The Next Evolution of the USG
Back in July of 2017, we reviewed a product called the USG, a USB Firewall capable of blocking most USB attacks. This is accomplished by having separate processors on both ends of the devices that are completely isolated from each other. These processors can only communicate certain predefined commands to each other. Anything can be plugged into this device without the worry of your computer getting compromised. Likewise, if the computer is infected, the USB device is protected from being compromised.
Just this month, Globotron Developments released a big brother to the USG dubbed the Armadillo. The Armadillo added USB 2.0 speeds, a read only switch, and automatic bot detection. The device is encased in a much more durable casing and it is secured with screws covered by glitter glue. The glitter glue serves as a tamper resistant mechanism. It is nearly impossible for someone to open the device and replace the glitter glue exactly how it was originally applied. This helps makes sure that the device that is supposed to protect you from malicious devices is not malicious itself. The device plugs into your computer using a micro USB cable. They also zap the supplied cable with 240 volts to get rid of any unwanted bugs.
USB Transfer Speed Improvement
The Armadillo is a great improvement to the USG, with the biggest improvement being the speed increase. We are limited to a sad speed of 1 MB/s with the USG, because it is only being USB 1.0 capable. The Armadillo supports USB 2.0 speeds, topping out at about 20 MB/s. The Armadillo is slightly slower than a regular USB 2.0 drive, but it’s nothing you will really notice. Either way, it’s still 20 times faster than the USG!
|USG||Armadillo||USB 2.0 Drive|
|Read||1 MB/s||20 MB/s||25 MB/s|
|Write||700 KB/s||10 MB/s||12 MB/s|
Read Only Switch
The Armadillo comes equipped with a read-only switch that prevents any mass storage device from being written to. If you flick the read-only switch before plugging it into your computer, nothing can be written to the protected device. Your computer will error out, telling you that it is not possible to write to the device. This could be very helpful in data forensic where you don’t want to compromise the original copy. It also guarantees that the computer cannot write anything to your flash drive without your knowledge.
Automatic Bot Detection
You’re going to like this feature, if you’re the type of person that is scared of USB Rubber Duckys and other keyboard emulated flash drives. The Armadillo is capable of telling the difference between a human and a bot typing. If it detects anything other than a human typing, it immediately stops sending key strokes to the computers and the Armadillo will start blinking red. After the “cool-down time”, the device allows key strokes to be sent to the computer once again. If a bot is detected repeatedly, the Armadillo permanently locks out the malicious device.
A Statement from the Creator on Manufacturing
I manufacture all my products here in New Zealand. I use a trusted local electronics house to assemble and solder the circuit boards, then directly supervise the programming and testing.A quote from the creator of the Armadillo
My products could be cheaper if I manufactured in China but that would destroy the product’s security as well as my own credibility! It is a simple task to modify the firmware, replace chips with hidden functions, or change the circuit board layout without any changes being visible. Any of these would compromise the security of the firewall.
These days more people are realising that their supply chain is a big security weakness, particularly with USB devices where nobody knows what factory their devices were made in. And of course the social environment is different over there and there are many opportunities for skullduggery.
When somebody uses my firewall, they no longer have to trust the long and vulnerable supply chain of their USB devices. That is why I take the manufacturing of these firewalls seriously – because my personal and professional reputation is on the line!
Questions, Comments, Concerns?
Let us know what you think in the comments below!