The Consumer Electronics Show was this week in Las Vegas, and while I didn’t go (do you know how much walking around that involves?) it wasn’t hard to figure out that, with all the music and movies and pictures and so on that consumers are, well, consuming these days that — cloud or no cloud — storage is becoming increasingly important. Plus, to make the CES even more enticing to storage vendors, there’s a whole little show within a show, Storage Visions, held just before CES. “Petabytes are the new terabytes!” it proclaimed.
Besides, CES is typically a hardware show. It’s always been all about the gadgets, and the more extreme the better: bigger, smaller, harder, softer, faster.
Which brings us to the Kingston DataTraveler HyperX Predator 3.0, a thumb drive that holds a terabyte of data.
A. Terabyte. On. A. Thumb. Drive.
You know, just a year and a half ago I was whining because I wanted a terabyte on a laptop. Now I can put a terabyte in my pocket? (Despite its name, it doesn’t seem to have any particularly aggressive features.)
It’s expected to ship sometime this quarter for an undisclosed price, but as the New York Times points out, a 512-GB version available now costs $1,750. (In comparison, a 1-TB internal or external drive is less than a hundred bucks these days, and I still remember when a 10-MB hard drive was as big as the PC and cost as much and by the way, what are you kids doing on my lawn?)
Of course, as people have pointed out, such a gigundo thumb drive has its own problems, not the least of which is what happens and you run it through the laundry (my big fear), lose it out a hole in your pocket, or get a virus on it.
As much as the size, people were also impressed by the speed — which reportedly reads at 240MB/s and writes at 160MB/s. This is because it uses USB 3.0, which itself is expected to have its speed doubled, to 10 Gbps, in a year or so.
That wasn’t all the storage news at the show, but of course most other announcements pale in comparison:
*What do they say about guys with big thumbs? Why, big thumbs, big gloves. What did you think I was going to say?]]>
We learned about “dead drops” (at least, those who didn’t know about them already) a few weeks ago with General Petraeus got caught exchanging messages with his mistress by leaving messages in draft form in a shared Gmail account. But there’s another kind that offers a lot more possibilities — and risks.
It all started in October, 2010, when Berlin-based media artist Aram Bartholl came up with the idea as an art project: Install a USB flash drive in a wall, and people could freely upload and download art from it. He started out with five USB dead drops in New York, and posted a website with instructions, including an instructional video.
“Dead Drops is an anonymous, offline, peer to peer file-sharing network in public space,” reads the Dead Drop Manifesto. “Anyone can access a Dead Drop and everyone may install a Dead Drop in their neighborhood/city. A Dead Drop must be public accessible. A Dead Drop inside closed buildings or private places with limited or temporary access is not a Dead Drop. A real Dead Drop mounts as read and writeable mass storage drive without any custom software. Dead Drops don’t need to be synced or connected to each other. Each Dead Drop is singular in its existence. A very beautiful Dead Drop shows only the metal sheath enclosed type-A USB plug and is cemented into walls.You would hardly notice it. Dead Drops don’t need any cables or wireless technology. Your knees on the ground or a dirty jacket on the wall is what it takes share files offline. A Dead Drop is a naked piece of passively powered Universal Serial Bus technology embedded into the city, the only true public space. In an era of growing clouds and fancy new devices without access to local files we need to rethink the freedom and distribution of data.”
The idea exploded, and soon there were USB flash drives poking out of walls (and dogs) all over the world. Srsly, there’s more than 1100 of the things out there, according to the most recent map, ranging from New York to Toronto (where it contains porn and recipes) to New Zealand. (And those are just the public ones.) There’s also apps to tell you where Dead Drops are, as well as a Flickr set and a Twitter feed. (In addition, there’s wireless ones and DVD ones being set up as well.)
Certainly the serendipity of these little data glory holes is high. It’s basically superduper high-tech geocaching. Just think of the data, good and bad, that could be exchanged: Pictures, movies, building plans for terrorists, porn, Anonymous plans, Wikileaks data… They’re even being used to generate fiction. Honestly, I’m surprised it hasn’t shown up in a Will Smith movie yet.
Needless to say, the whole process, like any USB stick, is fraught. What keeps people from downloading something like a virus (which was raised as a concern almost immediately) or child porn onto their laptops? (I cringe every time I see a picture of someone with their laptop plugged into one of these things, and hope that at least it’s a junk laptop devoted to the purpose.)
For that matter, what keeps someone from uploading a virus, and from there spreading it around the world? Recall that the Stuxnut virus was spread through USB flash drives enticingly scattered around. Set up something like this at Burning Man with a virus and you could shut down all of Silicon Valley by mid-September.
On the other hand, in a day and age where governments are shutting down the entire Internet in their countries, the notion of a way for rebels to exchange information in this clandestine way sounds pretty darn cool. What a great way for Mr. Phelps to get information — though of course you’d have to make sure that the government hadn’t set up its own USB dead drop to try to catch you. Or for people trapped in a country to get information outside the country — post a code message to Twitter and wait for someone with a tablet and a USB port to come along.
Or maybe I’ve just seen Red Dawn too many times.]]>
Ponemon, which performed the study on behalf of Kingston, a manufacturer of encrypted USB thumb drives, did not fully describe its methodology, but said it had surveyed 743 IT and IT security practitioners with an average of 10 years of relevant experience.
Interesting tidbits from the survey include the following:
This isn’t new; there’ve been numerous incidents of data loss via USB memory stick, either by losing them or by theft, ever since the handy little things came out. But those have been largely anecdotal reports, while this was a more broadly based survey.
And that’s just data going out. Another issue is that of malware coming in, also via thumb drive. Again, we have heard of anecdotal incidents, but the survey also reported that incoming security was an issue as well.
“The most recent example of how easily rogue USB drives can enter an organization can be seen in a Department of Homeland Security test in which USBs were ‘accidentally’ dropped in government parking lots. Without any identifying markings on the USB stick, 60% of employees plugged the drives into government computers. With a ‘valid’ government seal, the plug-in rate reached 90%.”
For example, the survey found that free USB sticks from conferences/trade shows, business meetings and similar events are used by 72% of employees ― even in organizations that mandate the use of secure USBs. And there’s not very many of those: Only 29% felt that their organizations had adequate policies to prevent USB misuse.
The report went on to list 10 USB security recommendations — which many or most organizations do not practice:
1. Providing employees with approved, quality USB drives for use in the workplace.
2. Creating policies and training programs that define acceptable and unacceptable uses of USB drives.
3. Making sure employees who have access to sensitive and confidential data only use secure USB drives.
4. Determining USB drive reliability and integrity before purchasing by confirming compliance with leading security standards and ensuring that there is no malicious code on these tools.
5. Deploying encryption for data stored on the USB drive.
6. Monitoring and tracking USB drives as part of asset management procedures.
7. Scanning devices for virus or malware infections.
8. Using passwords or locks.
9. Encrypting sensitive data on USB drives.
10. Having procedures in place to recover lost USB drives.