The founders over at FixMeStick sent us a pair of their latest devices to check out. The FixMeStick is, in short, a malware removal device for dummies. The FixMeStick is a bootable USB device running Lubuntu and integrates three separate anti-virus scanners from Kaspersky Labs, Sophos, and GFI. While our readers will probably never need it for themselves, we may all wish we had something like this for our non-technical friends and family, or the 9 million PCs infected with ZeroAccess botnet. The FixMeStick does a lot of things that nobody else does on a bootable USB, and let's be real, removing rootkits is never pleasant or easy.
Why I Want it For My Parents
Linux: the FixMeStick is a Linux-based device that runs before Windows boots enabling it to remove infections without the infection getting stealthy or playing war with my parent's anti-virus software.
N-Scanner architecture: contains an integrated multi-scanner composed of three engines: Kaspersky Labs, Sophos, and GFI's VIPRE.
Full screen app: all the technology is integrated behind a single full-screen application, my parents never see Linux, or any of the three anti-virus engines. Typical Linux shortcut keys still work, but there's no risk of my mother wandering off into vi.
It's the easiest thing to use: right out of the box my parents just plug it into a USB port and double-click "Run FixMeStick". There's no software to install. The FixMeStick does this clever little hack with the Windows boot manager getting Windows to boot the FixMeStick one time. This means my parents don't have to futz with the BIOS, but you still can if you want to.
WiFi: supports wireless adapters and automatically finds my parents SSID and password from the Windows side and sets up the connection. My parents do nothing. I get no phone call from them. Automatic updates are fetched and stored directly on the FixMeStick.
It boots on everything: the boot-loader is setup such that it can support different boot configurations without my parents having to do anything. BIOS compatibility has been a killer to Live USBs, but we've not found a PC the FixMeStick will not boot on, including the fancy VAIOs that ship with a Boot From External Device setting off by default.
Out-of-band-management: this is quite cool, there's a remote connection client built into the FixMeStick, so if my parents need support, the FixMeStick engineers can connect directly to the device without my parents having to do anything other than provide the randomly generated userid and password generated by the app.
What's Not Good:
Out-of-band-management! A bad actor could call my parents and tell them to plug in the FixMeStick and get the userid\password. Of course, such a social engineering attack is possible whether there's a FixMeStick in the house or not.
Denial of Service: Malware can deny access to the FixMeStick by smoking the MBR or the Linux files. There are a few ways to fix this, and you probably know what they are, and we expect to see one implemented in the next major version of the FixMeStick.
50% Discounts for The Hacker News readers:
Overall, we like this product. It's practical and well built. And while the digital futurists may be calling the end of the PC, the next massive botnet is not likely to run on iOS or Android. The FixMeStick provides a practical means for non-technical people to clean their own PCs.
Other, back of the box type information:
- $49.99, with free shipping to anywhere in the world.
- Toll free support with the real security people.
- Works an unlimited number of times on up to 3 different PCs for a year. The PC count is reset each calendar month so people don't have to worry about adding\retiring PCs.
- When the year is up, recharges can be purchased from www.FixMeStick.com.
- The Windows launcher works on Windows XP, Vista, 7, and 8.
- A minimum of 512MB RAM on the host PC.
Here's a coupon for the first 50 The Hacker News readers for 50% off the FixMeStick: FixMeStick-THN. You can have it shipped directly to your parents ;)