We’re sure that many of Hackaday readers already know that one of the two main components of the Mooltipass project is a smart card, containing (among others) the AES-256 encryption key. Two weeks ago we asked if you’d be interested coming up with a design that will be printed on the final card. As usual, many people were eager to contribute and recently sent us a few suggestions. If you missed the call and would like to join in, it’s not too late! You may still send your CMYK vector image at mathieu[at]hackaday[dot]com by sunday. More detailed specifications may be found here.
In a few days we’ll also publish on Hackaday a project update, as we recently received the top and bottom PCBs for Olivier’s design. The low level libraries will soon be finished and hopefully a few days later we’ll be able to ship a few devices to developers and beta testers. We’re also still looking for contributors that may be interested in helping us to develop browser plugins.
The Mooltipass team would also like to thank our dear readers that gave us a skull on Hackaday projects!
Will the mooltipass be cross platform compatible?
Yes. The mooltipass will be cross platform compatible. The mooltipass will be able to enter credentials via HID (emulating a keyboard). There are also tasks (planned and in the works) to support a browser plugin. Feel free to check out the mooltipass project page, google groups, and github. (http://hackaday.io/project/86-Mooltipass)
I can’t wait for the eventual product. I wonder though, will the HID functionality interfere with security measures invoked by corporate security protocols regarding USB plug in devices? I understand HID devices are like mice/keyboards, but in my company, if you plug in a flash drive or a smart phone, the system goes to a root based security lockout (windows 7 enterprise based security).
When I say “eventual product” I am referring to Leeloo’s Mooltipass (sig) :)
I am not entirely sure what Windows 7 Enterprise based security will do with the mooltipass. I have a Windows 7 x64 Ultimate computer and I have seen it as a handful of devices. The end product will be detected on the computer as a HID device (I believe using a generic HID driver) as well as a CDC device to connect with the plugin. I do not see any issues with the device showing as HID. CDC may be a different story depending on how strict the security is setup on the computer. It will not show up as mass storage (AFAIK). I have an idea on how we can get it to enumerate only the HID, but still be able to connect over CDC on another computer. I’m sure we will have a discussion about this when we progress more on the usb side of things.
If you want, you can pick up a 32u4 based AVR (Arduino Leonardo, and various other boards from Sparkfun and Adafruit to list a few) and flash the firmware from github. Or have your IT Department answer / try if this device driver combo will work. I’m sure we will have an update on the USB capability when the time comes.
I’d die for this but I bet I’d be violating /sooooo/ many compliance rules if I use one in, say, a hospital environment.
(eg… HIPPA.)
If we find a way to disable the CDC device, it will appear as a keyboard and *should* not take any information from the computer in which it is plugged in and only emulate a HID keyboard. That being said, I am not an expert on HIPPA so please verify using this device (once produced) with HIPPA before use. We will not be responsible for misuse of the mooltipass.
Heh, I actually design hospital networks, and HIPPA is certainly a concern here.
If I heard of someone using one of these in such an environment, you can bet it’d be reported up the chain.
This is the blind intersection where cool hacks meet the Lawyers….
Even if it is detected as a normal keyboard?