A reader writes, "The USB Armory is full-blown computer (800MHz ARMÂ® processor, 512MB RAM) in a tiny form factor (65mm x 19mm x 6mm USB stick) designed from the ground up with information security applications in mind."

"Not only does the USB Armory have native support for many Linux distributions, it also has a completely open hardware design and a breakout prototyping header, making it a great platform on which to build other hardware."

The project wants $130 per stick, and makes some very exciting claims about security and openness; I asked Bruce Schneier whether he thought this passed the giggle-test and he said, "I don't know if it's any good, but more transparency is definitely good."

Which is a good way of thinking about stuff like this: it may not be secure, but if it isn't, you can find out by auditing it yourself, or taking the word of someone you trust who's done an audit, rather than having to take the project founders' word for it.

The following example security application ideas illustrate the flexibility of the USB Armory concept: *

mass storage device with advanced features such as automatic encryption, virus scanning, host authentication and data self-destruct

*

OpenSSH client and agent for untrusted hosts (e.g Internet kiosks)

*

router for end-to-end VPN tunnelling

*

Tor bridge [see this, for example]

*

password manager with integrated web server

*

electronic wallet [the Electrum Bitcoin wallet works out of the box on the USB Armory. It has been tested with X11 forwarding from Linux as well as Windows hosts.]

*

authentication token

*

portable penetration testing platform

*

low level USB security testing

USB Armory: Open Source USB Stick Computer