iTwin: Like a Cable Between Two PCs Anywhere in the World

By  |  Wednesday, October 27, 2010 at 4:29 pm

Last Gadget Standing nominee: iTwin
Price: $99

USB drives get lost.  Google Docs and Dropbox are not known for their high security. iTwin just announced a plug-and-play device that makes it both easy and secure to keep computers synchronized—regardless of where they are. Think of it as a secure cable from one computer to another—without the cable.

The iTwin creates a highly secure, peer-to-peer, hardware-enabled, AES-256 encrypted connection between the two computers. The two halves of iTwin are first paired on a user’s computer, creating a crypto key which is specific to the device. Only the two halves of the user’s iTwin know the key. Plug the halves into the USB ports of any two online computers, anywhere in the world, and iTwin works like the two ends of a cable, without the cable. A window pops up allowing you to edit, synchronize or transfer between your two devices.

The device is no bigger than a USB drive and fits comfortably into pockets and bags. It is available in two colors, lime green and gunmetal gray.  iTwin goes on sale in December.


Read more: 

7 Comments For This Post

  1. BlackKnightRebel Says:

    Dreamcast…. You can't fool me random tech company.

  2. Rob Says:

    I'm not sure I have a use for the iTwin, but the idea is really cool.

  3. mosh Says:

    Looks Windows-only, unless it has a preinstalled sshd and x11vncd.

  4. Terry Hall Says:

    AES-256 is strictly symmetric key, not public key. What is the security used to get files from one end to the other? They don't say. First I have to make sure the remote end PC is turned on, then how do I know it's not open to attack because of this? If a file at rest is encrypted by AES-256, what protects it in transit? Or, do they send the key with the encrypted file? Ouch. And how strong are the keys? You can't just stamp something AES-256 to prove it is secure. Similar issues to Pogoplug, except Pogoplug doesn't even need the PC. ITwin may not have the drive compatibility issues of Pogoplug, however. The big question is securely accessing files stored remotely. If iTwin won't say, I have to assume they are using public key technology to pass the symmetric key with the file. How easy is it to read the keys from one of the devices? And AES-256 or not, what is the effective key space? It could be much smaller than AES-256 justifies. It's only as strong as the keys and if this product generates keys poorly, then AES-256 is a waste. They don't say.

  5. Kal Takru Says:

    hi Terry, I am Kal from iTwin. Regarding your questions above:

    1) For protecting communication between two computers, all that's needed is a shared secret key between the two ends. So, a symmetric key crypto is sufficient for this need. There's no need for public key cryptography (which solves the problem of efficient key distribution for large populations).

    2) When the two halves of an iTwin are connected together (we call it "pairing") and are plugged into a computer, the microcontrollers on each of the half of the iTwin communicate with each other and generate a cryptographically strong random number. This random number is used to generate a random 256 bit key that is used for AES encryption. And this key resides only on the two associated iTwins and nowhere else. And every time that the two halves of an iTwin are paired together, a brand new shared key is generated.

    3) The remote computer needs to be online, but any computer that's online is always vulnerable (nothing to do with iTwin). What is necessary is to ensure that all communication in and out of a computer is properly authenticated and protected. With iTwin, all communication between the two computers involved is protected by hardware grade security and in so many ways, this is better and more secure than password based security, (iTwin also supports the option of setting passwords, as an additional protection). Furthermore, all iTwins needs to authenticate with iTwin's authentication server. All communication with iTwin's authentication server is protected using industry standard TLS.

    4) iTwin does not encrypt files at rest. iTwin is a simple and secure remote file access device and, thus, only encrypts files in transit.

    If you have any other Qs, please let me know.


  6. brian Says:

    does it work for mac?

  7. [email protected] Says:

    Hi Brian,
    We'll be announcing Mac support for iTwin in first half 2011. Please follow us on Twitter at @iTwinTweet to keep updated!