Surfeasy ?

[sid]

Anyone know how (or if) this works? I get asked loads of technical questions simply because I worked in IT, and even though I've been reitred 9 years people still think I'm working at the leading edge! [:D]

One of my UK friends has asked about this product, Surfeasy (Google it) which appears to be a USB key device.

I have no idea how it works apart from encrypting parts of your data transmissions; surely your IP will always know who you are (they provide your access), and what you're looking at?

 

 

[Rabbie]

Looking at their website it looks like something you would use on a public computer or at a wifi website. It seems the USN key has its own pre-installed browser and encryption software so making it hard for people to get your passwords etc.

The only use I can see for it on your home computer is if you visit dubious sites and don't want any evidence on that computer in case you have to hand it in for repair. Not something I know about[:)]

[Quillan]

It has been around a while. Basically it is a browser on a USB stick so not what you might think it would be. Why would you do this? Well by using this product you leave no 'footprint' on any computer anywhere. I have one in my wallet all the time. I have it because I used it before I got a smart phone. It means I can visit any cyber cafe anywhere, plug it in, no install is required and run my Surfeasy browser, check my bank account etc and know for sure there is no keyboard logging and nothing left on the PC. The UK and American military have used a variant for some time which attaches to a predefined secure server using 256 encryption and a use once throw away security key, bit like some banks use for Internet accounts. It (military version) is 'Tempest' compliant and was 'invented' by a chap called Chris Houston in 2003 and 'civil' version was first shown to the public in 2011.

[sid]

OK, I'm getting the drift, thank you, but I can't see a use for it really other than as as you suggested Quillan, using a public PC. And it costs 70$ !  So, am I being a bit thick here; any history on the PC is encrypted but unless you are talking to a site which also uses the same encryption the transmissions must be in plain? So the ISP for example would still be aware, if it had the need, to see where you are connected from, and what you are connected to, and presumably anyone with the skills could also see you on the same local network? For a long time, at one of the places I worked, one of the network specialists used to regularly watch the office traffic because he was tasked with restricting internet access. So many people spend time browsing from the office instead of working! Done it myself. [:$]  Things may have changed since I retired, perhaps it's infringing people's liberty now? [:-))]

[Quillan]

Nothing is put on the PC, it all runs on the USB stick, absolutely nothing is run on the PC with regards to your Internet access. Yes the ISP can see where you are connected and what your connected to but as the data is 256 bit encrypted with a use once key they can't see the content of the data going back and forth. The only people with the type of equipment and programs who could possibly decrypt your data would be a government department like GCHQ in the UK but it would take them a time to crack it even with a Cray.

[Lehaut]

Came across this in a brilliant book I am reading by Daniel Suarez, though he did not coin it. Am using it as my signature!

[Quillan]

[quote user="Lehaut"]Came across this in a brilliant book I am reading by Daniel Suarez, though he did not coin it. Am using it as my signature![/quote]

It is basically a silly statement (not you reading the book I mean) because nearly everything you use these days has some form of computer in it from a lift to a cooker and a washing machine.

[Lehaut]

[quote user="Quillan"]

It is basically a silly statement (not you reading the book I mean) because nearly everything you use these days has some form of computer in it from a lift to a cooker and a washing machine.

[/quote]

We are all entitled to an opinion, silly or not and I would argue that yours just reinforces my point.  The signature is, to me, a  meditation on risk versus

benefit.  It is an idea that we will never be fully secure. If you want to be fully secure, live by Morris's Three Golden Rules.  If not you must accept that you can never be fully  secure and tailor your life accordingly.

I think it was the head of Mossad who said a few weeks ago, if man has made it, we can get inside it.

Anyway, perhaps I am a luddite, the only thing that is attached to our cooker is my wife (or me if it needs cleaning!)

[Rabbie]

[quote user="Lehaut"]Came across this in a brilliant book I am reading by Daniel Suarez, though he did not coin it. Am using it as my signature![/quote] Which leads  to the Golden rules of road safety

1. Don't own a vehicle.

2. Never go near a vehicle

3. Live on a desert island.

About as accurateand realistic as your signature[:D]

[Quillan]

[quote user="Lehaut"][quote user="Quillan"]

It is basically a silly statement (not you reading the book I mean) because nearly everything you use these days has some form of computer in it from a lift to a cooker and a washing machine.

[/quote]

We are all entitled to an opinion, silly or not and I would argue that yours just reinforces my point.  The signature is, to me, a  meditation on risk versus benefit.  It is an idea that we will never be fully secure. If you want to be fully secure, live by Morris's Three Golden Rules.  If not you must accept that you can never be fully  secure and tailor your life accordingly.

I think it was the head of Mossad who said a few weeks ago, if man has made it, we can get inside it.

Anyway, perhaps I am a Luddite, the only thing that is attached to our cooker is my wife (or me if it needs cleaning!)
[/quote]

But excuse me for being perhaps a little thick here but aren't you using a computer to post your comments? Therefore you have a little more than just a cooker and you are breaking Morris's rules. Do you use a phone, have you got a bank account, do you have bank cards, credit cards, do you have either a French or UK store points card or similar. If you have any one of these things you are not secure physically, a lot of people know where you live, know your habits and that information is sold time after time after time.

Perhaps I should add a few of my own. Never travel on a London bus, it might get blown up, likewise the tube. Never fly in a plane, it might crash. Never drive a car, ride a bike nor walk along the side of the road you might injured in a crash or worse.

Of course that is rather stupid really, you know it and I know it but I have said it just to prove a point i.e. it does not always happen and the chances of it happening to you or me is absolutely minuscule.

The use of the statement that Morris made by others is silly because they clearly don't know or understand the context in which it was made and more specifically what it was actually made about which was not about computers in general but something that runs on them. If your interested to know more about it then may I suggest you read the book in which he first said this "Inside Java 2 Platform Security: Architecture, API Design, and Implementation"  ISBN 0-201-78791-1.

[Lehaut]

Nowhere in either of my posts do I advocate NOT using a computer or information input device of any sort. I do point out that, with everything we do in life, there should be an assessment of risk over benefit. I also said that I had come across the quote in a specific book, not the era in which the original quote was made.

The luddite comment I should perhaps point out, was meant as a joke. I fully embrace modern technology in many forms. I assemble computers and have repaired and helped several French families in our village with their computer problems. My wife tracks me on my phone when I go on motorbike tours, with live feed to this computer. I am aware of the risks and benefits and feel I have made a realistic assessment of the benefits it brings me against the risks. Many people don't/cannot. I have been to official presentations here with video projectors run off official computers and you can clearly see the Emule/Bittorrent icons and the folders for music and films on the home screen! I get official emails from the French Defense ministry which shows all the email addresses of the 75 odd people they have sent it to. I stand by my initial point that if you want 100% security then don't use a computer. If you want to use a computer, be aware of the risks, just like driving a car, taking a bus, jumping out of an airplane without a parachute etc...

[Quillan]

[quote user="Lehaut"]Nowhere in either of my posts do I advocate NOT using a computer or information input device of any sort. I do point out that, with everything we do in life, there should be an assessment of risk over benefit. I also said that I had come across the quote in a specific book, not the era in which the original quote was made. The luddite comment I should perhaps point out, was meant as a joke. I fully embrace modern technology in many forms. I assemble computers and have repaired and helped several French families in our village with their computer problems. My wife tracks me on my phone when I go on motorbike tours, with live feed to this computer. I am aware of the risks and benefits and feel I have made a realistic assessment of the benefits it brings me against the risks. Many people don't/cannot. I have been to official presentations here with video projectors run off official computers and you can clearly see the Emule/Bittorrent icons and the folders for music and films on the home screen! I get official emails from the French Defense ministry which shows all the email addresses of the 75 odd people they have sent it to. I stand by my initial point that if you want 100% security then don't use a computer. If you want to use a computer, be aware of the risks, just like driving a car, taking a bus, jumping out of an airplane without a parachute etc...[/quote]

Well likewise my comments were toungue in cheek.

Microsoft automatically creates, since Vista,  folders for music, pictures and music. Having Emule or Zuse is not a crime yet like many you make the immediate jump to them 'obviously' doing something illegal which may not be correct. Sure they can be used for illegal downloads but you cannot just jump to a conclusion that they are being used thus when you see them installed on somebodies computer.

As for the French military and defence organisation it is well know amongst their counterparts that they are very 'insecure' one of the reasons NATO is quite happy they have not been a full member since the 1950's. Sending an email with 75 odd peoples email addresses on it comes as no surprise in fact it is quite typical but that's not the fault of the computer. It is not the computer that is insecure it is the person using it. There are a few people I know who quite frankly should be banned from ever having one.

And yet another side issue I read today that the next version of Facebook for mobile devices will track your position wherever you go even if you are not actually using it. Personally I never use Facebook so it is deleted from my phone. Many people do not know that all new model phones designed and manufactured since 2002 have GPS tracking built in that can be activated remotely by certain government agencies.

Anyway your quite happy with your (incorrect) interpretation of what Morris meant so good for you.

[;-)]

[sid]

Thanks for your input, but it's gone of topic... again. And it comes as no surprise to see how easy it is to innocently open a can of worms on here.

Nevertheless I have sufficient grasp of the "scarmble device" now.

[Lehaut]

Its great to have a robust discussion without descending into abuse and aggression. Thank you. I know what you mean about the French. When I was at sea in SMs, the sound shack said they could hear their SNLEs without using headsets!

Apologies to the OP for going so far off topic!

[AnOther]

[quote user="Quillan"]Many people do not know that all new model phones designed and manufactured since 2002 have GPS tracking built in that can be activated remotely by certain government agencies.[/quote]Don't want to take the topic off at a tangent but I can't let that pass unchallenged, please substantiate !

[Rabbie]

[quote user="AnOther"][quote user="Quillan"]Many people do not know that all new model phones designed and manufactured since 2002 have GPS tracking built in that can be activated remotely by certain government agencies.[/quote]Don't want to take the topic off at a tangent but I can't let that pass unchallenged, please substantiate !
[/quote]Speaking as someone who worked for a mobile phone company I would question whether phone manufacturers would build in GPS capability and not make it available to the phone user. However it is possible to work out the position of a phone by seeing which base stations are receiving signals from the phone. This is not as accurate as GPS but can give you the position to within a few tens of meters. This can be done from the network control centre provided you know the phone number  or the serial number of the phone.