LAD: LateralAccessDevice

takes you back to before the Internet

How It Works | Download LAD | Support | LAD Security | Features & Uses | Resources

About LAD: How It Works

LateralAccessDevice (LAD) is software that turns a computer chassis into a high-performance, multi-purpose Internet / network tool that combines multi-dimensional firewalling, network monitoring, access control, packet capture, DNS, NAT and a host of other applications into one easy to use, integrated, high-security package. You can get it already preinstalled on a computer from your own vendor or you can download it directly from this website. The software is the same either way, though the exact version might be different.

When installing LAD on your own hardware

You will need a computer with at least a dual-core processor, 8GB of RAM (or 4GB if you have a hard drive), one USB port, a USB stick and two Ethernet ports. While it is likely that your computer would be compatible, you may need to acquire a 2- or 4-port Ethernet network card (we recommend Intel I350- or I210-based cards – see other hardware recommendations). No operating system is required – LAD is fully self-contained.

The easiest way to find out if your hardware will work is to download the LAD installer, burn the image to a USB stick, insert it into the USB port of the computer you will be using and reboot. The installer will tell you whether your hardware is compatible. If it is compatible, the installer automatically proceeds to setting up LAD.

During the installation process the system will generate and display several security codes. You will definitely need those security codes later, so please write them down. Because the system is designed with security in mind, there is no way to reset the user name or password except with those codes, which means that neither you nor the hackers would be able to get into the system if you lose your login name and/or password.

When you get LAD pre-installed from someone else

If you got LAD pre-installed on a system from a third party, connect a monitor and keyboard to it the first time it boots up so you can make note of the security codes. If the system does not have monitor or keyboard hookups, connect to it by typing 192.168.0.11 into your web browser to get the security codes. Please be sure to make a note of these security codes. Because the system is designed with security in mind, there is no way to reset the password except with those codes, which means that neither you nor the hackers would be able to get into the system if you lose your login name and/or password.

If you have a choice, it is more secure to get the special security codes by connecting a monitor and keyboard as opposed to going through a web browser (on the off chance that your web browser is somehow compromised).

Why do I need those security codes?

These special security codes are your way to control who can make significant changes to your LAD. We would not have access to your LAD device, nor does LAD have any functionality other than what is available to you, the user (i.e., there is no backdoor). So, make a note of those security codes and keep them in a safe place. They would definitely come in handy if you forget your login name or password.

Once your LAD is up and operational

Connect your PC, laptop and other devices directly to LAD and you are ready to browse the Internet and enjoy the functionality. While you can connect your computers and other devices to LAD via a switch, you will get the most out of LAD's features and functions when you connect them directly.

You can run LAD with its default settings or you can configure its various functions as you wish.

By default the system is locked to the local network, meaning you cannot access it from the outside (i.e., the internet), but you can change this and other parameters by logging into 192.168.0.11 and using the default login name “admin” and default password “1234”. In the interface you can also see what devices are connected and what they are doing, as well as change your password. You would also be able to connect and disconnect individual devices and make other configurational changes.

By default the system is configured to record all data that passes through into its memory. You may have a version that is able to record onto a USB stick or a HDD. You may change the recording parameters, disable it, enable it, or whatever you want. While having the record is very convenient in case you do have some kind of abnormality or break in, you can use LAD however you want. Having a record is useful in that it provides the digital footprints, fingerprints and any other “prints” needed for examination and investigation. With a record of the network activity available you would also be able to compare the websites you know you went to with all the websites your computer actually went to. It should be noted that the bigger the storage you use, the longer the data “tail” you can keep (i.e., the larger storage space lets you retain data over a longer “lookback” period).

If LAD is running without USB or HDD storage capabilities, you would have the option to store limited information on our server, such as configurations, but not the packets themselves. This storage is "blind" storage, which means that we cannot access or see the contents, nor modify whatever you store.

To familiarize yourself, you may want to take a look at the devices LAD found on your network and identify them. If you use gadgets like video cameras and similar devices, consider disabling or limiting their access to the internet so they can’t get up to mischief when you’re not looking (you will also be able to put in place a password to allow for temporary remote access, if you choose).

Many devices actually only need a few types of communications, rather than full Internet access, in order to fulfill their function. In fact, most devices don’t need any access to the Internet, unless they are uploading or downloading data. Even then they typically only need access to a few specific places, not the whole world wide web. In practice it is a really good idea to limit where they can go to only those specific Internet locations that you really need.

Some devices, such as security cameras, have no business going anywhere on the Internet, unless, of course, you configure them to store their video feed “in the cloud.” Although such an arrangement poses a security risk, the trade off for convenience is your choice – the point with LAD is that it is YOUR choice, not someone else’s. The most secure configuration for a security camera is for it to store its video feed locally, and then use LAD to enable password-protected remote access, should you need it. This gets you maximum security with the least effort.

BY DEFAULT AUTOMATIC UPDATES ARE TURNED OFF

We believe that there should be consent before running automatic software or firmware updates, so the LAD software would not be automatically updated without your express consent. However, every time LAD reboots it would connect with our server to download an encrypted copy of your edition of the software that would only run on your LAD and, optionally, also synchronize the clock.

SECURITY & PRIVACY

When using LAD one of the first things you may notice is security. Many hack attacks that you might have heard about rely on code tampering: basically altering pre-existing legitimate code to do something other than for what it was intended. In the case of LAD, the code you get from us is protected by a three-part system. You would need three ingredients to match up for it to work. (OH, and by the way ALL the data that LAD stores on the storage is encrypted, whether it is your own USB stick, HDD or the limited server storage we provide.)

  1. The USB stick that you use to install LAD for the first time will contain a key that would only be stored on that one USB stick. That key is only made accessible through the password given to you the first time you install it (So it would be difficult for anyone else to get it unless you give them both the USB stick and your password, but they still have another obstacle – see #2 below).
  2. That USB stick would only work on the particular computer on which it installed LAD the first time (So no one can take the USB stick and use it with a different computer, even if they have your password).
  3. The USB stick does not contain the actual code for LAD. That way wannabe thieves or hackers could not tamper with it, even if they have physical possession of the USB stick. Even in the unlikely event that somebody physically steals your USB stick with the computer you set up to run LAD, they would not be able to do much with it unless they successfully connect to our server. You, however, with a special code (that would be given with you at installation) would be able to place that USB stick in lockdown mode and effectively render it useless. Nothing could be done with your LAD unless and until you unlock it.

At the same time you retain full privacy because we do not keep copies of or retain access to the passwords stored on your USB stick. In simpler terms, it’s like at the time of installation we ripped apart a dollar bill and gave one half to you. Only when both halves match perfectly would the encrypted module stored on our server would be of any use to anybody.

The most important thing is that we cannot change the code that runs your LAD once your USB stick locks it down. In practice it means that while we may provide you with the encryped module, nobody on our side would be able to change it because it would not match the other half of the "dollar bill" on your USB stick. You are the only one who can give authorization to modify the software on your USB stick. For that you need one of the passwords that will be given to you during installation.

While this may sound complicated, in practice you just write down the codes at installation and keep them in case you need them. It creates a lot of hoops to jump through in order for someone else to compromise your LAD.

Enjoy!

LAD: LateralAccessDevice is software that turns a computer chassis into a high-performance, multi-purpose Internet / network tool that combines multi-dimensional firewalling, network monitoring, access control, packet capture, DNS, NAT and a host of other applications into one easy to use, integrated, high-security package. You can get it already preinstalled on a computer from your own vendor or you can download it directly from this website. The software is the same either way, though the version might be different.