Posts
KeyLess mode. When you need to unplug USB key for a while.
One of Rohos customers gave us an interesting tip for the program, Rohos Logon Key
Сitation:
“In our office the CPUs are under the tables, but USB cords are out on the tables for USB plugging convenience. When you need to plug in another USB device (for example your camera) the USB key should be temporarily unplugged (there is such option in Natural Login, it’s called keyless mode). It helps to prevent immediate access lock but in return it locks the machine let’s say after 3 minutes”
Now Rohos Logon Key has the same option – for the time being it’s available only through registry (USB_Key_remove_behaviour, see UserGuide).
How it works:
- Upon USB key removal nothing happens.
- In ## seconds (see USB_Key_remove_behaviour) the program locks computer and right away tries to unlock it with USB key.
- If there is no key plugged in, the computer stays locked.
Review of Hardware Encryption vulnerability of Kingston and SanDisk USB flash drives
The Kingston Technology company, a leader in the production of safe USB drives, and one of the first ones that started producing USB flash drive with hardware encryption (Kingston DataTraveler Secure) announced that some of its models of USB flash drives with hardware protection feature are vulnerable. The announcement was posted on the company’s web site saying that with the help of some tools you can access this USB drive (i.e. hack it without a password). News regarding some models of Kingston being prone to cracking is very surprising because these flash drives have been certified in compliance with FIPS 140-2.
Everything started with the fact that the German company SySS published a document entitled “Companies SySS hacked USB flash drive with hardware encryption Kingston certified FIPS 104-2”. In this document they describe in details the authentication protocol between the drive and the program (the user), which they found on the basis of intercepted USB traffic + vulnerability that was discovered. And also some screenshots of the utility, which is embedded in the process of authentication program for USB drives, and as a result – we may enter any password and access will be granted.
Read more
Rohos Logon Key for Mac v.1.4.3
+ Added a few actions on USB Key removal : Lock, Log Out, Sleep, Shutdown and Nothing – the most helpful for Mac Book Air
* Fixed PIN code support for Intel based Macs
* Improved UI
* Improved Installer
* “Add USb Key” dialog doesn’t show odd Apple hardware anymore (of course iPod will be shown)
For Mac Book Air Users: This version allows to use USB flash drive only for logon/unlock moments after that you can unplug it, so you don’t need to lose a USB port. This is due to ‘Nothing’ option (see screenshot).
Notes about PIN code:
For those who are not familiar with two-factor authentication: By setting up PIN code you protect USB Key from somebody who can use it for logon into your Mac without your permission. After you plug in USB Key – Rohos Logon will always ask user to enter PIN in order to log in or unlock your Mac. To set up PIN, just click Change PIN button, after you set up your USB Key.
- PIN code works only for USB flash drives
- To change it – click Change PIN – and enter new PIN and Confirmation – OK
- If you forget PIN code – use second USB Key (created before) or Safe Boot to disable Rohos Logon
To Upgrade:
It’s better to Quit current Rohos Logon , install new version over, and then open Rohos Logon and set up USB Key again.
Notes About Uninstalling / OFFing Rohos Logon:
- To OFF or Quit Rohos Logon USB key should be connected