USB stick security suite puts squeeze on software

Yoggie Pico offers baker's dozen


Security startup Yoggie Systems has squashed 13 security applications - covering functions such as personal firewall, anti-spam, and anti-virus - onto a USB stick.

The Yoggie Pico is a slimline version of the firm's existing line of hardware security products (targeted at home office, road warrior, and consumer markets) as an alternative to conventional software security suites. Like its larger siblings, the Pico features 13 security applications on hardware running Linux. The Pico uses an Intel 520MHz PXA270 processor, a part more commonly found in recently released smartphones.

Once installed on a PC, all network traffic is run through the Pico, where junk mail and hostile traffic is blocked. This operation results in little or no latency, according to Yoggie, which touts the ease of use and performance advantages of the approach.

The device offers a full security suite on a USB stick with a raft of security defences more commonly only available to corporate intranets, business workers on the road, or consumers. Yoggie points out that software security products can be time consuming to install, difficult to manage, and subject to clashes with other applications. In addition, the hardware-based approach boosts the performance on either laptops or desktops by saving CPU, memory, and disk space.

On release, the Pico only works with Windows boxes (wags might say that's where it's most needed). Yoggie plans to develop Linux and Mac drivers. Yoggie Pico will go on sale from yoggie.com and through leading PC retail outlets round Europe and the US from September 2007 at a cost of around $179 (for consumer versions) and $199 (£106) for its enterprise equivalent.

All-in-one security appliances (so called God-boxes) have become popular in the enterprise and Yoggie is repurposing this approach - first with its existing Gatekeeper series and now with its little brother, the Pico. Described as a miniature computer, it runs a raft of applications including anti-spam, anti-virus, anti-phishing, anti-spyware, intrusion protection, firewall, web filtering, and a VPN client. Some of these applications were developed in-house, whereas others are licensed from third party vendors (e.g. Kaspersky for anti-virus, MailFrontier for anti-spam). Signature files are updated hourly.

For parents, the device offers the benefits of easily preventing unprotected or unauthorised net access. Removing the Yoggie Pico from the computer stops all network connections.

The Yoggie Pico comes in two flavours - the Yoggie Pico Personal for the consumer market and the Yoggie Pico Pro for the enterprise market. The latter features management hooks so the technology can be centrally controlled.

Performance problems after loading security products (to say nothing of security glitches) remain a bane in the life of Windows users, so handing over these functions to separate hardware certainly has its appeal, providing Yoggie is right about its claims that no latency is introduced. For organisations that have banned the use of USB ports on corporate machines using software, or gone even further by gluing them shut out of fears of data theft, the Pico-approach runs foul of other security policies so isn't an immediate option.

In the consumer market, price and a solid distribution strategy are all important factors. The promise of hassle-free hardware security is an interesting one. A retail price of £95 ($179) with licensing from year two at £16 ($30) works out at a bit more expensive than three security software packages and quite a lot more expensive than a Bluetooth USB adapter or wireless router, for example.

For what it offers, the Pico is competitively priced so much depends on whether it lives up to the promise of hassle-free computing. ®

Similar topics


Other stories you might like

  • Symbiote Linux malware spotted – and infections are 'very hard to detect'
    Performing live forensics on hijacked machine may not turn anything up, warn researchers

    Intezer security researcher Joakim Kennedy and the BlackBerry Threat Research and Intelligence Team have analyzed an unusual piece of Linux malware they say is unlike most seen before - it isn't a standalone executable file.

    Dubbed Symbiote, the badware instead hijacks the environment variable (LD_PRELOAD) the dynamic linker uses to load a shared object library and soon infects every single running process.

    The Intezer/BlackBerry team discovered Symbiote in November 2021, and said it appeared to have been written to target financial institutions in Latin America. Analysis of the Symbiote malware and its behavior suggest it may have been developed in Brazil. 

    Continue reading
  • Now Windows Follina zero-day exploited to infect PCs with Qbot
    Data-stealing malware also paired with Black Basta ransomware gang

    Miscreants are reportedly exploiting the recently disclosed critical Windows Follina zero-day flaw to infect PCs with Qbot, thus aggressively expanding their reach.

    The bot's operators are also working with the Black Basta gang to spread ransomware in yet another partnership in the underground world of cyber-crime, it is claimed.

    This combination of Follina exploitation and its use to extort organizations makes the malware an even larger threat for enterprises. Qbot started off as a software nasty that raided people's online bank accounts, and evolved to snoop on user keystrokes and steal sensitive information from machines. It can also deliver other malware payloads, such as backdoors and ransomware, onto infected Windows systems, and forms a remote-controllable botnet.

    Continue reading
  • Symantec: More malware operators moving in to exploit Follina
    Meanwhile Microsoft still hasn't patched the fatal flaw

    While enterprises are still waiting for Microsoft to issue a fix for the critical "Follina" vulnerability in Windows, yet more malware operators are moving in to exploit it.

    Microsoft late last month acknowledged the remote code execution (RCE) vulnerability – tracked as CVE-2022-30190 – but has yet to deliver a patch for it. The company has outlined workarounds that can be used until a fix becomes available.

    In the meantime, reports of active exploits of the flaw continue to surface. Analysts with Proofpoint's Threat Insight team earlier this month tweeted about a phishing campaign, possibly aligned with a nation-state targeting US and European Union agencies, which uses Follina. The Proofpoint researchers said the malicious spam messages were sent to fewer than 10 Proofpoint product users.

    Continue reading

Biting the hand that feeds IT © 1998–2022