InZero Secure PC: Two Machines in One

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

Most humans are creatures of habit, and that boils over into computer technology. Or, as Phil Zimmermann, creator of PGP Corporation, explained to me, the whole computer industry is handicapped by its legacy. We're used to the familiar tools available and don't feel all that comfortable using something new and unknown.
But sometimes you have to break out of the box, and that's what InZero is attempting to do with the introduction of its Secure PC.

It's effectively two computers running as one unit: a standard computing module and a secure InZero Gateway module. The InZero Gateway module directly connects to the Internet and hosts potentially dangerous network applications, processes incoming and outgoing files, and transfers files to and from the computing module, which is permanently offline. Hence, the PC is secure but remains capable of executing all the functions required of a computer when logged into the Internet.


Zimmermann, who was invited to the launch of the Secure PC, admits that the concept is so new that it is difficult to explain easily. The add-on is a very specialized hardware sandbox, a little box with client applications that communicate with the PC through a USB interface. The hardware enforces isolation of client applications. There are two setups for the system: One is an external box connected to the PC; the other is a small package that replaces the DVD drive so the Secure PC can be used on laptops.


Why is this important? According to Symantec's 2009 threat report, distinct malware signatures were up 265 percent between 2007 and 2008, but the number of targets remained relatively flat over that period of time. That means, Adam Hils, a Gartner analyst said, the increase is coming from more specialized attacks. "They want to steal money, intellectual property, information from bank accounts," he explained, "and firewalls don't really address this."

The Secure PC isn't for everyone, however. It is geared for systems that have to be run in extremely secure environments. For companies that have to protect sensitive data and that have a good network engineering and IT staff, it might be something to consider as a new level of securing information.