Lotus what? Nah mate, the world has moved on.

Tuesday, 17 September 2013

Looking at the Getac Z710 -- a secure rugged 7 inch tablet



Rugged Mobile devices and encryption.

Achievetec is a market leader in rugged devices supplying kit from Motorola, Motion, Samsung and Lenovo. They also provide software solutions for the housing market and is a Becrypt partner.

This is an extract from a report issued this month.
Report of the Director of Policy & Resources
Several high profile cases have again further highlighted the risks involved in notencrypting all laptop devices. The Information Commissioners Office (ICO) finedGlasgow Council £150k for the loss of two laptops. Both laptops were stolen froma council building where there were security failings. These were not seen as remotelaptops and highlight the risk of not encrypting laptops not intended to be taken offsite.
Both laptops were locked up securely but the thief's were able able to break down the storage drawer.

The Code of Connection (CoCo) requires encryption on devices and the preferred and only certified software is Becrypt.
Technical advisors from GCSX developed a list of products to assist councils to meet numerous elements of the CoCo. This product list included several encryption tools. IT Services piloted the Becrypt Disk Protect solution and implemented the facility. 

So why should you, as a business, care about encryption in the UK?
ICO imposed fines and penalties for data breaches resulting from data protectionfailings can be in excess of £100,000

So what is encryption?

Encryption, is the process of changing information in such a way as to make it unreadable by anyone except those possessing special knowledge (usually referred to as a "key") that allows them to change the information back to its original, readable form.

Every platform has a means of encrypting data but the distinction is whether the whole device or just some data is encrypted. To encrypt data you need a Operating System of some kind running. Therefore once you have booted into an OS encrypting or obfuscating some data is relatively simple and many methods can be used.

What about Linux?

This is a tough one. You can encrypt Linux using LUKS with minimum effort. However, the boot partition will not be encrypted as it needs an OS to start up. You can use two form factor encryption to unlock the boot partition or you can simply move the boot partition to a USB drive and walk away with it. This is as secure as you need it to be. However, the "purists" will say that this is not full disk encryption so it is flawed.

What about Android?

People get confused. they are told Android is Linux. This could not be further from the truth. Android does use the Linux Kernel though. This is a core OS system, like DOS really, that starts up and prepares the interfaces for talking to disks, memory, screen and other devices. The Linux kernel has been developed over many years by many very intelligent people so it makes sense to use the Linux Kernel. However, the Android "user space" is completely different and does not run Linux software natively.

Encrypting Android

Disk encryption on Android is based on dm-crypt, which is a kernel feature that works at the block device layer.

This is quite complex as Android avoids the use of any GPL code. Once you use GPL code you MUST publish your work. Here is a technical write up:

Android "full disk encryption" use a 128-bit AES in a ESSIV mode, and the encryption key is derived from the password using PBKDF2 . Basically it forces you to use a pin or password to unlock the screen and will then use this key to unlock LUKS.

The pin or password has a 16 character limit so a pass phrase is not really possible. Also, imagine trying to unlock your device with a 14 character pin every time a notification pops up!

Becrypt encryption for Android.

I will be on an advanced course Thursday and Friday and will have more insight on the implementation on Android then. Suffice to say if it is good enough for Nato then it is good enough for me! One day I will get my hands on a copy of XTS-400 (STOP) and I guess I will find Becrypt on it.

Looking at the Getac Z710

The Getac Z710 is the first and only device that has been Becrypt certified(?). The device I tested did not have Becrypt installed.

At 800g and 21.8 x 14.2 x 2.7cm it is not really light compared to a consumer unit such as a Note 2 but it is nevertheless easy to handle and carry.  The rubberised coating seems tough and very durable and the yellow plastic case makes for a striking design.

It is rugged and MIL-STD-810G and IP65 Certified, Vibration Resistant, Drop Resistant (26 Drops from 1.82m / 6ft) and Optional ANSI/ISA 12.12.01.

The Z710 can be used in operating environments from -20°C to 50°C and can be stored at -40°C to 71°C.

The battery is a Polymer Lithium Ion battery is rated at 7600mAh 3.7V. It lasted a few days on standby so it is pretty good.

The processor is a Texas Instruments OMAP 4430 Dual Core 1Ghz as used in the Droid Bionic.

You can even use it in explosive atmospheres as it is Atex certified.

  • Tempered Glass.

    The Z710 uses special
    damage-resistant Tempered
    glass. Tempered Glass is both
    tough and scratch resistant to
    withstand the abuses of working in extreme conditions.
  • LumiBond™.

    To increase the screen durability and providing greater sunlight readability, the Z710 features LumiBond optical bonding. LumiBond adhears the cover glass, touch panel and display together into one solid unit eliminating extra edges that can reflect sunlight and creating a single durable display.
  • Extreme Temps.

    Being able to work in any
    environment is critical, even
    freezing cold conditions. The
    Z710 rugged tablet can be
    operated in temperatures from
    -4°F to 122°F.
  • Six Foot Drop.

    The Z710 is the first rugged
    Android tablet to be certified to
    a MIL-STD 810G six foot drop
    rating. Combine that with the
    IP65 dust and water protection
    and the Z710 is one of the most
    rugged Android tablets ever

Overall this is a very good rugged device with great credentials. It is suitable for most environments and will last a long time.

It also has Android 4.1 loaded with the Google Play store enabled.


Post a Comment

Thank you for taking the time to comment. Your opinion is important and of value and we appreciate the positive feedback! If you are "Negative Nancy" then please do us, and humanity, a favor, and piss off.

Total Pageviews

Google+ Followers


Blog Archive

Popular Posts

Recent Comments

Rays Twitter feed


Web sites come and go and information is lost and therefore some pages are archived. @rayd123 . Powered by Blogger.