The Ultimate Camouflage for the Digital World

by March 10, 2010 03/10/10

Camouflage is an ancient yet simple concept: make your appearance mimic the environment in which you operate so as to appear part of the background noise of visual, auditory and other sensory tools used by those whose attention you wish to avoid.

The brave new world of the Internet has evolved so quickly though that blending in to a new landscape can be difficult; primarily for the lack of options and the obsolescence of the “old” tools we’ve always trusted.

While none of us would walk around with a Ben Franklin hanging out of our shirt pocket, or leave a credit card lying on the dash of our vehicle, we often ignore effective concealment of our online silhouette while patrolling the now-dangerous world of cyberspace.

Ones and Zeros

The digital world consists of a pattern of 1s and 0s; the secret to camouflaging yourself in this theatre is simply a matter of making the pattern of those digits blend into the background of all the other data streaming through those networks and servers. For most applications this is more a matter of concealment than cover, since you have to expose information such as passwords, account numbers and other identity confirming data to have any success in taking advantage of the cyber world’s bounty.

Therein lies the rub. How do you transfer that information without the prying eyes of online predators?

Let me introduce you to one tool that operates as a “digital camouflage” that allows you to move tactically around the Web.

Iron Key

IronKey is a military-grade security-hardened thumb drive that provides the option of secure web browsing using state-of-the-art 256 bit AES hardware encryption, proxy servers, and a cadre of other secure web options to provide the advantage you need to get down to business without attracting the unwanted attention of online predators.

The beauty of the device is its simplicity and portability; plug it into any computer USB port, private or shared, and you can engage a secure Mozilla Web browser with a TOR proxy server that camouflages your online activities from start to finish. Your banking, Web surfing, e-mails, passwords, etc. still travel over the same Wi-Fi frequencies and channels as before, but now they aren’t identified with you or your computer and they appear as an anonymous stream of data that blends in with all the other information pumping through the same pipeline.

Security

IronKey also offers additional methods of security, after all a thumb drive is easy to lose or leave lying around where the wolves can jump on your information. The IronKey drive has a password-secure sign in that destroys the saved data Mission Impossible style if the password hackers make 10 wrong attempts to open the drive (though the makers guarantee there is no danger of a smoking mess if it happens). While that seems like an easy way to lose critical information, IronKey provides a simple method to securely backup the data to a new drive in case of a meltdown or loss of the drive.

The drive also provides a handy repository for all of your passwords, and a way to avoid entering passwords on computers that may have key-stroke intercepting malware used to steal passwords as they are typed. The drive enters the passwords automatically, and prompts the Website entry to avoid any keystrokes being monitored. The newest versions also include a virtual keyboard where even your IronKey password may be entered through mouse clicks to avoid the theft of your password for very high-risk environments.

Run an IP address search on your IronKey secure Web session and you’re likely to come back as a Web surfer in Denmark, Illinois, or one of the other secure proxy servers that IronKey employs. While it might be a violation of some company policies, (always be aware of the risks of bypassing security protocols) most servers that block access to personal e-mail services and social networking sites won’t even see the activities streamed through the secure Mozilla browser contained within the drive. The Web browsing activities, history, cookies, etc. are all kept securely within the drive and can only be accessed after a successful login.

Versions

The drives are available with 1 GB to 32 GB capacities, and have two drive speeds with S-drives being the fastest while the D-drives are a little slower but they’re also less expensive. There are three versions of the drive (personal, enterprise, basic) with differences in administrative rights and security management; but most private users would likely opt for the “personal” model.

IronKey drives are also approved by the DOD for the new thumb drive use policies.

These aren’t cheap tools when compared to the myriad of discount storage available, but if the data being transferred is valuable the security measures used to protect it should probably be given a comparable measure of consideration.

As with most technologically advanced tools, there are many more tools included than can be covered in a short discussion, but most of the bells and whistles are covered on the IronKey Website for any level of user to dissect.

Notes

I’ve made it a habit to use an IronKey for all but the most benign Web traffic I’m creating, and if used properly the security features act much like the defensive tools used in everyday activities, in that it might not guarantee that you won’t be compromised, but it will guarantee that the predators are going to have to work pretty hard to get at your data and are more likely to opt for the easy targets that broadcast their vulnerability.

Editor’s Note: MIKE25 is a game warden with a journalism background, who tries to stay  current with the technology and tools that help with “the tactical side of  life.” Please join us in welcoming him as a guest writer on ITS Tactical.

LINKS:


Are you getting more than 14¢ of value per day from ITS Tactical?

Please consider joining our Crew Leader Membership and our growing community of supporters.

At ITS Tactical we’re working hard every day to provide different methods, ideas and knowledge that could one day save your life. Instead of simply asking for your support with donations, we’ve developed a membership to allow our readers to support what we do and allow us to give you back something in return.

For less than 14¢ a day you can help contribute directly to our content, and join our growing community of supporters who have directly influenced what we’ve been able to accomplish and where we’re headed.

Click here to learn about all the benefits and Join!


JSH
JSH

Big negative to this, though: admin rights required on any machine you use it with.

RgrDgr
RgrDgr

Will this effectively circumvent the great firewall of China? I'm going over there for business and while I'm concerned that they might try and monitor my internet activity, I'm also concerned with what they may do if they find someone using this device to protect their anonymity.

Citizen Armory
Citizen Armory

Chris, you have all valid points, but I'd like to clarify some things.

1) Perfectly true. TrueCrypt is a compromise that runs all in software and does indeed require admin rights to mount the drive. IronKey does require software, however, to unlock it, and so you are limited to machines you can execute your own applications on.

2) It was my mistake about using the public Tor network. The codebase they use for their anonymous network is a fork of the Tor project, but uses private servers: http://en.wikipedia.org/wiki/IronKey#Bundled_software Unfortunately, this requires IronKey never have down time, and that their network is never compromised (either lawfully or not) thus exposing all the IronKey user identities. It's faster from what I hear, but the trade off is now you have to trust the company and the laws they're regulated under.

3) A home-built secure USB drive does not have any authentication beyond the what-you-know mode. This means it cannot be remotely shut down, but by using a secure password I believe it can be effectively useless to someone who steals/finds it. The onboard self-destruct for IronKey is pretty slick though.

It's a very cool product, and I think great for companies/governments, but for the individual I think a home-built solution is perfectly fine.

Brian
Brian

We use the IronKey within our department and it has filled the void of having portable and secure storage. We have deployed about 25 keys to date and they have been well received among our officers. Administration of our IronKeys has been fairly easy with little to no issues to date. When officers did receive their keys we put them through a brief 30 min inservice to explain its features and proper usage. A little training goes a long way!

Each of our keys was laser engraved (about $2.00 a key from a local guy) with a unique name that does not identify its owner by name. We used common names of trees, but you could use anything. The idea being that if one of the keys were to get lost or stolen the officer could identify his key, but the general public would not know its owner specifically. The contact information that is on file within the IronKey is that of the department, not the officers. The ability to remotely lock a key in the event that it is lost or stolen is nice.

The one issue that we have encountered is related to the key’s thickness. All of our officers have Tough Books mounted in their vehicles. Some of the mounts and how they are manipulated in the car limits where the key or how many USB items can be plugged in. If the USB slots are stacked vertically then it is very difficult to get more than one USB Key plugged in if the IronKey is plugged in as well. Some officers have resorted to using a small male/female cable that is of a standard thickness to extend the USB port so that stacked ports can be fully utilized.

On a personal note, I would like to see software support extended into the Mac world. I use both and love both, but the IronKey is designed primarily for a PC world, which is where most of the market share is located. The drive works with Mac, but only as secure storage. This is not a knock on the drive, but rather a personal wish. The IronKey does work within a virtual environment (VMWare, have not tested with Parallels) so a secure connection is not far if I am using the Mac.

Brian
Brian

We use the IronKey within our department and it has filled the void of having portable and secure storage. We have deployed about 25 keys to date and they have been well received among our officers. Administration of our IronKeys has been fairly easy with little to no issues to date. When officers did receive their keys we put them through a brief 30 min inservice to explain its features and proper usage. A little training goes a long way! Each of our keys was laser engraved (about $2.00 a key from a local guy) with a unique name that does not identify its owner by name. We used common names of trees, but you could use anything. The idea being that if one of the keys were to get lost or stolen the officer could identify his key, but the general public would not know its owner specifically. The contact information that is on file within the IronKey is that of the department, not the officers. The ability to remotely lock a key in the event that it is lost or stolen is nice. The one issue that we have encountered is related to the key’s thickness. All of our officers have Tough Books mounted in their vehicles. Some of the mounts and how they are manipulated in the car limits where the key or how many USB items can be plugged in. If the USB slots are stacked vertically then it is very difficult to get more than one USB Key plugged in if the IronKey is plugged in as well. Some officers have resorted to using a small male/female cable that is of a standard thickness to extend the USB port so that stacked ports can be fully utilized. On a personal note, I would like to see software support extended into the Mac world. I use both and love both, but the IronKey is designed primarily for a PC world, which is where most of the market share is located. The drive works with Mac, but only as secure storage. This is not a knock on the drive, but rather a personal wish. The IronKey does work within a virtual environment (VMWare, have not tested with Parallels) so a secure connection is not far if I am using the Mac.

Chris
Chris

You cannot make your own.

1) IronKey runs hardware encryption and does not require a device driver, so works for non-admins. It is also FIPS140-2 L3 physically secure with a hard limit on password attempts.

2) IronKey does not use the Tor network.

3) The onboard Identity Manager is in a private part of the silicon and not the filesystem. It can only be accessed via the onboard app. Thus the database cannot be copied and attacked.

Chris
Chris

You cannot make your own. 1) IronKey runs hardware encryption and does not require a device driver, so works for non-admins. It is also FIPS140-2 L3 physically secure with a hard limit on password attempts. 2) IronKey does not use the Tor network. 3) The onboard Identity Manager is in a private part of the silicon and not the filesystem. It can only be accessed via the onboard app. Thus the database cannot be copied and attacked.

Citizen Armory
Citizen Armory

While the IronKey is cool because of it's on-board encryption, it's relatively simple to create your own on any standard USB drive.

1) The first step is to create an encrypted file container on the drive using TrueCrypt. Throw the Linux, Windows and Mac portable versions of TrueCrypt on it unencrypted. Then use the program to create a 2gb "file container". This is actually a big block of encrypted space that, using TrueCrypt, you use exactly like a standard hard drive. Even better, it supports bigger than 256 keys, and can triple AES encrypt, or use Blowfish and Serpent in addition (slower, but theoretically more secure).

It's not as hard as it sounds, just install TrueCrypt, create a file container, and play with it.

2) Get the Tor bundle. http://www.torproject.org/torbrowser/index.html.en

Using the same anonymizing network that IronKey does, it's a portable version of Firefox that surfs anonymously. Keep it in your TrueCrypt file container, and anything you do in it will be safe and sound.

3) Get KeePass portable http://portableapps.com/apps/utilities/keepass_portable

This is a program that encrypts all your passwords using AES into a single, searchable file. In itself it's encrypted, but you might as well keep it in the encrypted file container.

Those three steps above do 99% of the same things for free, and even better, you can customize the level of encryption you want. Just keep in mind it's only as strong as your password, so use a good one. Since TrueCrypt supports unlimited password lengths, try memorizing a sentence with numbers and special characters for your password; just avoid well known mottos.

Good luck everyone, and stay safe out there.

Citizen Armory
Citizen Armory

While the IronKey is cool because of it's on-board encryption, it's relatively simple to create your own on any standard USB drive. 1) The first step is to create an encrypted file container on the drive using TrueCrypt. Throw the Linux, Windows and Mac portable versions of TrueCrypt on it unencrypted. Then use the program to create a 2gb "file container". This is actually a big block of encrypted space that, using TrueCrypt, you use exactly like a standard hard drive. Even better, it supports bigger than 256 keys, and can triple AES encrypt, or use Blowfish and Serpent in addition (slower, but theoretically more secure). It's not as hard as it sounds, just install TrueCrypt, create a file container, and play with it. 2) Get the Tor bundle. http://www.torproject.org/torbrowser/index.html.en Using the same anonymizing network that IronKey does, it's a portable version of Firefox that surfs anonymously. Keep it in your TrueCrypt file container, and anything you do in it will be safe and sound. 3) Get KeePass portable http://portableapps.com/apps/utilities/keepass_portable This is a program that encrypts all your passwords using AES into a single, searchable file. In itself it's encrypted, but you might as well keep it in the encrypted file container. Those three steps above do 99% of the same things for free, and even better, you can customize the level of encryption you want. Just keep in mind it's only as strong as your password, so use a good one. Since TrueCrypt supports unlimited password lengths, try memorizing a sentence with numbers and special characters for your password; just avoid well known mottos. Good luck everyone, and stay safe out there.

Datajockeys
Datajockeys

Anything you take to China will get compromised. Use burn phones purchased locally in China (consider yourself monitored) and don't bring in any electronic devices you don't want acquired / bugged by the state. Of course this can lead to some real fun for the devious minded... :-)

MIKE25
MIKE25

Citizen Armory,

Thanks for the comments and critique, it's obvious that there is a pretty wide range of user abilities when it comes to any of these tools. I would place myself pretty much in the middle of the pack with regard to tech tools and think the plug-and-play aspect of the IronKey gives those of us less tech savvy an easy way to manage our security for a relatively small investment.

-Mike

MIKE25
MIKE25

Brian,

Thanks for the input, it's good to see some agencies are starting to take their online security up a notch.

-Mike

MIKE25
MIKE25

Brian, Thanks for the input, it's good to see some agencies are starting to take their online security up a notch. -Mike

Citizen Armory
Citizen Armory

Chris, you have all valid points, but I'd like to clarify some things. 1) Perfectly true. TrueCrypt is a compromise that runs all in software and does indeed require admin rights to mount the drive. IronKey does require software, however, to unlock it, and so you are limited to machines you can execute your own applications on. 2) It was my mistake about using the public Tor network. The codebase they use for their anonymous network is a fork of the Tor project, but uses private servers: http://en.wikipedia.org/wiki/IronKey#Bundled_software Unfortunately, this requires IronKey never have down time, and that their network is never compromised (either lawfully or not) thus exposing all the IronKey user identities. It's faster from what I hear, but the trade off is now you have to trust the company and the laws they're regulated under. 3) A home-built secure USB drive does not have any authentication beyond the what-you-know mode. This means it cannot be remotely shut down, but by using a secure password I believe it can be effectively useless to someone who steals/finds it. The onboard self-destruct for IronKey is pretty slick though. It's a very cool product, and I think great for companies/governments, but for the individual I think a home-built solution is perfectly fine.

MIKE25
MIKE25

Citizen Armory, Thanks for the comments and critique, it's obvious that there is a pretty wide range of user abilities when it comes to any of these tools. I would place myself pretty much in the middle of the pack with regard to tech tools and think the plug-and-play aspect of the IronKey gives those of us less tech savvy an easy way to manage our security for a relatively small investment. -Mike

The Latest
Squawk Box

If you’re looking for a great lock picking toolset that’s perfect for any skill level, be sure to check out our Bogota Titanium Flats 4-Piece. This toolset includes three straight picks and one tension wrench. Together the Titanium set weighs just 0.3 ounces and their inherently “flat” shape make them easy to store.

2 hours ago
Leave a Comment

We’ve just restocked the ITS Skeletonized Bottle Holder in Black but it’s also available in Coyote and MultiCam too! This lightweight and minimalist design can hold anything from a plastic water bottle to a Jetboil and is handmade in the USA with American materials and labor. Using the included MOLLE/PALS attachment system, it can be mounted virtually anywhere, including most belt sizes with a simple configuration of the mounting strap.

6 hours ago
Leave a Comment