, creatives, and researchers with a yen for adventure," has apparently developed a wireless USB thumb drive. Data thieves everywhere, rejoice, because soon your victims will just walk to within range of your laptop and you'll be able to suck all the data off their thumb drive.
I???ve discussed DLP systems quite a bit recently and how they can help you prevent data loss via USB ports and USB thumb drives, but it will be interesting to see how security administrators tackle wireless thumb drives. Without having ever seen a USB thumb drive, it's difficult for me to know which hardware this new device will actually interact with in order for the data transfer to occur. Will the wireless functionality actually be an extension of the USB bus? Or will the data transfer be implemented as some sort of peer to peer wireless network between the thumb drive and host PC?

Either way seems ominous to me from a security perspective. As an attacker, I will either detect your nice new wireless thumb drive as a plug-and-play-aware piece of hardware, or I will see it broadcasting via some 802.11 compatible wireless protocol. Now I'm going to assume that the security implications of such a device were well thought out by Touch360, but then again, I don't imagine that the target market is Enterprise IT. Consumers generally don't care much for security, because they don't generally have the understanding or wherewithal to properly protect their data. And given that people seem to leave thumb drives around like they do pennies, any technology that can further enable data theft is obviously a bad thing.

Using Bluetooth for data communication would certainly appease my security concerns, but not many laptops nowadays have built-in Bluetooth, and a Bluetooth-enabled USB key would certainly cost more. And if it is Bluetooth, hopefully the manufacturer sets the pairing key to something other than 0000. It's bad enough that every time I do a Bluetooth scan on my phone, I seemingly detect 15 Bluetooth-enabled keyboards, mice, computers, and headsets.

Now that I'm done complaining about this new product genre, I'd love to try one out!!!!!! Touch360, if you're reading this, feel free to send me a few free units for demo! I'll ship them to the first readers who speak up here and voice their interest.