Designer Security Strikes Again

It’s not often we encounter innovation in security technology, so I always take my hat off to new concepts in security design or functionality. I wrote some months ago about the innovative Yoggie Gatekeeper, a pocket-size hardware security device with 13 layers of security protection, including firewall, intrusion detection/prevention, anti-virus, anti-spam, ant-spyware, anti-phishing and policy enforcement. My immediate reaction was: “It’s the Blackberry of Security”. And I though the design would be hard to beat.

That was before I took delivery of the Yoggie Pico, the latest model. It’s even smaller and sleeker, about the size of cigar lighter and a very desirable device. The style is reminiscent of Prada or Apple. Strong security in a neat, easy-to-install device. Full marks to Yoggie for raising the bar on security design. I now look at firewalls with new eyes.

Join the conversation

4 comments

Send me notifications when other members comment.

Please create a username to comment.

I just received Yoggie Pico Personal this morning. And what a disappointment it turned out to be. I was so looking forward to the new experience but like the wise people often say "Anticipation breeds frustration", I was a victim of it. To start with, I tried to install it on my latest and greatest top-of-the-range-fully-loaded laptop (Dell Inspiron) running Windows Vista Ultimate 32-bit. I followed the instructions and inserted the appliance into the USB slot. Next, I ran the installation wizard from the accompanied CD and sfter the installation there was no browser window open prompting me to activate the appliance. Now the appliance simply sits there and is in continuous boot mode (blinking lights!). I rebooted the laptop and un-installed the drivers and tried the process again but still those annnoying blinking lights won't go away! At the moment the only way to get support is via their support web page. There is nothing in the form of documentation to take one through troubleshooting (maybe that's only meant for Windows-based appliances and not Linux-based appliances!). To say that I am extremely disappointed in this little Linux security marvel is fair but I haven't lost faith in it yet. Probably as it's the first batch of shipments and I am the unlucky one. And the wait continues to hear back from Tech Support. Regards.
Cancel
David Lacey responds: I think you've been unlucky. Any new technology will have teething problems in the first few weeks, and they're especially hard to fix when demand exceeds expectations. I know Yoggie have been overwhelmed by the level of interest and they're all working 24x7 to keep on top. I'm not a technical expert but I have spoken to colleagues who have tested it extensively and confirmed it does what it says on the tin. In my experience, it's better to judge a vendor by the way they respond to problems, rather than the state of the product at any particular time. I've been impressed by the way Yoggie have been steadily enhancing the product in response to comments received. I should add that I have absolutely no commercial interests in Yoggie, so my comments are truly independent.
Cancel
[I have to point out that the following critical comment is from a company with an interest in anti-malware solutions. However, that's not to say that the points aren't valid. David Lacey] The problem with this product is the very poor level of technical support. There is NONE !!!, emails are not replied too. If you want a product with good support forget the Yoggie until they get this sorted out. On another point, I have found this product's achilles heel, a simple virus downloaded via https. Simple to infect a user this way, and I dont like the way they are selling it as a product that does away with software running on your PC. Has anybody also found out how you can enable inbound traffic. For example you run IIS on your laptop or VMware for customer demos ect....
Cancel
Hi Dear David: the Pico idea will come built in, to next-wave computers. After wild bouts with my "texperts" who swore nothing can intercept at a kernel level from a USB port, I got my own Pico Personal to show it could. As probly any hacker can tell you, Pico is just a mechanical rootkit. Basicly I'm thrilled, and I get a free reformat since I won my bet. But urgent to share the following: 1. I got my Pico at Buy.com for $67. 2. It won't instal on my Win2K! Any help??? The CD comes back ''error code 2147024894 : unable to install driver." No reply back yet, from emailing Yoggie's tech sport. The Pico did instal fine on my xp, but 2K is where I need it. 3. I've found no way to print out the Pico log. Do you know how? The screenshots only show the very limited window on the Yoggie site. You have to do all the reads from their site. 4. Printouts could get important, for my following biggest concern: PICO'S REPORTED INTERCEPTS BEAR NO RELATION TO WHAT MY SNIFFERS, BLOCKERS, AND FIREWALLS SHOW, WITHOUT PICO. The more I think about this, Adrian, the more questions it raises. Because of a spamcatching project I'm doing for a local provider, I KNOW what-all's trying to come across those ports. When I activate Pico, Pico reports nothing of the sort. True my sniffers, blockers, and FWs then show no traffic whatever, meaning that Pico "works". Also it proxies you behind it, and that seems good. But why is it logging a bunch of attempts that didn't exist before, and missing all the ones that did? Could it be making them up? I'm not kidding... To trust ALL your security to a transparent device is really trusting alot. How would most users know, if it now and then did the typical thing that say, ''registry cleaners" do? You know, tell you they've found and vanquished terrible things that were never there, just because there's no way to verify? Both my tightest secure email and the Yoggie come from Israel, home of the world's leading cloak-and-dagger brilliance. It can cut both ways. As soon as I disable Pico, the attack patterns and sources we're now so familiar with in Arizona, return instantly to the sniffers and other listenware. We're after a stream of messenger pops that seem exclusively from one IP quad in Canada, all luring back to one company in Texas. Why or how would zombies be all from one quad, if they hadn't been ''purchased''? So you see it's caused us to study the patterns, and know them well. With Pico's logs, there aren't any. 5 .Pico has a serious vulnerability itself, which they haven't fixed since July07: SS X-Force Database: yoggie-rundiagnostics-command-execution(35208): Yoggie Pico Pro and Yoggie Pico runDiagnostics.cgi script command execution ISS X-Force Database: yoggie-rundiagnostics-command-execution(35208): Yoggie Pico Pro and Yoggie Pico runDiagnostics.cgi script command execution from http://xforce.iss.net/xforce/xfdb/35208 For corrections or additions please email xforce@iss.net Thank you for your time and wonderful service. Sis
Cancel

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close