While not being a customer of Bank of America (BofA), I am pleased to see that they will be introducing a security feature to protect its online customers from unauthorized transactions – hopefully other American and Canadian financial institutions will also follow their lead and beef up their online banking access to include two-factor authentication. BoA’s service, which will be available at no charge, will be called SafePass. It works by delivering a one-time-use, six-digit code as a text message to customers’ mobile devices that they can use to authorize online transactions.
BoA’s SiteKey security feature, which includes an image, a brief phrase and questions that allow customers to confirm they are at the legitimate bank Web site will continue to be available.
A number of personal VPN services are available to protect users of public wi-fi hotspots or even wired hotel networks where data can also be intercepted:
– AnchorFree’s HotspotShield (free)
– HotspotVPN ($8.88-$13.88/month) – PPTP or IPSec
– JWire’s SpotLock ($39/year) being replaced with Hotspot Helper ($25/year or 30 minutes free per day)
– PublicVPN ($59/year)
– Witopia’s PersonalVPN ($39/year) – IPSec
According to PCWorld, next year Seagate plans to ship its Hardware-Based Full Disc Encryption (FDE) technology on its on its upcoming range of 2.5-inch Momentus 5400 series drives (40G-byte, 80G-byte and 120G-byte versions). The FDE technology encrypts the stored data using Triple DES (Data Encryption Standard) but without a performance hit. While there are currently a number of software products that do full disk encryption, they typically need to be installed in the master boot record portion of the hard drive, thereby introducing compatibility problems with certain other software (such as disk imaging/backup software) and extract a performance hit.
One of the best free and open-source VPNs out there is OpenVPN. A client has finally been written to implement OpenVPN on PocketPC devices, including those running Windows Mobile 5.
Phil Zimmerman has finally released the Windows version of Zfone. As previously mentioned, ZFone sets up encrypted communications using the ZRTP protocol between two SIP software clients. The Windows version joins existing version already available for MAC and LINUX systems. While this software will be very handy for two individuals that wish to keep their VOIP communications private, in order to truly bring privacy to the predominantly insecure VOIP industry it is hoped that the protocol will be licensed by VOIP handset manufacturers and SIP telephony service providers.
PC World’s Techlog has a posting about problems experienced by some users with recent Microsoft security patches. To me, this highlights the need to run software on PCs that can allow users to easily roll-back recent changes. While the security fixes cannot be put off indefinitely, this approach at least allows the user to bring the computer back to a functional state while they figure out the cause of the conflict. It is also very useful when any new software is installed that messes up the existing configuration. Examples of products that provide roll-back capabilities include: Farstone’s RestoreIT 7 and Horizon Datasys’ RollBack RX. However, note that most of these types of products alter the boot track of the hard disk and will conflict with any other software that tries to do the same (for example, certain whole disk encryption software or even certain backup programs like Norton’s Ghost (at least the older versions)).
I came across an advertisement for Kanguru‘s BioSTOR, a USB 2.0 hard drive with built-in finger print reader that is used to provide access to the encrypted drive. According to Kanguru, there is no software to install (all the software is contained in the drive) and the data on the hard drive is encrypted and so remains protected even if the hard drive is removed from the device. Sounds like a great product, especially for a road warrior that needs to carry a lot of sensitive data around – except for one thing – according to TigerDirect’s website description, the encryption strength is only 40 bits. So what’s the point?