Aloaha

Aloaha is a privately owned company with offices in Ibbenbueren, Germany. Their document and security products have been used extensively in various areas.

Contents

Overwiew

Aloaha manufactures a range of secure USB flash drives in sizes ranging from 4 GB to 32 GB. All drives contain the same level of hardware smart card encryption and are structured with one partition holding an encrypted drive image for the secure area. It includes a portable version of Mozilla Firefox, Mozilla Thunderbird, Password Safe (an account/password management software), and Tor along with anti-malware software.

One of the key design features of the Aloaha Secure Stick is a self-blocking mechanism which activates after the user enters his PIN incorrectly a certain number of consecutive times.

Another key feature is the capability to boot an encrypted OS directly from the stick if the Host OS supports booting from USB.

Bundled software

The inbuild Aloaha Smartcard Middleware (Aloaha Cardconnector) supports currently approx. 45 different smart cards.

The open source Tor anonymizer network is offering the end-users a secure and private web browsing by routing network traffic through a random selection of nodes.

Password Safe is a password management tool. The Password Safe stores the passwords of a user in a smart card encrypted format on the device, and connects to Mozilla Firefox and Internet Explorer, allowing automatic logins. This prevents malware from simply copying an account database off the device for a later attack. Passwords are only visible in memory for a matter of seconds while being populated onto the web form.

Aloaha Crypt is the hard drive encryption software responsible for the encryption of the stick.

Hardware

All models of Aloaha share the same case design. Aloaha utilizes a strong outer casing to protect against physical damage, and the internal components are sealed with an epoxy-based potting compound to protect against tampering as well as increase waterproofing, along with increasing the device's strength. Additionally, there is a coating over the chipsets that senses any tampering by a change in the electrical impedance. It tends to be a bit larger and heavier than most current flash drives.

Supported smart cards

Encryption

Aloaha Secure Stick (released in 2005) uses AES 256-bit CBC encryption together with smart card based RSA hardware encryption.

Operating system support

The supporting software is available to Microsoft Windows (specifically Windows 2000 SP4, Windows XP SP2, Windows Vista, Windows Server 2008 R2 and Windows 7) users.

Partnerships

Omnikey/HID Global has partnered with Aloaha to produce the Aloaha Secure Stick.

Competing products

Secure flash drives have become more common in recent years, following increases in reports of drives and laptops with confidential data being lost or stolen.[1][2][3][4] Most of the larger flash drive manufacturers have released similar products with varying feature sets; some of the more well known examples of which are:

A security flaw disclosed in January 2010 revealed that some Kingston, Sandisk, and Verbatim drives could be decrypted.[6][7] Sandisk and Verbatim both issued a software update to resolve the issue,[8][9] while Kingston offered to replace all affected devices.[10][11]

Alternatively, software based disk encryption systems can be used with any USB flash drive and provide practically equivalent functionality with higher security but at a significantly lower cost.

See also

References

  1. ^ Dayani, Alison (August 29, 2009). "Laptops containing medical details of Birmingham patients stolen". Birmingham Mail. http://www.birminghammail.net/news/birmingham-news/2009/08/29/laptops-containing-medical-details-of-birmingham-patients-stolen-97319-24559290/. Retrieved September 4, 2009. 
  2. ^ "Possible Loss of Personal Identifiable Information" (PDF). Department of Navy. August 2009. http://www.med.navy.mil/sites/pcola/Documents/Possible%20Loss%20of%20Personal%20Identifiable%20Information/Possible%20Loss%20of%20Personal%20Identifiable%20Information.pdf. Retrieved September 4, 2009. 
  3. ^ "Army Guard to inform members of data loss". Army National Guard. August 4, 2009. http://www.ng.mil/features/identity/default.aspx. Retrieved September 4, 2009. 
  4. ^ Wells, David (July 13, 2009). "Canyons School District Loses USB Drive with Sensitive Employee Info". FOX13NOW. http://www.fox13now.com/news/kstu-canyons-school-district-loses-usb-drive-conta,0,110917.story. Retrieved September 4, 2009. 
  5. ^ CoolComputing (2010-01-27). "Kingston DataTraveler 5000 Secure USB Flash Drives Unveiled". CoolComputing. http://www.coolcomputing.com/article.php?sid=3622. Retrieved 2010-05-08. 
  6. ^ Cluley, Graham (January 5, 2010). "Flash drive manufacturers warn: Hackers can decrypt 'secure' USB sticks". Sophos. http://www.sophos.com/blogs/gc/g/2010/01/05/flash-drive-manufacturers-warn-hackers-decrypt-secure-usb-sticks/. Retrieved January 21, 2010. 
  7. ^ Schmidt, Juergen (January 4, 2010). "NIST-certified USB Flash drives with hardware encryption cracked". The H Security. http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html. Retrieved January 21, 2010. 
  8. ^ "Corporate Secure and Coporate Secure FIPS Edition USB Drives". Verbatim. http://www.verbatim.com/security/security-update.cfm. Retrieved 2010-05-08. 
  9. ^ "Security Bulletin December 2009". Sandisk.com. 2010-04-30. http://www.sandisk.com/business-solutions/enterprise/technical-support/security-bulletin-december-2009. Retrieved 2010-05-08. 
  10. ^ "Kingston's Secure USB Drive Information Page". Kingston. http://www.kingston.com/driveupdate/. Retrieved January 27, 2010. 
  11. ^ "Kingston Digital to Replace Affected Secure USB Flash Drives with Upgraded Security Architecture, New Drives". Kingston. January 13, 2010. http://www.kingston.com/press/2010/flash/01c.asp. Retrieved January 26, 2010. 

External links