I believe I have found something that will change the way I use my computer.
Two technologies have converged: one is the really-cheap USB flash drive (I saw a 4 Gb drive on sale for $30 in a local store); the second is applications packaged to run entirely from removable media.
The particular application system I use is PortableApps (there are others such as U3). The applications include familiar ones like Open Office, Mozilla Thunderbird email and Mozilla FireFox browser. There are a number of others including KeePass (a password safe) and the NVu HTML editor. There are backup programs and games like Sudoku.
Instead of carrying a laptop around so I can run all my applications, I need only carry around a flash drive. With no installation, I can send and receive email from a fully configured email client with all my saved emails, from any computer that I can plug my flash drive into. I can edit photos, create presentations, change spreadsheets, compose documents, play games and lots of other stuff. This is all free software, and it is all trivial to install!
The SanDisk folks have another portable apps solution called U3 that includes a mix of free and pay software in its portfolio. Some of the free ones come preinstalled on their flash drive.
I can carry the essence of my computer around in my pocket for the price of the USB drive. In a sense, I have an ultra-portable computer — just add CPU, RAM, screen, mouse and keyboard.
I’m not worried about security. I could secure the entire drive with something like TrueCrypt, but I have a USB drive with built-in encryption, which is convenient. It’s really much more secure than my laptop normally is. My ultra-portable computer is 100% encrypted — applications and data. If I lose the chip (given my 16-character random password with upper and lower case letters, numbers and symbols), I have no worry that anybody’s gonna hack it. I can even let my browser save all my passwords and have web sites “remember me” with cookies. No secret information is left lying around unencrypted in deleted files or half-used disk clusters. With backup in hand, I can replace everything for just a few bucks.
Oh, by the way, I’m typing this on a web browser running from my USB drive.
You have a very valid point. The host computer could copy off all your data, it could log your keystrokes and monitor your IP traffic.
I think anyone is going to have a very tough time using any insecure computer securely. I don’t know any way around a keystroke logger on somebody else’s computer.
That would argue for continuing to use a “Master Password” with Thunderbird and Firefox so that those password files couldn’t be copied.
The computers I use are largely “trusted”. It’s either one at home or at the office, or my laptop I carry around (but which doesn’t have anything “secret” stored on it). My big fear is theft and the encrypted USB drive meets that need.
Ultimately, what you would want is the ability to boot the operating system from the Chip (and there are some Linux distributions that can support that).
Nice, but I’m still a bit worried about security. If you assume the only thing you carry around is your USB disk, then you’re probably going to use in on “unsafe” computers. Can we trust these built-in security features? Once you type in your password, the host computer is probably going to have access to all your data. It has to, since it is executing your programs. In the case of a public internet cafe, it sounds a bit insecure.