Giza device [suspended]
UPD: Our cooperation with Giza Device LTD is suspended.
UPD2: Details of the story in the retelling of CNBC (English) www.cnbc.com/2018/03/09/cryptocurrency-scammers-of-giza-make-off-with-2-million-after-ico.html
')
In short, we terminated the contract with Giza Device LTD when we did not receive payment for the first stage of work. At this point, we have accumulated a lot of questions to its founder, Marco Fayk, which he was not in a hurry to answer. The last straw was the refusal to disclose the final beneficiaries of Giza, which was required to obtain documentation on protected circuits.
Be careful, check your potential customers.
article source
Data protection is always a compromise of security and convenience. "If one person has built - another can always make out."
You can record a password from a bank account in a small black notebook, put it in a chest and bury it on a bald mountain at midnight. You can rent an underground military bunker in the Swiss Alps to store your bitcoins - relatively safe, but not too convenient for daily use.
You can (and should) use encryption and software tools, but you shouldn’t trust them completely: data can be stolen by a Trojan program with the help of some new clever trick with branch prediction.
A reasonable combination of reliability and user-friendliness, in our opinion, is inherent in microcontroller devices - hardware wallets, password managers and encrypted drives. The limited availability of operating systems, the lack of a direct internet connection, the hardware implementation of cryptography, and the complexity of introducing malicious code make such devices highly resistant to most attacks.
Mass products available on the market ( 1 , 2 , 3 , 4 , 5 , 6 , ...) have a number of drawbacks and cannot fully meet growing needs. Among the potential problems of individual devices are:
- lack of universality, the need to have different devices for working with passwords, cryptocurrencies and files
- “zoo” of applications, separate software for each device and even for each function
- inconvenient interface, small screen, complexity of entering passwords and passphrases
- partial hardware implementation, working with online services that may be compromised (“there are no clouds, there are foreign computers”)
- use of unprotected general purpose microcontrollers
- low quality materials
- preservation of health and all data after opening the case
- the need for a USB cable to work
This year, the Third Pin as an engineering unit joins the Giza Device , an international team that conducts an ICO to develop and produce a Giza device.
Giza is a password manager, hardware crypto wallet and encrypted file storage in one compact device. The structural diagram looks like this:
Giza has an oversized OLED display and a joystick with vibration feedback. Work with external devices occurs via USB and Bluetooth, with end-to-end encryption of all data and hardware confirmation of actions. The storage of private keys, passwords, file encryption and transaction signatures for each of the cryptocurrencies supported is also fully hardware.
In terms of working with passwords, Giza is Pastilde’s successor, with the exception of cryptographic operations, which are placed on a separate specialized microcontroller , with a high level of security. Giza has 16Gb of flash memory, for safe storage of not only passwords, but also any other important data: files, documents, certificates and other things.
Encryption and decryption of the file system occurs on the fly, without the need to install additional software on the computer. Giza supports FIDO U2F and can serve as a token to confirm access to other systems, thanks to an open API. The project provides a single external application for working with the device, which will be available for iOS, Android and Chrome.
The hull of Giza is made of aluminum and tempered glass, its design does not involve disassembly. A special subsystem, including the sensor of illumination, the gas composition of the atmosphere and some other secrets, is responsible for monitoring the integrity of the body. Thanks to the built-in battery, Giza will have time to erase all data in case of penetration or critical level of battery discharge. This option can be disabled by the user when the device is activated.
In addition, the user can configure automatic erasure of data when exceeding attempts to enter a pin-code or when entering a special, “emergency” pin-code. Giza supports data recovery in case of loss, using the BIP39 protocol. For the convenience of entering seed-phrases, any HID-keyboard is connected to the USB-connector.
We understand that absolute security is unattainable, even by much more sophisticated methods. Guise in itself does not guarantee 100% security, but in combination with the general rules of informational hygiene, it can seriously complicate the task for fraudsters who attempt on your data.
In more detail about separate parts of the device and about a development course we will tell in the following publications. Ask questions, share your experiences and opinions in the comments. The best way to support a project isto buy tokens to join our team. Write in a personal or on info@thirdpin.ru with the topic “Work in the GIZA project”, in a letter tell about your experience.
You can record a password from a bank account in a small black notebook, put it in a chest and bury it on a bald mountain at midnight. You can rent an underground military bunker in the Swiss Alps to store your bitcoins - relatively safe, but not too convenient for daily use.
You can (and should) use encryption and software tools, but you shouldn’t trust them completely: data can be stolen by a Trojan program with the help of some new clever trick with branch prediction.
A reasonable combination of reliability and user-friendliness, in our opinion, is inherent in microcontroller devices - hardware wallets, password managers and encrypted drives. The limited availability of operating systems, the lack of a direct internet connection, the hardware implementation of cryptography, and the complexity of introducing malicious code make such devices highly resistant to most attacks.
Mass products available on the market ( 1 , 2 , 3 , 4 , 5 , 6 , ...) have a number of drawbacks and cannot fully meet growing needs. Among the potential problems of individual devices are:
- lack of universality, the need to have different devices for working with passwords, cryptocurrencies and files
- “zoo” of applications, separate software for each device and even for each function
- inconvenient interface, small screen, complexity of entering passwords and passphrases
- partial hardware implementation, working with online services that may be compromised (“there are no clouds, there are foreign computers”)
- use of unprotected general purpose microcontrollers
- low quality materials
- preservation of health and all data after opening the case
- the need for a USB cable to work
This year, the Third Pin as an engineering unit joins the Giza Device , an international team that conducts an ICO to develop and produce a Giza device.
Giza is a password manager, hardware crypto wallet and encrypted file storage in one compact device. The structural diagram looks like this:
Giza has an oversized OLED display and a joystick with vibration feedback. Work with external devices occurs via USB and Bluetooth, with end-to-end encryption of all data and hardware confirmation of actions. The storage of private keys, passwords, file encryption and transaction signatures for each of the cryptocurrencies supported is also fully hardware.
In terms of working with passwords, Giza is Pastilde’s successor, with the exception of cryptographic operations, which are placed on a separate specialized microcontroller , with a high level of security. Giza has 16Gb of flash memory, for safe storage of not only passwords, but also any other important data: files, documents, certificates and other things.
Encryption and decryption of the file system occurs on the fly, without the need to install additional software on the computer. Giza supports FIDO U2F and can serve as a token to confirm access to other systems, thanks to an open API. The project provides a single external application for working with the device, which will be available for iOS, Android and Chrome.
The hull of Giza is made of aluminum and tempered glass, its design does not involve disassembly. A special subsystem, including the sensor of illumination, the gas composition of the atmosphere and some other secrets, is responsible for monitoring the integrity of the body. Thanks to the built-in battery, Giza will have time to erase all data in case of penetration or critical level of battery discharge. This option can be disabled by the user when the device is activated.
In addition, the user can configure automatic erasure of data when exceeding attempts to enter a pin-code or when entering a special, “emergency” pin-code. Giza supports data recovery in case of loss, using the BIP39 protocol. For the convenience of entering seed-phrases, any HID-keyboard is connected to the USB-connector.
We understand that absolute security is unattainable, even by much more sophisticated methods. Guise in itself does not guarantee 100% security, but in combination with the general rules of informational hygiene, it can seriously complicate the task for fraudsters who attempt on your data.
In more detail about separate parts of the device and about a development course we will tell in the following publications. Ask questions, share your experiences and opinions in the comments. The best way to support a project is
Take care of yourself, use complex passwords.
Source: https://habr.com/ru/post/371165/
All Articles