Saturday, August 13, 2005

WirelesspclockLast year, I picked up a couple Wireless PC Lock devices, to see if they'd work in a business environment to control workstation security. What I found was that I'd purchased what seemed to be some cool hardware, packaged with really crappy software. In fact, the software was so bad, it made the hardware pretty much useless. Useless doesn't help in the security world, so I was disappointed overall.

Then about a week later, I discovered that Bryan Batchelder, another security type, had also picked one up, reverse engineered how it works, and written his own software for it. Bryan's software was a vast improvement - measurable in orders of magnitude - over the software that shipped with the hardware.

Then Scott Hanselman, a coworker and friend of mine, found the device and software and decided to contact Bryan and work with him to use take it to the next level, using the new .NET Framework v2.0, to control and take advantage of the hardware.

And today, a new article was published that Scott wrote for hobbiest programmers, as an installment in his excellent "Some Assembly Required" series on Microsoft's MSDN Coding4Fun site. The article is entitled, "Is that you? Writing Better Software for Cool USB Hardware." In this edition, Scott explains how the new software, built from Bryan's base, is made and how it can be extended by anyone who wants to (since it's an open source program published on SourceForge).

UsbwirelesssecuritytrayI've installed the new software myself (after downloading and installing the .NET v2.0 Beta 2 framework) and have it running, and I can tell you this: The new software really shows how cool the hardware is, as opposed to the original software, which made the hardware look sloppy and bad.

The hardware consists of a USB stick (it looks much like a USB storage device) and a small round button you can hang on your keychain (or wherever). With the new software, a tiny green icon appears in the Windows status notification area (the tray) and flashes to show you it's getting a heartbeat from the key fob button. If you turn the button transmitter off (it lasts for-freakin-ever on one battery, mine's almost a year old and it's still going strong), the software on the compute notices and does whatever it's configured to do. The image below gives you an idea of the things it can do out of the box, and it's plug-in-able, so if you want something else, you can go build it.

Hmmm, gotta go see if I can learn enough to be able to write a plugin now. 

     Usbwirelesssecurity



Add/Read: Comments [4]
Geek Out | IT Security | Tech
Saturday, August 13, 2005 9:40:11 AM (Pacific Standard Time, UTC-08:00)
#  
Friday, January 13, 2006 11:36:12 PM (Pacific Standard Time, UTC-08:00)
Hi

Aldi (www.aldi.com.au) is currently flogging off these in australia for $10!! which is like USD7.5 or something!! Cheap!!

I bought one and also found that the software is not very good (read: absolutely sucks!). In my searches I came across this little piece of software, however it seems a bit buggy (immediately caused skype.exe to hang) but the concept is there and a LOT could be done with it.

What I really like about your software is that it locks the machine using the regular windows interface... however, it doesn't unlock it again. There must be a way to ask the user for their password, encrypt it and save it and then automatically enter is when the user gets back to the machine.

Can I help? I've never used dotNet before, but do a lot of VB scripting at work and could learn the rest.

Cheers,

Matt
Matt
Thursday, February 02, 2006 2:30:30 PM (Pacific Standard Time, UTC-08:00)
Unfortunately, the transmission has no encryption so it's quite easy to catch the transmission and send it back to the computer.
Look at the transmission at
http://usprawnienia.wordpress.com/files/2006/02/PCLock.gif
Regards, Patryk Sielski.
Saturday, June 03, 2006 7:18:15 AM (Pacific Standard Time, UTC-08:00)
If biometrics and iKey software can unlock workstations:
http://www.dekart.com/products/access_control/logon/

Then why can't this be extended to this cheap little device? I understand that the security isn't great, but I guess we understand these risks and accept them - now lets move on and see if we can!

If you notice that the devices have a installation volume; can this be exploited/flashed?
Geoff Downes
Thursday, November 30, 2006 6:50:07 PM (Pacific Standard Time, UTC-08:00)
Crash with norton Ghost 10.0

Name
E-mail
Home page

Comment (Some html is allowed: b, blockquote@cite, em, i, strike, strong, sub, sup, u) where the @ means "attribute." For example, you can use <a href="" title=""> or <blockquote cite="Scott">.  

Enter the code shown (prevents robots):

Live Comment Preview