More on the Yoggie Pico Pro security appliance

Last week I posted information about the Yoggie Pico Pro, an all-in-one security that fits onto a USB dongle.  In the TalkBack section Michael Kelly asked a couple of interesting questions:

• How are virus (spyware, phishing, etc.) definitions kept up to date? Are they downloaded onto the stick or the PC? And if they go on the stick, are they loaded onto the writable flash chip or is the unwritable one opened up for updates? And if they are loaded into the writable portion what happens if there is a breach, do they just get re-downloaded, or do they get re-downloaded upon every reboot?
• Is this a complete GPL solution? Not that it will affect my buying decision, but I'm curious as to what source code is available.

Good questions, so I put them to Yoggie.  Here's the reply I received:

• The virus signatures, like any other security or general update are downloaded and stored on the writable memory of the Yoggie personal security appliance. As a whole, the Yoggie is an actual full blown Linux powered computer. And as such, of course it must run from a writable area which is not volatile. There is a special read-only component that stores the system’s kernel (and then some) but that’s a special security measure unrelated to the normal operation of this appliance.
• The Yoggie personal security appliance is not a complete GPL solution. Yoggie Security Systems set out to create the most secure and advanced solution out there, integrating existing best-of-breed solutions where possible. Our criteria is not if a component is GPL or not, but rather if it’s the best or not! That’s why, for instance, for IDS/IPS the Snort GPL solution was chosen, since it’s the best. While the Anti-Virus component that was chosen was Kaspersky, which is the best in what it does. In addition to Kaspersky, other commercial solutions are used, all best-of-breed, like MailShell, SurfControl, Sourcefire VRT rule and more.

So there you have it.

Thoughts?