iTwin: Like a Cable Between Two PCs Anywhere in the World

Dreamcast…. You can't fool me random tech company.

I'm not sure I have a use for the iTwin, but the idea is really cool.

Looks Windows-only, unless it has a preinstalled sshd and x11vncd.

AES-256 is strictly symmetric key, not public key. What is the security used to get files from one end to the other? They don't say. First I have to make sure the remote end PC is turned on, then how do I know it's not open to attack because of this? If a file at rest is encrypted by AES-256, what protects it in transit? Or, do they send the key with the encrypted file? Ouch. And how strong are the keys? You can't just stamp something AES-256 to prove it is secure. Similar issues to Pogoplug, except Pogoplug doesn't even need the PC. ITwin may not have the drive compatibility issues of Pogoplug, however. The big question is securely accessing files stored remotely. If iTwin won't say, I have to assume they are using public key technology to pass the symmetric key with the file. How easy is it to read the keys from one of the devices? And AES-256 or not, what is the effective key space? It could be much smaller than AES-256 justifies. It's only as strong as the keys and if this product generates keys poorly, then AES-256 is a waste. They don't say.

hi Terry, I am Kal from iTwin. Regarding your questions above:

1) For protecting communication between two computers, all that's needed is a shared secret key between the two ends. So, a symmetric key crypto is sufficient for this need. There's no need for public key cryptography (which solves the problem of efficient key distribution for large populations).

2) When the two halves of an iTwin are connected together (we call it "pairing") and are plugged into a computer, the microcontrollers on each of the half of the iTwin communicate with each other and generate a cryptographically strong random number. This random number is used to generate a random 256 bit key that is used for AES encryption. And this key resides only on the two associated iTwins and nowhere else. And every time that the two halves of an iTwin are paired together, a brand new shared key is generated.

3) The remote computer needs to be online, but any computer that's online is always vulnerable (nothing to do with iTwin). What is necessary is to ensure that all communication in and out of a computer is properly authenticated and protected. With iTwin, all communication between the two computers involved is protected by hardware grade security and in so many ways, this is better and more secure than password based security, (iTwin also supports the option of setting passwords, as an additional protection). Furthermore, all iTwins needs to authenticate with iTwin's authentication server. All communication with iTwin's authentication server is protected using industry standard TLS.

4) iTwin does not encrypt files at rest. iTwin is a simple and secure remote file access device and, thus, only encrypts files in transit.

If you have any other Qs, please let me know.

Regards,
Kal

does it work for mac?

Hi Brian,
We'll be announcing Mac support for iTwin in first half 2011. Please follow us on Twitter at @iTwinTweet to keep updated!