Hi,
I do not know what is behind the scene and how quickly it can be cracked
but:
1) you can tell U3 to use a password for access (I have not tried yet
but I read somewhere that a non-compliant U3 OS (ex: Linux today) would
not be able to see the drive content if the password were on ... without
that password, Linux sees it as another flash drive.
2) the U3 APIs allow the application to put password protects on certain
private data areas
I do not know if there is crypto built-in ... for instance what does the
drive really do when a data section has a password ? => I intend to use
my own crypto if I need to protect data that in on the drive.
I do not think U3 is a replacement for smart cards at all, but that I
can help "promote" the smart card concept by adding mobility to its
solutions ... I could _really_ see a U3 drive and a chip in the same
package a few years from now.
Regards,
Philippe
Peter Tomlinson wrote:
So the U3 drive is not a secure device in its own right? (i.e. it seems
to me that it does not incorporate a crypto chip such as is used in a
strong security smart card, and nor does its flash memory have the kind
of security protection against penetration that smart card flash has)
(I looked on the u3.com web site but found very little specific about
the device spec.)
Peter
Philippe C. Martin wrote:
A U3 device (www.u3.com) is a flash drive which allows for
applications installation: you plug the U3 device in the USB port and
your application is available. If the application does its job
correctly, application data is stored on the U3 device, not on the
PC.
Some of the issues I have been facing in the smart card business are:
1) some application data cannot be written in the card because of
space (and some of the data does not need high security) 2) potential
customers are often worried about software deployment - that is
especially true for my applications as Python and wxWidget are not
part of regular OS distributions (yes, Python is for Linux) 3)
because of 1) the smart card application (card + software) is less
mobile as the less vital data is stored on the PC (maybe encrypted
with the card, but still stuck on the PC) 4) setting up smart card
demos at a client site/business branches can be very painfull, and
salespeople are somewhat reluctant to hack PCs (another painfull
lesson)
I just feel that there are applications where a combinaison of a
smart card and a U3 device (they call them smart drives) would
greatly improve deployment/mobility issues.
Putting my solutions aside, I feel a MUSCLE application on a U3
device can make a lot of sense.
U3 drives can be found already in large stores in the US (and I live
in OK! - I do not know about other countries but I was told about U3
by a smart card professional based in France).
I hope that is clearer - I often get excited about technology and
sometimes think I have found a great solution were people see no
business value whatsoever :-)
Regards,
Philippe
Ludovic Rousseau wrote:
On 28/11/05, Philippe C. Martin <[EMAIL PROTECTED]> wrote:
Hi,
Hello,
I am very happy to announce the release of SCU3 V 0.1 and
SCU3Python.u3p V. 0.1.
SCU3 is a python wrapper for U3 compliant devices
What is a "U3 compliant devices"? Is it the devices described at
[1]? What are the links with smart cards, PC/SC, etc.?
Bye,
[1] http://www.u3.com/
-- Dr. Ludovic Rousseau For private mail use
[EMAIL PROTECTED] and not "big brother" Google
_______________________________________________ Muscle mailing list
Muscle@lists.musclecard.com
http://lists.drizzle.com/mailman/listinfo/muscle
------------------------------------------------------------------------
_______________________________________________ Muscle mailing list
Muscle@lists.musclecard.com
http://lists.drizzle.com/mailman/listinfo/muscle
_______________________________________________
Muscle mailing list
Muscle@lists.musclecard.com
http://lists.drizzle.com/mailman/listinfo/muscle
_______________________________________________
Muscle mailing list
Muscle@lists.musclecard.com
http://lists.drizzle.com/mailman/listinfo/muscle
