Archive for November 2009

The guy in the black hat is actually a white-hat hacker

November 27, 2009

During a recent educational presentation on wireless security to a group of IT professionals at the Canadian Information Professing Society’s annual ICE Conference in Edmonton, it didn’t take long for Brad Haines to give the attendees what would amount to an enlightening wake-up call.
“If your consultants say your system is secure, they’re lying.” His boldness caused even those busy texting on their Blackberrys to stop and take notice.
Over a 50-minute period, Haines wowed delegates by illustrating how insecure things really can be.
But Haines is not your average presenter. Often billed as a security expert or chief researcher at RenderLab.net, he’s also known as RenderMan.
“I’m first and foremost a hacker… a security enthusiast and consummate geek who is curious and loves knowledge.”
And while his fedora is black, as is the rest of his signature attire, RenderMan is a white-hat hacker—one of the good guys. Black-hat hackers are typically out for personal or financial gain.
Haines has a strong penchant for discovering and reporting on systems vulnerabilities and ensuring that people are aware of them. His issue is with consultants’ declarations that imply “secure from now on and forever”. While perhaps true at that moment, he’d prefer they rephrase them as “vulnerabilities not yet found”.
Once a secure technology, WEP (Wired Equivalency Privacy) protocol can now be broken in 60 seconds. “And if you didn’t know about that transition,” Haines says, “you’d think it still was.”
Wireless has changed the rules of the game. A network can physically be locked down, but adding wireless capability could be akin to using a megaphone to announce your presence to the world. “With wireless, we’re back to a shared medium. It’s easy to eavesdrop on communications.”
With readily available hardware—sniffers and analyzers and open source tools like Airpwn, Karma and Metasploit—hackers can monitor, intercept and modify transmissions resulting in the loss and theft of data. This includes private corporate information, personal info such as passwords, bank account and/or credit card numbers, and information leading to possible identity theft.
More than 25 percent of wireless networks in homes and offices are not even password protected. “Many are left at the (factory) default settings… unencrypted, unsecured, with an SSID (station ID) of Linksys.” Not only does this leave the access point vulnerable to attack, it presents an opportunity to an unscrupulous hacker to set up a trap when you take your wireless- and Bluetooth-enabled devices (laptop, PDA) outside to WiFi spots at cafes and airports.
Getting attacked can be as simple as turning on your laptop. If your own SSID matches a possible rogue, then your computer may automatically connect. “Windows likes to automatically connect to recent networks it’s seen before.”
Haines can’t stress it enough: There is no authentication process for free WiFi at hotels and gyms, for example, making it hard to determine if it’s real or fake. The transmission could be routed through an intermediary and all your data would be exposed.
“Even with a secure login, the login may be encrypted but not the session.”
Haines shows the audience a picture of a suspicious looking van with “Free Candy” painted across it. “Users like free WiFi. Who wouldn’t? What’s advertised is not necessarily what’s inside.”
And it’s not just the network connection. Accessing a malicious site could cause you to get viruses, install spyware, and make modifications to your system. Browser exploits—codes that take advantage of bugs in your browser—could also cause unexpected results.
“Once you’re on someone’s site, you’ve given them a conduit to access your system,” concurs Ed Rusnak, CEO of ENC Security Systems and creator of EncryptStick (featured in Edmontonians, November 2009). “When you leave the site, you could also be taking the infections and Trojans back with you to your secure network.”
“How many of you will regret using the free WiFi here?” Haines asked conference participants. At the end of his session—to make his point—he revealed that he had scanned all wireless enabled devices in the room and within range of his equipment.
Haines interest in network security started at W.P. Wagner High School in South East Edmonton, where computer teacher Don McDonald gave him the task of keeping their classroom network running.
“It was the most hostile network on the planet. Teachers weren’t always around; Kids wanted to play games during school hours.” He learned to thrive on the constant challenge of having to find new solutions to lock things down in an ever-changing environment. “It was a classic cat and mouse game.”
But it wasn’t until he attended his first DEF CON, the world’s largest underground hacking conference in 1999 where he says he met the most embracing community of like-minded people, that he realized he was not alone on his quest.
He’s now 30, “but going on 18”. RenderMan fills his days working with his clients to advise them on securing their digital assets. He fills his nights finding new ways to subvert technology to do things it was never meant to do.
Haines prefers to work with small- and medium-sized enterprises, smaller departments and professional services companies, acting as a resource for performance tuning and network security audits. “They can’t afford the big guys and often don’t know they need advice. Often their network expert is the son’s friend’s brother who happens to have a computer… so he’s their IT guy and this is a clinic.”
For Haines, it’s also a social obligation and a soft spot for the Mom and Pop enterprises. “Businesses shouldn’t go under because they used a crappy product and didn’t know better. How do you expect a guy who sells popsicles to know about security? It’s not his business focus.”
He’s also motivated as a user of these products who doesn’t want his data hijacked—possibly by some people he knows.
Haines speaks frequently at hacker and security conferences. Just prior to ICE, he exposed wireless vulnerabilities from a hacker’s perspective at Cyber Security Protection Strategies 2009, hosted by the Conference Board of Canada in Gatineau, Quebec.
He pointed out, “There are things you have not even thought of yet that already exist and can bite you. Be much more diligent and proactive because something that was secure last night, now isn’t.”
Revealing a picture of a circuit with 0.2mm wide solder points, Haines reminds that hackers who are also driven by curiosity will find value in the most innocuous of things—like hacking through the memory of Nintendo DSi. “If someone is willing to solder through a microscope to play video games, how much effort do you think is going into something with money?”
He preaches diligence about security even if you think it doesn’t have anything to do with what you’re doing. “You could be selling ice cream, but you’re processing money… you’re of interest to someone.”
Regardless of his audience, Haines insists he’s not trying to scare them but rather shake things up so they don’t become complacent by creating awareness that “the Emperor has no clothes”.
“We need guys like him to make the public totally aware… someone to find these vulnerabilities. We have to work in this environment,” says Rusnak.
Interestingly, on a trip to the House of Parliament a few days after his Gatineau speech, RenderMan was singled out of a tour group and asked to check his cell phone and briefcase.
“I’m thinking that announcing my intentions at the conference probably led someone to call ahead… and making the Ottawa Citzen’s front page probably didn’t help at all.”
Despite obvious temptations, Haines says he’s never been in trouble, but admits he finds the bad guys much more interesting. “The Joker always seems to enjoy what he was doing for a living. Batman always seems depressed.” Haines prefers to be the spy.
“People don’t like what I do, but I do nothing illegal. If anything weird happens, I better keep my nose clean. I would automatically be one of the usual suspects.”
Strangely enough, Haines’ business card is a Joker from a deck of cards with his info stamped on it.
“At a conference, it stands out.” √

Unfolding the mystery of misfolding PRIONS

November 27, 2009
Just mention the term prion and you’ll draw a blank look from most people. But say mad cow, and you’ll get a reaction.
Mad cows have spongy brains. They fall over. And, if you eat their parts, you might get the disease, too. That’s what most people remember of the mad cow crisis that swept Britain in the late 1980s. Thousands of cattle were destroyed before the epidemic was contained.
The culprit turned out to be cattle feed which contained ground up sheep offal contaminated with scrapies, a neurodegenerative disease of sheep. Scientists eventually figured out misfolded prions were behind the infection that had crossed the species barrier from sheep to cows and, sadly, to humans. In humans, it is called Variant Creutzfeldt-Jakob Disease.
In May 2003, Canada’s first official case of mad cow or BSE (bovine spongiform encephalopathy) popped up on a farm in Alberta. Overnight trade borders closed, stifling a $4.1 billion dollar a year beef export business. While barely a dozen mad cows have appeared in the ensuing years, the BSE crisis here cost billions in lost trade and lost jobs.
The Alberta government responded with a $35 million fund to support research into BSE and prion related diseases through Alberta Ingenuity and the Alberta Prion Research Institute. The federal government poured support into PRIONet, a member of the Network of Centres of Excellence. The University of Alberta set up the Centre for Prions and Protein Folding Diseases.
Over the past few years, the scientists involved with these groups have collaborated on some of the most important prion research in the world.
This year, I have had the opportunity to interview some of these scientists, thanks to a journalism award from the Canadian Institutes for Health Research.
What I find remarkable is the breadth of their research projects and the advancements they are making here. What started with one mad cow in Alberta has evolved into an intriguing investigation of a host of neurodegenerative diseases that impact all of us.
Two of the many talented researchers working in this area are Dr. David Westaway and Dr. David Wishart. Both are professors at the University of Alberta, although Dr. Westaway arrived from Britain via the University of Toronto. He is director of the Centre for Prions and Protein Folding Diseases.

Dr. David Wisehart

Dr. Wishart is a bio-informatics specialist and he was the lead scientist on the Human Metabolome Project. He describes prions as “small proteins that we all have. They’re in every living organism as far as we can tell, from yeast all the way to humans.”
The exact purpose of prions is not known, although they are thought to play a protective role. The normal or cellular prion protein is harmless. But sometimes things go wrong.
“Occasionally, if the protein has been mutated or if some external agent modifies the prion protein, it changes shape. Once it changes shape, it starts doing something bad. It actually starts self-assembling into what are called fibrils. And these fibrils start filling up brain cells, leading to brain cell death,” explains Dr. Wishart.
His most recent work uses a variety of techniques, including nuclear magnetic resonance spectroscopy, mass spectronomy and circular dichroism, to observe the prion protein at an atomic scale. The point is to observe the folding process in real time and hopefully find a way to stop it.
“Prions are naturally helical, meaning they look like a bunch of springs stuck together. But, when they misfold,” Dr. Wishart says, “they turn from a helical protein to something that’s called a beta strand or a sheet. And the beta sheet is in a sense a bunch of ribbons. And, in fact, silk is an example of a fibre that is made up almost exclusively of beta sheets. So when prions go from the helical to a beta sheet, they say that they convert or they misfold. This is something that proteins will often do. Normally, the body gets rid of them but, in the case of prions, when they misfold, they aggregate and they actually become toxic.”
It’s this aggregation the gives rise to the term “infectious”. A chain reaction starts and cannot be stopped.

Dr. David Westaway

According to Dr. Westaway, a normal prion or protein is a solo operator. As such, the outside of the molecule is covered with chemical charges that like water.
“The positive and negative charges interact with the water molecule and the protein molecule stays under control. It’s basically dissolved in water and everything is fine and dandy. But, in the context of disease, the proteins start to assemble into aggregates and very often this aggregation property is somehow linked to the fact that the non-water loving part of the molecule gets turned inside out. So, in chemical jargon, the hydrophobic parts of the molecule, instead of being hidden inside, come to the outside. The hydrophobic parts of a molecule like to interact with the hydrophobic parts of other molecules. So you start to get an assembly where the contact between the molecules is a bit more like an oily interface that pushes water out of the way.”
This initiates a domino effect where the proteins build up on one another.
In his lab, Dr. Wishart has been exploring how the prion converts or misfolds and has identified that the tail end of the molecule seems to be the part that gets disrupted or unfolded first.
“It aggregates first in what we call dimers or pairs, then in tetramers or sets of four and then, ultimately, in octamers, or groups of eight molecules. These aggregates are all hung together near the back end from last to about 70 residues. So they produce this insoluable, tightly massed core that can’t be cut… that can’t be broken down. Then these octamers eventually start forming fibrils or threads.”
Dr. Wishart goes on to say that it appears the tetramer and octamer, the groups of four and eight proteins, become highly toxic and form the principle seed that leads to infection.
It’s an exciting discovery that opens up the door to developing a means of stopping the misfolding process.
Dr. Westaway suggests that once you define the misfolding process in molecular terms, “then you can create an anti-molecule to stop it from happening. It’s what is called smart therapy.”
Over in his lab at the Centre for Prions and Protein Folding Diseases, Dr. Westaway has uncovered at least two important pieces to the prion puzzle. These are chaperone and shadoo proteins.
Chaperones are helper molecules. Sometimes when proteins start folding into the right shape, they get stuck, so along comes a chaperone to smooth it out so it goes into the right shape. This is well known in the science of cell biology for proteins inside the cell.
Says Westaway, “The field of chaperones is well known in the science of cell biology for proteins inside the cell. But prion disease is a bit more cutting edge because it seems there may well be chaperone-type activity involved in the wrong way, in helping a good protein go bad. Some of the crucial events of refolding or misfolding may not be going on inside the cell. In fact, they may be going on outside the cell. This is an important frontier that will bear close scrutiny in the coming years.”
A student in Westaway’s lab, Joe Watts, confirmed that this protein exists. It is quite abundant in the brain and has a lot of features similar to normal prion proteins.
“We think that shadoo may be part of a family of a molecules on the surface of brain cells that help brain cells deal with damage,” Dr. Westaway explains. “We have looked at what happens to the shadoo protein in an animal that has a prion disease and we were very surprised to get a very simple answer: that the shadoo protein starts to disappear when animals are replicating prions. It is what we call a tracer. We didn’t expect to make this discovery but, somehow when the protein is disappearing, it’s telling you that prions are replicating.”
He goes on to speculate that in a disease state, the shadoo proteins are being cannibalized by what he calls chopping proteins known as proteases. These get rid of proteins that are no longer needed by the body. What triggers the sudden attack warrants further investigation.
So what is it that brings home all this talk about how prions fold?
Catching Variant Creutzfeldt-Jakob Disease from a mad cow is still a very rare event. The odds in Canada are one in a million. However, there are other protein folding diseases that are all too common: Alzheimer’s, Parkinson’s and Lou Gehrig’s Disease.
The research of Westaway and Wishart goes a long way toward informing discovery on this front.
A provocative article, published in the journal Nature in early 2009, suggests that normal prion proteins, thought to be the protectors of nerve cells, are involved in the killing of brain cells. It appears the misfolded protein aggregates that cause Alzheimer’s bind to the normal prion proteins to initiate the killing.
Dr. Westaway is adamant. “We’ll check that out, and other labs will check that and very likely some important new knowledge will come out of looking at those ideas with a fine tooth comb.” √

New Mite Species Discovered— Grizzly Bears of the Soil World

November 27, 2009

Jim Herbers

The Alberta Biodiversity Monitoring Institute has laid out a grid of 1656 points across the entire province, with each point 20 kilometres apart. The data collected from these sites gives scientists a measure of the changing state of biodiversity in Alberta.
When ABMI researchers collect samples from these sites, they check for various kinds of flora and fauna in the water, in the trees, on the ground, and in the soil. And it’s not uncommon to discover new species.
Of particular interest are mites, tiny invertebrates that play a big role in maintaining the health of our soils.
Jim Herbers, director for information for the ABMI, says,“We’re very proud to report that there are well over 100 new species to Canada that we’ve identified and well over 30 new species to the world.”
These mites are microscopic, but don’t let their diminutive size fool you. Herbers explains, “Some of them are like the grizzly bears of the soil world. They go around and they’re predators. Many of them are frugivores. Many of them eat fungus and mushrooms. And then there are a number of other species that live in the soil that break down the soil organic matter, making sure that it’s turned over and that the nutrients are available for plants to use.”
These new species of mites were identified for the ABMI when scientists at the Royal Alberta Museum analyzed soil samples collected from the grid points

TEC Edmonton Searches for New CEO

November 27, 2009

Pamela Freeman

Now that David Cox has left TEC Edmonton for a new post at Radient Technologies, TEC Edmonton is looking for a new CEO to take his place.
And, according to Pamela Freeman, the interim CEO, TEC Edmonton is looking for a very special leader. “That person would have experience working in the private sector… public markets, private markets, to raise capital for companies… and will also have a very strong and effective way of working with our research community. So we have retained a recruitment firm to help us find someone who can help take TEC Edmonton to the next level where we continue to expand our programs and services that reach out to the entrepreneurial community, for those who have a technology who wish to develop a company and that can also interact effectively with our University community.”
Freeman says TEC Edmonton is continuing to build on three very successful years under Cox’s leadership. New programs include TEC Source which provides free consults to technology based companies. And there’s the new regional alliance which sees five Edmonton incubators collaborating to provide “one-stop shopping” for entrepreneurs and inventors.

Wheat Straw Panel Board Houses for China’s Earthquake Zone

November 27, 2009

Boewer Besseling

New homes in China’s earthquake zone will now be made from wheat straw instead of bricks and cement.
A Dutch company has licenced technology developed by the Alberta Research Council to make wheat straw panel board—OSSB or oriented straw strandboard—for the Chinese market.
According to architect Boewer Besseling of Panel Board Holdings, the wheat straw panels are superior for this earthquake zone since they are framed with light gauge steel.
Says Besseling, “First of all, the buildings are all made out of concrete and bricks. And the quality of these bricks and concrete is a little bit less than what we are used to in Europe and also in Canada. So if there is an earthquake, there is a big possibility that it just cracks because it is not flexible, and it comes down. Unfortunately, that happened a lot last year during the earthquake. And this light gauge steel is more flexible, so it can withstand an earthquake much better than concrete and bricks. And together with our OSSB, which we can use like a bracing element, it stands better in earthquakes than what they have right now.”
The wheat straw panel boards also offer an environmental break for China. ARC’s forest products technologist Wayne Wasylciw says the OSSB panel boards make use of straw that in China would otherwise be burned. They also save agricultural land from being dug up for clay to make bricks. √

2010 – The Year of Social Calibration

November 27, 2009

How to effectively gain entry into the social media ecosystem as it continues to grow in relevancy is top of mind for many, not only here in the Edmonton area but around Alberta and the rest of the World. 2010 will be the year many alter behaviors by integrating certain social web practices into overall business processes across the enterprise resulting in a “social calibration” of the corporate culture.
Veterans of at least one social media campaign will refine their approach as the realization that social influence is reliant on certain sustainable actions. In other words, there’s an understanding of the difference between being a blogger and being a blogger with influence—which means that social media integration into the 2010 marketing and communications plan happens at the outset rather than as an add-on later. This change in process should drive support for internal policy development and a concerted effort to build social capacity.
Also, as decision-makers come on board, I see more I.T. departments benefiting. The enterprise remains protected while I.T. enables social technologies behind their firewall by using open API authorization code like “OAuth” as appropriate. This success may also inspire the enterprise to pursue internal social media solutions related to human resources, such as employee retention, training, communications and knowledge capture.
Additionally, look for more organizations to embrace “cloud computing.” Despite still suffering from a bit of hype, trust has been strengthened in terms of data privacy and security… so the cloud will continue to influence collaborative innovations such as Google Wave for all to use.
As well, we’ll likely see more governments, (primarily municipal) embrace “open data” policies and concepts. And why not? Citizens are willing to contribute and even provide services for free. Participation in this area will continue to rise as access to public data truly becomes public. For more info on the open data topic visit eaves.ca and get ready for more city run contests, data mash-ups, and location aware services based widgets.
Maintaining consumer trust by way of social influence will remain a central goal behind social media performance metrics. Reputation 2.0 and the ever present need for active brand management online becomes a reality for more decision-makers in 2010. That said, this isn’t good news for lagging executives still employing the big plan of shutting down all access to the social web… but it’s certainly good news for their competitors who are consuming the social media Kool-Aid by the litre. That gap will continue to widen especially in areas of brand awareness, loyalty, customer support and rapport.
Experience suggests that concrete social media performance can only happen once the organization has truly committed. Up to now, there has been considerable experimentation and that’s to be expected. However, for measurable conversions to take place, an enterprise-wide commitment or social calibration must take place.
Ultimately, I believe 2010 will be a year of recovery, modest growth and prosperity. Social calibration should allow leaders who have a foothold within the social web (Twitter account and Facebook fan page) to accelerate and deepen relationships with customers. In other words, if your organization has been building social media credibility and customer love throughout a tough 2009, the next year will most likely require management teams to be better prepared to support future initiatives with more than just budget, they’ll need to support with a will to engage.
I’d like to wish all my readers, clients, the fusedlogic team, family and friends a fantastic Christmas and New Year’s celebration. √

Data thieves defied by ENCRYPTSTICK

November 2, 2009
Ed1098 wscreen resized

Ed Rusnak CEO of ENC

Imagine you’re a medical technician and your laptop just got stolen… Imagine the stress over the fact that it contained samples of about a quarter of a million lab tests for reportable and communicable diseases, plus identifiable names and personal health numbers. Even worse, imagine your name is on the list.
In June 2009, Alberta Health Services (AHS) reported two physically locked down laptops stolen from a lab at the University Hospital. Within a month, in a separate incident, private medical files of 11,000 Albertans within AHS were put at risk as a virus intermittently took snapshots of screens of computers that access that data. The information could have been transmitted to locations unknown.
These are just two recent locals cases, but the phenomenon is worldwide. The Open Security Foundation’s DataLossDB.org gathers reported information about events involving the loss, theft or exposure of personally identifiable information—the statistics are mind-boggling.
“The loss of data is certainly a major concern for personal privacy, especially in health care, insurance and financial industries. For individuals, identity theft is becoming a more common threat,” states Ed Rusnak, CEO of ENC Security Systems. Based in Pitt Meadows, BC, the company provides solutions to secure and transfer personal and professional data.
“Not only can companies be adversely affected, the loss of information can spell ruin for families when banking and personal identity information falls into the hands of criminals.” Typically, most concerns are over the effect of the theft of the actual hardware… but the potential gain on the black market of the selling and actual use of stolen data would far exceed the nominal value of the equipment.
The problem isn’t limited to laptops and hacked databases. The proliferation of high capacity, pint-sized data storage devices—USB flash drives, memory sticks or keys, pen drives or thumb drives—increases exposure to data risk and creates potential goldmine for data thieves. According to the USB Flash Drive Alliance, from 2004 to 2008, the number of units sold rose from 59.5 million to 220 million, and the average capacity increased from 213MB to 1727MB. They can be seen hanging from key chains, belt loops, and lanyards around people’s necks. Too often, they are left unattended, plugged into the USB ports on computers.
“Things will get lost… things will get stolen. It happens every day.”
And, while Rusnak can’t help people safeguard devices from physical theft or loss, he can help them protect their data.
ENC has developed EncryptStick, an application that turns these low-cost, off-the-shelf flash drives into affordable, easy-to-use, highly secure data vaults. It prevents virtually any type of file—documents, videos, photos—or passwords from being stolen.
“Password protection is not enough. EncryptStick uses powerful 512 bit polymorphic encryption technology, which has never been broken or successfully hacked,” Rusnak proclaims proudly.
Encryption converts data into code by use of an algorithm that cannot be converted back or decrypted without a “key”. EncryptStick uses the unique ID or serial number of the flash drive as a part of those 512 bits of information to create that key. This, combined with the user’s password, makes it virtually impossible to be decoded.

SIMPLE STEPS TO DATA SECURITY
To get EncryptStick, simply plug a flash drive into a USB port, purchase a license and download the software directly to it (not the host computer). Using the unique registration code, follow the instructions to create a master password.
“The password is not stored on ENC’s servers or on the computer. It’s directed to the flash drive and is known to only the user,” stresses Rusnak.
To use EncryptStick, plug the flash drive into the USB port. The software runs automatically. When the password is entered, the vaults become visible. Open existing vaults, create new vaults and easily encrypt or decrypt any file by right-clicking and selecting from a drop down menu, or simply dragging and dropping the files into the folders. EncryptStick also enables “encryption on the fly”—the ability to edit documents within vaults while the files are encrypted.
“And it’s fast. EncryptStick encrypts files at a rate 10 times faster that AES 256 (the federal government encryption standard) and takes up only 4MB of space.”
EncryptStick also allows users to maintain anonymity. “You can plug your encrypted flash drive into a public computer; when you remove it, it removes the temporary operating file so there is absolutely no footprint—no evidence of you being on that computer,” says Tim Sperling, President ENC.
And, even if someone were to gain physical access to the encrypted computer or see the vaults, without both the Encrypt-Stick flash drive inserted and the correct password, that information is coded and thus unreadable.
ENC anticipated that a flash drive could get lost or become inoperable (perhaps you ran it through the wash). As long as the original drive was registered, replace the flash drive, purchase a new ENC license, and the system will piggyback a new registration key on the old key, allowing access to existing vaults.

Ed1097 resized

ALBERTA ROOTS
Born in Vegreville, Alberta, Rusnak attended Strathcona Composite High School in Edmonton. His entrepreneurial roots sprouted in St. Albert when he started his first venture in the 1970s. For the most part, he worked in the oil and gas sector and related industries.
In 1997, the recently divorced Rusnak reconnected with Doris, a former classmate from Vegreville who had been widowed two years earlier. After a few months together in Edmonton, the couple relocated to her home in Pitt Meadows—where the possibility of year-round golf appealed to Rusnak.
The reality of a life of leisure soon waned. And, while flash drives are a recent phenomenon, application of encryption technologies is old hat to Rusnak. He soon founded AFI Inc., focusing his efforts on the oil and gas industry where he was the first to design a CSA approved electronic device for remotely monitoring well-heads on remote Northern Alberta sites via satellite.
“Our system replaced windup devices on a seven-day clock which was susceptible to things like wet paper and dried up ink and where we waited 60 days for results from a Calgary lab,” Rusnak recalls.
At that time, encryption technology was used to ensure the integrity and accuracy of the data transmitted rather than to address an issue of security. After 9/11, that all changed.
“We knew that we could encrypt analog and digital data through the unique ID or serial number of the processor.” Rusnak admitted this direction was inevitable but sold the company in 2003 before being able to implement it. He realized that he could use the same methodology on flash drives as he could with the processors on the remote well head monitors.
“Most people were using flash drives for storage. It can be more—and it is.” In 2005, he started ENC and, by late 2006, EncryptStick was ready to roll. The timing couldn’t have been better, but things went sideways. According to Rusnak, a company he did some work for claimed that ENC was using its technology. The time to defeat the public claim “…put us behind two-and-a-half years after we announced the product. NAIT, among others (possible licensees) who were prepared to move forward, had walked away. They had no choice.”
Crisis created opportunity: It gave Rusnak time to enhance EncryptStick—adding a password manager to store sensitive log-ins securely… an automatic session time-out for drives left unattended… and protection from common hacking techniques like keystroke-logging.
Finally, in May 2009, Rusnak and ENC received a letter of apology and a retraction of the statement and allegations that were made, allowing the official release of EncryptStick to take place.
At 69, Rusnak is certainly not ready to retire. “I’m having too much fun.” In fact, he’s as energetic as ever. He’s looking at even more ways to add functionality. His team is working on version 4.2 that adds enhancements for Windows 7. Versions for Mac and Linux operating systems are just about done.
And while he seems to have come upon a pot of gold, for Ed, it’s not just about the money. “I want to change the entire thinking of the world and to help keep in the forefront of your mind how valuable your data is to you.”
That’s why Rusnak has created this revolutionary, yet easy-to-use product at an affordable price of $39.99US, while offering free updates for the life of the product.
And, it comes at no surprise that he has more ideas, more products at various stages of development. Rusnak chuckles.
“If you’re can’t live on the edge, you’re taking up too much room.” √