A presentation at Def Con this year on an inexpensive, pocket-sized "travel router" piqued my interest; it can...
reportedly conceal Internet traffic on the go. How does it work? And how does it differ from routers that use Tor? Will this ever be viable in an enterprise scenario with on-the-go workers?
Being a lover of freedom, I'm always interested in tools that keep a person's every move out of sight of government spies. This tool, dubbed "PORTAL" (which stands for Personal Onion Router To Assure Liberty), is an always-on Tor device. It uses existing Internet connections, but takes the user out of the equation by applying "onion router" protection to all traffic to and from the user's computer without the user having to remember to load a Tor browser and enable protective measures.
As far as anonymity is concerned, PORTAL can be more private than a VPN and is most certainly better than relying on SSL/TLS to protect your organization's network communications. Both of these technologies provide a false sense of privacy and security in that metadata -- such as the protocols and whom you're communicating with -- are in plain sight, not to mention any associated logs that record communications that are forever stamped in history.
So is PORTAL viable for the enterprise? Probably not -- at least for most situations. In today's world, we have enough trouble getting proven technologies such as antimalware and security information and event management working at the enterprise level, so I can't imagine something such as PORTAL is going to scale at this point, especially since it's not even available as its own standalone hardware device; right now, PORTAL is just software that you build into your own system.
However, I have faith in the security entrepreneurs out there -- someone will come up with a solution for the lay-person problem shortly. Perhaps then -- in a few years -- PORTAL will be enterprise-worthy.
Ask the Expert!
SearchSecurity expert Kevin Beaver is ready to answer your application security questions -- submit them now! (All questions are anonymous.)
Get more router security tips
Dig Deeper on Network device security: Appliances, firewalls and switches
Related Q&A from Kevin Beaver
Android Oreo replaced the allow unknown sources setting with a new feature that enables users to selectively install unknown apps. Kevin Beaver ... Continue Reading
Equifax's Apache Struts vulnerability was an example of a scan not being read correctly. Kevin Beaver explains vulnerability scans and how issues can... Continue Reading
Several vulnerabilities were recently discovered in Android bootloaders via the BootStomp tool. Kevin Beaver explains how they work and what risk ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.