FREE ELECTRONIC LIBRARY - Dissertations, online materials

Pages:     | 1 || 3 | 4 |   ...   | 5 |

«Security Now! Transcript of Episode #143 Page 1 of 30 Transcript of Episode #143 YubiKey Description: Steve and Leo delve into the detailed operation ...»

-- [ Page 2 ] --

"I took Bill's drive to work with me the following week and put it back in his laptop. It booted right up, and Bill was able to recover hundreds of family photos he'd been storing on his laptop for years. Elated and grateful, Bill offered to pay me for my services.

Instead, I asked that he make a donation for his gratitude. Here's what I got from him this week. He said, quote, 'Pete. Hopefully by now you received my two voicemails letting you know I dropped off your hardware back on your box. I was able to capture all of my family pics. Many thanks. I made a donation to St. Jude's Children's Hospital in your name for $200. Again, many thanks. Cheers and regards, Bill.'" So then Pete ends saying, "I'm glad I could make a difference, but you and your wonderful product SpinRite made it possible."

–  –  –

Steve: So I thought that was really neat.

Leo: Nice story. Nice story. Now would you like to introduce our guest? Because Stina's on the line with us right now.

Steve: Hey, Stina. Welcome, and it's nice to talk to you again. I guess it was, what, about four weeks ago that we bumped into each other at the top of the elevators in San Francisco.

STINA EHRENSVRD: Yeah, that was my lucky day. It's been - and thanks for inviting me.

And you've been a relief for me. I mean, it's been literally around hundreds of emails that come from all over the world who's now, you know, ordering our stuff and asking all these kind of questions. And things are taking off.

Steve: Well, that's fantastic. I'm going to talk about the technology and the detailed operations of the YubiKey after we're through talking to you. But I loved your story sort of about where the name came from, where the company came from, and also sort of your vision for authentication. So I wanted you to - I thought our listeners would get a kick out of hearing it directly from you.

Leo: Are you a security researcher, Stina? What's your background?

–  –  –

then Simon, who is the - another Internet security expert in the team. He's been, you know, putting some efforts into this, too.

Leo: So you're a product designer. And are you a security buff? Or was it all your husband's idea? Or how did this come about?

STINA: We worked very closely. I asked all these stupid questions and, you know. I can tell you, actually, you know, we started together working as a - we actually cofounded a company called Cypak a few years ago, Jacob and I. And this was in the RFID space. And one of the many applications for the technology was the [indiscernible] smart card with a PIN keypad on the card itself. And we called this card the PIN-on-Card. And we were very proud of it because it was so secure. I mean, I think it could have been one of the most secure solutions ever invented. We got the European Innovation Award, 200,000 euros for this. And we were just, you know, the world wants, needs this. And we were just so excited. Until we started talking with customers.

You know, we hadn't even thought about that this card - and it was very secure. But it required a specific [indiscernible] chip built into a specific card with an integrated keypad. And it had to be connected in our [indiscernible] reader. And it needed client software. So when we actually - we were approached by an online bank. And we were planning a pilot with them. But by the end of the day they, you know, one of their bank guys called me up and said we really like the automatic thing. But we don't like the card reader, and we don't like the client software. Our customers, they are, you know, they are from all platforms, all browsers. The Windows versions, the Mac, Firefox. And this client software thing would probably require us to hire 30 new full-time employees only to take care of all the online support.

So this bank guy, he said to us, you know, you're good inventors. But, you know, you can come back when you've removed the client software and the reader. So that was a good challenge. We, you know, we said okay, thanks, we'll make a try. And we started to examine it, you know, looked at the computer, Jacob and I, and I asked a stupid question, you know? I said, there's a keyboard to this computer. You know, and that doesn't require a driver. And he said, hmm, yeah, you're right. So, you know, why couldn't we make a code generator that's simulating the HID driver, you know, acting the same way, with - and we, you know. And, yes, that's where the idea started.

And so we went back to the bank. We got - first we got rid of the client software, and then we made it into a USB fob to get rid of the reader. And we reduced the 12 buttons to one little button. And this was the first version of YubiKey. It was a fat, you know, looked almost like any other USB memory. And that guy who looked at it, he said, hmm, this is an interesting concept. But there's one problem. We prefer to buy security solutions from the big guys. So anyway, I thought it was a good comment.

–  –  –

STINA: Yes, just without imagination. So I thought I wanted a friendly name. And I like the word "ubiquitous." I envision this to be everywhere, mass market. So I started playing with the word "ubiquitous," and I ended up with Yubico. That's it.

–  –  –

STINA: So we, you know, so the first step, I had the prototype version. And now I realized I needed someone to say that this was a good product. So I asked people, you know, who can write a security report for me? And I came in contact with Simon. And he wrote an independent third-party security report. You know, the one I sent you, Steve?

Steve: Yes, yes, right.

STINA: And the good thing with this was when Simon had written his paper, he was so enthusiastic. So he said - he asked me if he could invest in the company and work for me. Well, but the problem was that I no longer had an independent security review, but I had the perfect inventor. So, yeah, you know.

Leo: It's a good sign when the guy reviewing your security says can I work for you.

STINA: Yeah, and it's on the website tomorrow, so anyone can look at this. It's, you know, it's not third-party, but he was third-party when he wrote it, you know. And Simon, he's a great guy. He is very passionate about open source security. And he recommended me at that time to fly over from Stockholm to an Internet identity workshop in California, and where I could learn more about this OpenID initiative that we think is a great initiative. And, you know, I would learn how we could fit in YubiKey in OpenID so we could enable one YubiKey to go to all Internets.

So I went to California to this workshop. And I met a guy from VeriSign. And he introduced me to another guy at VeriSign. And this guy, he said that the YubiKey could be quite interesting for them, "if." You know, this is the story. It's always been "if." If we could make this device to fit in a wallet and make it very, very cheap and in big volumes. So I thanked him for his feedback. I fly back to Sweden and started, you know, looking for designs. I'm a product designer, so I went on the Internet and said what are - what kind of USB devices are there that are really thin? And the other day a friend of mine gave me a very minimalistic USB key. It was just designed in two parts, a little circuit board and a plastic casing, that's it. So when I saw it I thought, you can't make it smaller, can't make it thinner, can't make it less expensive. And that's, you know, that was the inspiration to the current YubiKey design.

And meanwhile I had met this guy at VeriSign, he had introduced me to another guy Security Now! Transcript of Episode #143 Page 10 of 30 at eBay. And I sent him, actually sent him the first version because we had - the thing wasn't ready yet. But I sent him the first version of the fat YubiKey. And I asked him to look at it because I thought eBay might be a big customer for me. And he said, you know, he wasn't very interested. He even didn't want to look at it. It took him four weeks before he even answered my emails. But then one Sunday in October he came back. And he - yeah. Actually this is what he wrote. So I'm reading from his email: "Dear Stina. I have now tested your product. I'm impressed by its simplicity. I think the YubiKey is the only hardware authentication token that would fulfill the requirements for Web 2.0 services. Looking forward to a further dialogue."

You know, that was a good email. So it just took four weeks. And after that he left eBay, and he started working for Yubico in California.

Leo: You're stealing people left and right.

STINA: So now I had an office in California. So I had an office in California, one in Stockholm. So it was Simon, me, and Paul. And, well, in January the little thin YubiKey was ready. And we started shipping the first pilot box. It was to one of Paul's friends who has set up a Chinese IPTV company called Dragon IPTV. We have a, you know, a theme on our website and a film actually show that service. And, you know, we're very enthusiastic because, you know, within a couple of months we had five pilots starting. And we didn't really understand, you know, the customers, they were so happy, they came back, and they said this works so perfect, and the users love it. But the business really didn't - we didn't get any next orders. And eventually we asked them, and they said, you know, there is one problem. There's always one problem. And now they said, you haven't given us a price list, and we don't really understand your business model. Is this open source, or is it not open source? You know, you haven't been perfectly clear on that.

So when we started Yubico, Simon and I, we had envisioned Yubico as an open source company, a web shop where it's free SDKs with a developers community around it and with almost no salespeople, you know, people just sort of sending out things from the web shop, and no flashy offices, eliminating all the expensive layers of distributors and resellers who are now driving up the prices in these, you know, existing Internet security infrastructure. And Simon and I, we were very excited about this idea. We tested it on some Internet security professionals and other safe people we know in this industry. And they all warned us. Actually they warned us.

They said you're, you know, it's too risky. We would not recommend you to do that.

So we were sort of standing on one leg. You know, we didn't make [indiscernible].

The customers want to buy from us. We couldn't give them a price list. Because we didn't know, you know, we didn't know who we were. We just knew we had a great product. And then I bumped into you, Steve, so you made us, you forced us to make that decision, you know, emails coming, you know, literally they came in, you know, in my email box, hundreds of them. And I had to call Simon, you know, they're asking for prices. You know, we have to give them some prices. And they're asking for the SDKs. You know, [indiscernible] software [indiscernible]? And then I had another investor who actually joined a little later, a former CEO of Microsoft. So I called - he's the other, you know, we are the only ones taking the big decisions of this company so far. So it was very easy to make an on-the-phone-call decision, okay, now we go, just shift. We know we are taking risks. We know there are big challenges. But this is the way we want to do it, and this is the way that feels right Security Now! Transcript of Episode #143 Page 11 of 30

–  –  –

Leo: I have to apologize because we probably should have explained what the YubiKey is because I think there are some people who are probably listening, going, all right.

[Talking simultaneously] Leo:...synopsize, Steve, give us a...

Steve: Yeah, I'll be covering that after we're through talking to Stina, in detail. But essentially it is what we talked about two weeks ago. It is an amazingly small little, essentially, piece of plastic that is an emulator of a USB keyboard. So it's - we have pictures of it in our show notes from two weeks ago and also this week's show notes, so people can see what it looks like. Or they can just go to Yubico.com and see pictures of it there. It contains cryptographic technology which essentially produces a one-time password which is typed into your computer by this little piece of plastic, by the YubiKey.

Leo: It shows up as a standard USB keyboard, as an HID device.

Steve: Exactly.

Leo: So it can do that. I mean, there's no magic, and it works with everything that supports HID, which is pretty much everything.

Steve: Well, exactly. So it's OS independent. And what Stina was saying before, the problem that people had with the RFID approach was that it needed - there had to be a companion reader, and you had to have client-side software in order to interface it. And what's so cool about this is, I mean, it's funny because when I bumped into Stina at the RSA conference, she was standing there and saw my press credentials and thought, well, maybe I could - I'm sure she was doing this with other press people, too. Maybe this person, who I don't...

STINA: I think I talked to about five people. You were the fifth one.

Steve: Oh, good. Well, I'm sure she was thinking maybe this person will help me get the word out. And being an engineer, when she said this is a one-time password device which is a USB keyboard, my mouth just dropped open because it's brilliant. And that's what I loved about the concept is that it just does what it does beautifully. And we'll go into the technology because the design that underlies this is spectacular.

But what I'm so pleased with, and the reason I wanted to give this a whole Security Now!

episode is that what Stina and her colleagues have decided to do is to make the backend authentication services free. No subscription, no license, nothing. They want to just sell the YubiKeys. And unlike a huge company like VeriSign that has a massive infrastructure Security Now! Transcript of Episode #143 Page 12 of 30 that they need to support, and literally all the other companies that I saw on the RSA showroom floor, they were all into locking you in, signing you up, and they were big businesses that were looking for big corporate and offering big corporate solutions. Well, here is something, this YubiKey technology, that is - and I'm looking at the prices that Stina and her group have come up with. Quantity 1, price is $35. Quantity 10 is $25.

Pages:     | 1 || 3 | 4 |   ...   | 5 |

Similar works:

«Voices Not Heard: Women in a History Textbook Joyce A. Delaney I t will come as no surprise to those who are involved in the education of young people today that, in the area of social studies, there is a noticeable imbalance in the importance given to women’s as opposed to men’s roles. Despite some recent superficial cosmetic changes in content, publishers of American history textbooks continue overall to stress the pivotal part men have played in history and to pay little more than lip...»

«Educational Data Mining 2009 Unsupervised MDP Value Selection for Automating ITS Capabilities John Stamper1 and Tiffany Barnes2 1 john@stamper.org, 2Tiffany.Barnes@gmail.com Department of Computer Science, University of North Carolina at Charlotte Abstract. We seek to simplify the creation of intelligent tutors by using student data acquired from standard computer aided instruction (CAI) in conjunction with educational data mining methods to automatically generate adaptive hints. In our...»

«Einführungsseminar: The Power and the Glory – British Catholic Novelists Frau Dr. Julia Hoydis Universität zu Köln WS 2010/2011 Datum der Abgabe: 15.3.2011 Moral Decline and the Bankruptcy of Victorian Humanism in Evelyn Waugh’s A Handful of Dust Malte Biedermann XXX XXX LA Englisch u. Geschichte Fachsemester: 3 Table of Contents 1. Introduction 2 2. Two Types of Barbarism 4 2.1. The Decay of British Society 4 2.2. The Proto-Industrialist Savage 7 3. The Plight of Gothic Man 8 4....»

«1 wholesale football jersey.1 cheap custom nfl jerseys authentic.2 cheap manchester united jersey.3 jaguars jersey cheap accommodation.4 replica football jerseys cheap.5 san jose sharks jersey cheap.6 wholesale nba jerseys from china.7 custom bike jerseys cheap.8 custom steelers jerseys cheap.9 kyle rudolph jersey cheap breaks.10 vikings jersey cheap wholesale.11 cheap custom lakers jersey history.12 cheapest jerseys from china.13 russell wilson jersey seahawks cheap.14 new miami dolphins...»

«REVIEW DIGEST: HUMAN RIGHTS & THE WAR TERROR2007 SUPPLEMENT ON The Effects of the Madrid and London Subway Bombings On Europe’s View of Terrorism By Katie Friesen Terrorism within Europe, until 2004, was limited to internal, historical conflict between the state and dissenting factions, such as Spain’s Euskadi Ta Askatasuna (ETA) or the Irish Republican Army (IRA) in the United Kingdom. Islamic violence was strongly linked to the Middle East, as well as to America’s “War on Terror”...»

«Special Publication April 2010 By Rebecca Crawford The Ranch House in DeKalb County The “Ranch House Initiative” was explains, the “mid-century house has middeveloped by the DeKalb History Center and century stories to tell.” Commissioner Jeff Rader in an effort to We looked at a variety of ranch understand the ranch house boom that developments throughout the county and occurred in nearly every part of DeKalb profiled four notable neighborhoods. They County beginning in the 1940s....»

«Chapter One Historical Overview of Massage © 2011 Milady, a part of Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. What is Massage?• Manual or mechanical manipulation of the body’s soft tissues • Involves movements such as pressing, rolling and tapping to evoke a therapeutic response...»

«The Manchester Terrier: Description and History: Description: The Manchester is a hardy and long-lived breed. They are very adaptable and make an excellent and devoted companion for most people. Equally at home in the country or city, the Manchester is intelligence, versatile, and naturally clean in his habits. This has prompted breed fanciers to conclude that “As a sagacious, intelligent house pet and companion, no breed is superior to the well-bred Manchester Terrier. (AKC's Complete Dog...»

«Louisiana Architecture: 1945-1965 Post-War Subdivisions and the Ranch House HISTORICAL BACKGROUND Post-WWII Population Growth and U.S. Housing Shortage: Without a doubt no American industry was harder hit by the Great Depression and the Second World War than housing. Over this protracted sixteen year period, annual housing starts fell to less than 10% of what they had been during the boom days of the “Roaring Twenties.” Numerous architectural practices and construction firms simply “went...»

«University of York Certificate in Local History Essay by Peter Brown FCCA,BSc(Hons),MSPI Acomb Grange An Augustinian Grange in the County of York Introduction the problems the questions In the winning essay of the 1991 Sheldon Memorial Trust Essay Competition, Jennifer Kaner traced the history and ownership of Acomb Grange from the 12th Century to the present day.(l) In that essay she raised many questions that would require further research. There were also areas of her work where she could...»

«Tracing Nihilism: Heidegger to Nietzsche to Derrida Bela Egyed I. Rhetoric and Nihilism This collection of essays is not intended as an introduction to Nietzsche. Rather, it is, as its title suggests, an exploration of two themes and a reflection on the possible connections between them. Nietzsche had much to say about nihilism. It might even be argued that it is the single most important theme running through his works. He says comparatively little about rhetoric. But one could assert that...»

«ABSTRACT Title of thesis: THE BRIGHTENED Ian Patrick Miller, MFA Creative Writing, 2004 Thesis directed by: Maud Casey Department of Creative Writing The general concerns of “The Brightened” lie with a family and their lineage of violence which permeates its generations through oral history and blood (figuratively and genetically). The family issues are further magnified by another set of beings which inhabit the “body” of the family members. These beings deal in a world of color and...»

<<  HOME   |    CONTACTS
2016 www.dissertation.xlibx.info - Dissertations, online materials

Materials of this site are available for review, all rights belong to their respective owners.
If you do not agree with the fact that your material is placed on this site, please, email us, we will within 1-2 business days delete him.