R
Roedy Green
The closest thing I have found to what I want is a Kanguru AES
Encrypted Flash drive. I key a password to open it. I can then fill
it will secret files which are hardware-encrypted. Then I close it and
nobody can read the files without the password.
HOWEVER, when I take it to another machine, enter the password, it
opens up, but TOO open. ANY app can read it, including spyware.
I am curious about how you might design such a beast without that
problem.
It would be open, but only to one APP. That one app might have to
jump through hoops to retrieve or change data.
One idea I had was to put a little linux OS on the flash drive that
talked HTTPS. It would be like a portable secure server. The app
could pass through a password over HTTPS keyed in. All its
communications would be encrypted.
Another idea I had was to run the app inside the USB drive, and have
it talk to a device driver that would display and accept keystrokes
and mouse strokes for it.
Another related idea was putting some private keys in inaccessible
ROM, and a CPU that could encrypt/decrypt.
Encrypted Flash drive. I key a password to open it. I can then fill
it will secret files which are hardware-encrypted. Then I close it and
nobody can read the files without the password.
HOWEVER, when I take it to another machine, enter the password, it
opens up, but TOO open. ANY app can read it, including spyware.
I am curious about how you might design such a beast without that
problem.
It would be open, but only to one APP. That one app might have to
jump through hoops to retrieve or change data.
One idea I had was to put a little linux OS on the flash drive that
talked HTTPS. It would be like a portable secure server. The app
could pass through a password over HTTPS keyed in. All its
communications would be encrypted.
Another idea I had was to run the app inside the USB drive, and have
it talk to a device driver that would display and accept keystrokes
and mouse strokes for it.
Another related idea was putting some private keys in inaccessible
ROM, and a CPU that could encrypt/decrypt.