fysdt writes to share that IronKey has released a USB flash drive with self-destruct capability. Specializing in "secure flash drives," IronKey has launched the S200 aimed at government and enterprise customers, "featuring hardened physical security, the latest Cryptochip technology, active anti-malware and enhanced management capabilities. It's the 'first and only USB storage device to achieve FIPS 140-2, Level 3 validation' and delivers advanced Cryptochip featuring AES-256, tamper-resistance and self-destruction circuitry."
What's the point of having it self destruct? Encrypt any old flash drive with True Crypt and you have accomplished the same thing at a much lower price. Want to destroy the data? Hit yourself on the head with a crowbar, making you forget the password. Problem solved.
Hit yourself on the head with a crowbar, making you forget the password. Problem solved.
Maybe the information-hiding-people don't want to potentially allow themselves to be subjected to information-gathering techniques (*ahem* torture) by knowing the password. It's easier to just have the data destroyed after a certain period of time. Once it's gone, you don't have to forget a password and you don't have any password to be persuaded to remember?
So you think that will make the evil ones stop torturing the password out of you? They'll use that same crowbar to make you remember it! ^^
(Interlude: WTF. I have my adblocker disabled for the first time in months, and the first thing I see, is an Ironkey banner. Truly a slashvertisement.)
The point is, that the keyfile on your USB key is encrypted with your password. So if you destroy the keyfile, which would open your encrypted safe, your password gets useless. You could scream it to the whole world. It wouldn't matter. Nobody could open that thing now. Not even you.
And that is why you never let someone know that you want access to his system. ^^ Just use a keylogger, or a trojan horse, and be good. Become a cleaning person in that place. Or gain some trust otherwise. If you need it: There are some internal CIA agent training manuals on the net, that can teach you this. Or if you can speak Russias, I recommend some Russian forums. ^^
The advantage of having it drop access to the data after a certain amount of tries is the same reason people use cryptographic tokens -- brute forcing a passphrase becomes a non issue.
There is another feature of the IronKey that isn't mentioned -- encryption on a machine, say at a student computer lab, but without requiring administrative rights to access the data. A lot of schools disallow admin access, and this is required to mount virtual volumes (TrueCrypt, BestCrypt, PGP, etc.) Having software to allow access to the drive that never needs to leave user space is a good thing in these cases.
IronKey does have a market. Especially for students at larger universities where there are people who lurk in the 24 hour computer labs just looking for a USB flash drive to steal. With a stolen USB flash drive, they can either sell the done homework, or if someone has a paper for a popular class that isn't turned in, actually take the word processing document and call it theirs. The downside is that the distinctive metal case does lure thieves, but the user has to figure out a balance. To the user, is the data on the drive worth the price premium, especially if the data can be used by a thief or extortionist? This applies to faculty too. I'm sure there are those who would be more than happy to sell any test or quiz data that was gleaned from a USB flash drive swiped from a faculty lab.
Another use for these USB flash drives is delivering to a customer something extremely confidental (such as TrueCrypt keyfiles or one time pads) that will be used for future communication of large volumes of data. For example, the customer gets the passphase from a rep, while a secure courier drops off the IronKey. This way, the data never crosses the Internet.
Especially for students at larger universities where there are people who lurk in the 24 hour computer labs just looking for a USB flash drive to steal. With a stolen USB flash drive, they can either sell the done homework, or if someone has a paper for a popular class that isn't turned in, actually take the word processing document and call it theirs.
Sorry, but I have to call nonsense on this. Sure, there are people who steal flash drives. They get the drive, and that's benefit enough - any electronic dividends are just icing.
But to posit that there are people who specifically look to steal USB drives so they can sell the done homework (do they take orders? is there a clearinghouse?) or by wild coincidence exploit the tiny window between a paper being due and a student writing it (which is no more than 24 hours most of the time!) coupled with the coi
Sell a USB drive that's approximately 2 feet by 2 feet by 4 feet in size. The drive will consist of a radiation-shielded box. Inside, there's a flask filled with poison, and a hammer connected to a Geiger counter. There's also a cat with a heart monitor. If the flask breaks and the cat dies, then the drive will self-destruct.
I believe the self-destruct is triggered by unauthorized attempts to access. While your way is cheaper I suspect that rubber banding your usb drive to a hammer with a note that says "In case of theft please smash drive" is somewhat less effective due the lack of ethics most thieves posses.
Funny, instead of paying extra, I'd just use a hammer, or a desk drawer, or if in a real pinch my two hands to break the thing apart. Unless you're James Bond, I don't see how most folks would need any more than this, and if they do need more, they already have it.
But that's who this is geared towards. The people that are carrying around data that is incredibly sensitive. Why these people are carrying it around on a thumb drive is a much bigger question, really, if you don't want it cracked, you shouldn't be carrying it on a portable easily lost/stolen medium.
How would you transport a few gigabytes to a new location? FTP? External HD. DVD? And very large number of floppies? I take my source code home with me on a USB drive. I currently encrypt it but I could see this being even better.
Maybe there's some straightforward* way to hack your USB drivers so that the only devices they support are self-destructing drives, but if not then I'd prefer any computer with data sensitive enough to need this drive not to have the ability to mount any USB drive. You just need to look at the British civil service to see what happens when it's possible to dump your database to an unencrypted physical medium and then leave it on the train / lose it in the post.
How would you transport a few gigabytes to a new location? FTP? External HD. DVD? And very large number of floppies? I take my source code home with me on a USB drive. I currently encrypt it but I could see this being even better.
I am partial to the classic solution: Microfilm in a hollow tooth
SVN and do an update anytime you get to a new location. It's how I work on code across 6 computers. Why didn't someone teach me about this subversion stuff earlier?
Unless you're James Bond, I don't see how most folks would need any more than this
There are all kinds of legal environments, outside of national security, where you need better certainty of destruction of data than "it looked broken to me" (e.g., HIPAA).
and if they do need more, they already have it.
Maybe, maybe not. Places that are subject to rules that would require additional security sometimes simply don't do particular things that might be useful from an operational convenience perspective since the to
Flash drives are a big no-no in the federal government and military. If something is so sensitive that it needs this kind of encryption wrapped in dynamite, then it should not be walking around on a USB drive. Dumb dumb dumb.
Flash drives are a big no-no in the federal government and military. If something is so sensitive that it needs this kind of encryption wrapped in dynamite, then it should not be walking around on a USB drive. Dumb dumb dumb.
True... but not everyone who requires security is a government spook. For most of us non-spooks, this thing has merit.
USB key drives are banned. There is even software loaded onto the machines, by default, that detects if you've inserted a key drive (and can tell the difference from a USB hard drive) and reports you to the IS guys.
If you do this, you get yelled at, your computer gets scanned and scrubbed, and it can even affect your clearance.
I'm using an Ironkey at work (have been for about 2 years now) and the thing has been rock solid. However, the main reason I selected it is that it's the only key that I've had the opportunity to trial which is both FIPS 140-2l2 compliant *AND* supports Linux.
I use it with WinXP and MacOSX daily and yes, they do ship with "alpha" Linux drivers. Not full support like Win* but enough to read and write the encrypted data, which is all I really use.
Although the company claims that you can now "initialize" a key on MacOS, all the versions I've used required an initial bootstrapping under Windows before being cross-platform usable.
It practically doubles the cost of the drive if you're a standalone user with no job involving computers; for me, it was very easy to go over to my officemates' desk and initialize it on his Windows machine.
Also, I did a pretty good amount of work using the IronKey inside a VM. Using VMWare Fusion in MacOSX Leopard and a Windows XP VMWare image, I was able to mount the key inside the Windows image and do an initialization successfully. One thing I did notice was that when doing so, it would always unmount
I understand thinkgeek and slashdot are sister companies, so this post is more of an ad, but is the only thing different here the revision or level of certification, or is there something else newsworthy on this from a tech standpoint? Ironkey has been on thinkgeek for like a year, and the self destruct and other features have all been in this product for a long time.
This is such old news that it's ridiculous. Furthermore, this is a ridiculously overpriced toy that breaks itself. No thanks...if I have data that someone wants to hack by opening up my thumb drive, then I shouldn't be carrying it on a thumb drive in the first place. Everything else this is just ridiculous and expensive overkill.
The new version of the Mission Impossible self-destructing tape player. However, how many spoofs has been made to this "self-destruction" capability so I wonder what if your USB key self-destructs accidentally in your pants pocket will it fry your gonads.
I keep wanting to build a flash drive with a thermite filler and some kind of rip-strip fuse that you could just yank on hard to set it off.
No offence to IronKey, but how do you know that it's really, really, destroyed your data beyond recovery? Maybe it just locks out the disk controller. A small heap of smouldering slag is much more definitive.
Now, if you could combine the thermite with their remote wipe protocols......
- Secure key management -encryption keys are born on the device in the Cryptochip and bound to the device - Hard-wired encryption key self-destruct defenses and electromagnetic shielding of the Cryptochip
which I interpret as saying that only the key is wiped, while the actual data remains on the drive. If you've somehow managed to snarf the key before it was wiped, or if you're really cool and can break AES-256, you're good to go.
You're impressed that they coated the circuit board with black epoxy? The only impressive thing about that is they use so little power that heat transfer isn't an issue.
You're impressed that they coated the circuit board with black epoxy? The only impressive thing about that is they use so little power that heat transfer isn't an issue.
Indeed. Get back to us when they have a Level 4 product - that's what all the big boys use.
Man! That reminds me of the scene from "This is Spinal Tap" where the musician is discussing why his amplifier is better because you can turn it up to level 11!
Er, why is this news? This exact item [thinkgeek.com] has been on sale at ThinkGeek for a couple years, now. Self-destruct capabilities and everything.
I've been administering and deploying "self-destructing" USB drives for several years!
After about a year, the drive stops working and all the data is gone. It's always the one the boss was using and it's always some important file that he didn't have a copy of somewhere else, so it is very consistant in that one regard.
Encryption is just as good as self destruction (Score:4, Informative)
Re:Encryption is just as good as self destruction (Score:5, Funny)
Parent
Re: (Score:2)
Will my brain emit a puff of smoke if it self-destructs?
Re: (Score:3, Interesting)
Hit yourself on the head with a crowbar, making you forget the password. Problem solved.
Maybe the information-hiding-people don't want to potentially allow themselves to be subjected to information-gathering techniques (*ahem* torture) by knowing the password. It's easier to just have the data destroyed after a certain period of time. Once it's gone, you don't have to forget a password and you don't have any password to be persuaded to remember?
Re:Encryption is just as good as self destruction (Score:5, Funny)
Encryption can easily be beaten by thermorectal cryptoanalysis (http://en.wikipedia.org/wiki/Rubber-hose_cryptanalysis).
Parent
Re:Encryption is just as good as self destruction (Score:5, Insightful)
didn't xkcd [xkcd.com] teach you anything about encryption?
Parent
Re:Encryption is just as good as self destruction (Score:5, Insightful)
So you think that will make the evil ones stop torturing the password out of you? They'll use that same crowbar to make you remember it! ^^
(Interlude: WTF. I have my adblocker disabled for the first time in months, and the first thing I see, is an Ironkey banner. Truly a slashvertisement.)
The point is, that the keyfile on your USB key is encrypted with your password. So if you destroy the keyfile, which would open your encrypted safe, your password gets useless. You could scream it to the whole world. It wouldn't matter. Nobody could open that thing now. Not even you.
And that is why you never let someone know that you want access to his system. ^^
Just use a keylogger, or a trojan horse, and be good. Become a cleaning person in that place. Or gain some trust otherwise.
If you need it: There are some internal CIA agent training manuals on the net, that can teach you this. Or if you can speak Russias, I recommend some Russian forums. ^^
Parent
Re:Encryption is just as good as self destruction (Score:5, Informative)
The advantage of having it drop access to the data after a certain amount of tries is the same reason people use cryptographic tokens -- brute forcing a passphrase becomes a non issue.
There is another feature of the IronKey that isn't mentioned -- encryption on a machine, say at a student computer lab, but without requiring administrative rights to access the data. A lot of schools disallow admin access, and this is required to mount virtual volumes (TrueCrypt, BestCrypt, PGP, etc.) Having software to allow access to the drive that never needs to leave user space is a good thing in these cases.
IronKey does have a market. Especially for students at larger universities where there are people who lurk in the 24 hour computer labs just looking for a USB flash drive to steal. With a stolen USB flash drive, they can either sell the done homework, or if someone has a paper for a popular class that isn't turned in, actually take the word processing document and call it theirs. The downside is that the distinctive metal case does lure thieves, but the user has to figure out a balance. To the user, is the data on the drive worth the price premium, especially if the data can be used by a thief or extortionist? This applies to faculty too. I'm sure there are those who would be more than happy to sell any test or quiz data that was gleaned from a USB flash drive swiped from a faculty lab.
Another use for these USB flash drives is delivering to a customer something extremely confidental (such as TrueCrypt keyfiles or one time pads) that will be used for future communication of large volumes of data. For example, the customer gets the passphase from a rep, while a secure courier drops off the IronKey. This way, the data never crosses the Internet.
Parent
Re: (Score:3, Insightful)
Especially for students at larger universities where there are people who lurk in the 24 hour computer labs just looking for a USB flash drive to steal. With a stolen USB flash drive, they can either sell the done homework, or if someone has a paper for a popular class that isn't turned in, actually take the word processing document and call it theirs.
Sorry, but I have to call nonsense on this. Sure, there are people who steal flash drives. They get the drive, and that's benefit enough - any electronic dividends are just icing.
But to posit that there are people who specifically look to steal USB drives so they can sell the done homework (do they take orders? is there a clearinghouse?) or by wild coincidence exploit the tiny window between a paper being due and a student writing it (which is no more than 24 hours most of the time!) coupled with the coi
Re: (Score:3, Insightful)
The identity manger also allows you to log into sensitive sites without worrying about keystroke loggers.
If there is a hardware keystroke manager on a machine that you plug the ironkey into, or even a USB data monitor, your IronKey password is their's.
If a machine is compromised, and you plug this into that machine, your data is compromised as soon as you unlock it.
Rip-off (Score:3, Funny)
why would i pay $199 for that when i could buy a cheap USB drive and a hammer to break it with for less than $10?
Re:Rip-off (Score:5, Insightful)
If you can break it with a hammer remotely, you should really be selling that capability- pretty sure someone would want to buy it.
Until then, the self destruct does work remotely.
Parent
Re:Rip-off (Score:5, Funny)
Here's my idea:
Sell a USB drive that's approximately 2 feet by 2 feet by 4 feet in size. The drive will consist of a radiation-shielded box. Inside, there's a flask filled with poison, and a hammer connected to a Geiger counter. There's also a cat with a heart monitor. If the flask breaks and the cat dies, then the drive will self-destruct.
Would you be willing to buy my product?
Parent
Re:Rip-off (Score:5, Funny)
Parent
Where's the market? (Score:3, Interesting)
Re: (Score:2)
Re:Where's the market? (Score:5, Insightful)
How would you transport a few gigabytes to a new location?
FTP?
External HD.
DVD?
And very large number of floppies?
I take my source code home with me on a USB drive. I currently encrypt it but I could see this being even better.
Parent
Re: (Score:3, Informative)
Maybe there's some straightforward* way to hack your USB drivers so that the only devices they support are self-destructing drives, but if not then I'd prefer any computer with data sensitive enough to need this drive not to have the ability to mount any USB drive. You just need to look at the British civil service to see what happens when it's possible to dump your database to an unencrypted physical medium and then leave it on the train / lose it in the post.
For security-conscious home users it's great. F
You're on to something! (Score:2, Funny)
I vote for the floppies. How about 5.25" 360k. 3 to 9 thousand of them!
How many people can read those nowadays?
Re: (Score:3, Funny)
How would you transport a few gigabytes to a new location?
FTP?
External HD.
DVD?
And very large number of floppies?
I take my source code home with me on a USB drive. I currently encrypt it but I could see this being even better.
I am partial to the classic solution: Microfilm in a hollow tooth
Re: (Score:2)
SVN and do an update anytime you get to a new location. It's how I work on code across 6 computers. Why didn't someone teach me about this subversion stuff earlier?
Re: (Score:2)
Re: (Score:2)
Actually a hammer may not be good enough. There are some very strict rules for medical records and financial data that this could be useful for.
The Market (Score:5, Insightful)
Personally, there are a great number of wildly popular products for which I am not in the market.
Parent
Re: (Score:2)
There are all kinds of legal environments, outside of national security, where you need better certainty of destruction of data than "it looked broken to me" (e.g., HIPAA).
Maybe, maybe not. Places that are subject to rules that would require additional security sometimes simply don't do particular things that might be useful from an operational convenience perspective since the to
What a bad idea (Score:2)
Re:What a bad idea (Score:4, Informative)
Correct.
In many branches, they are currently banned, largely because of the viral vector issue.
Parent
Re: (Score:3, Interesting)
True... but not everyone who requires security is a government spook. For most of us non-spooks, this thing has merit.
Re: (Score:3, Interesting)
We don't have a compromise where I work.
USB key drives are banned. There is even software loaded onto the machines, by default, that detects if you've inserted a key drive (and can tell the difference from a USB hard drive) and reports you to the IS guys.
If you do this, you get yelled at, your computer gets scanned and scrubbed, and it can even affect your clearance.
What!?! (Score:2)
Re: (Score:2)
Re: (Score:2)
A much better option is a palm vein scanner. It needs a live hand for a 3-d image of warm veins.
Smoke (Score:5, Funny)
Ironkey also supports Linux! (Score:5, Informative)
I'm using an Ironkey at work (have been for about 2 years now) and the thing has been rock solid. However, the main reason I selected it is that it's the only key that I've had the opportunity to trial which is both FIPS 140-2l2 compliant *AND* supports Linux.
I use it with WinXP and MacOSX daily and yes, they do ship with "alpha" Linux drivers. Not full support like Win* but enough to read and write the encrypted data, which is all I really use.
Although the company claims that you can now "initialize" a key on MacOS, all the versions I've used required an initial bootstrapping under Windows before being cross-platform usable.
Re: (Score:3, Informative)
It practically doubles the cost of the drive if you're a standalone user with no job involving computers; for me, it was very easy to go over to my officemates' desk and initialize it on his Windows machine.
Also, I did a pretty good amount of work using the IronKey inside a VM. Using VMWare Fusion in MacOSX Leopard and a Windows XP VMWare image, I was able to mount the key inside the Windows image and do an initialization successfully. One thing I did notice was that when doing so, it would always unmount
Re: (Score:3, Insightful)
Since I don't have any copies of that software, it pretty much doubles the cost of the drive
Go to a cybercafe?
unvi (Score:3, Informative)
Wow (Score:2)
Mission Impossible (Score:3, Funny)
The new version of the Mission Impossible self-destructing tape player.
However, how many spoofs has been made to this "self-destruction" capability so I wonder what if your USB key self-destructs accidentally in your pants pocket will it fry your gonads.
Thermite (Score:3, Insightful)
I keep wanting to build a flash drive with a thermite filler and some kind of rip-strip fuse that you could just yank on hard to set it off.
No offence to IronKey, but how do you know that it's really, really, destroyed your data beyond recovery? Maybe it just locks out the disk controller. A small heap of smouldering slag is much more definitive.
Now, if you could combine the thermite with their remote wipe protocols......
A hacker challenge (Score:5, Insightful)
what iron key should do is go to DEFCON with a bunch of these drives and then run a contest
If you can crack the drive you get some obscenely large amount of money
how to run the contest fairly
have the contents of the drive detail how to get to an offshore account with the prize money
So Ironkey how much you want to bet this key is "secure"
Strictly speaking, it doesn't self-destruct (Score:3, Interesting)
which I interpret as saying that only the key is wiped, while the actual data remains on the drive. If you've somehow managed to snarf the key before it was wiped, or if you're really cool and can break AES-256, you're good to go.
Re:Nerdgasm (Score:5, Informative)
Parent
Re: (Score:2)
Re:Nerdgasm (Score:4, Interesting)
You're impressed that they coated the circuit board with black epoxy? The only impressive thing about that is they use so little power that heat transfer isn't an issue.
Indeed. Get back to us when they have a Level 4 product - that's what all the big boys use.
Parent
Re:Nerdgasm (Score:5, Funny)
Parent
Re: (Score:3, Informative)
"The only USB key to be banned by the TSA" -- product advertisement
Come now, the Swiss Army Flash Knife [thinkgeek.com] is most certainly considered a WMD by the goon squad.
Re: (Score:2)
Man! That reminds me of the scene from "This is Spinal Tap" where the musician is discussing why his amplifier is better because you can turn it up to level 11!
Re: (Score:3, Interesting)
Re: (Score:3, Funny)
I've been administering and deploying "self-destructing" USB drives for several years!
After about a year, the drive stops working and all the data is gone. It's always the one the boss was using and it's always some important file that he didn't have a copy of somewhere else, so it is very consistant in that one regard.