Encrypted USB Key With TOR, Firefox 170
An anonymous reader writes "Gizmodo has a writeup on the new IronKey — a self-destructing, hardware-encrypted and -authenticated USB flash drive with on-board secure Firefox, high-speed TOR network, password manager, and online encrypted backup. Here is the demo page. $79 for a 1GB, $149 for 4GB." Ironkey works on XP and Vista only. Let's hope its self-destruct feature works better than Secustick's.
If it works (Score:2)
I bet it gets cracked within 30 days.
Re: (Score:2)
Actually most of the spies I know take a low tech approach to the job. Far better just to email the stuff to your own hotmail account, than to have it on you in a potentially crackable form.
"flash-trash" technology notwithstanding
Mmmm? (Score:4, Funny)
Re:Mmmm? (Score:5, Funny)
Yes dollink -Natasha Fatale
Re: (Score:3, Funny)
Re: (Score:3, Funny)
And the government spied on me through the television until I bought 20 square yards of copper screen to wrap around my sofa. I got the plans from a guy on IRC.
And voices are telling me Astro Boy is Jesus.
Re: (Score:2)
Re: (Score:2)
If anybody is interested enough to make the attempt. Which may not be the case. A lot of bad security is never broken, because nobody cares enough.
Re: (Score:3, Funny)
Oh, that's why there isn't any malware for MacOSX/Linux. I knew there was nothing to that OSS->Security arguments.
Re: (Score:2, Informative)
Re: (Score:2)
Just wanted to say that (unlike lots^Wsome of the comments here) I think your device is a great idea. I'm especially excited to see a laser-keyboard version but I'll probably get one if you release a version that has a rotary or button password system on the device itself...
Cheers, dch24
How long until it is illegal to possess one? (Score:5, Interesting)
Re: (Score:3, Informative)
10 tries? (Score:5, Funny)
For better security, type the wrong password nine times before you take it on the plane.
Re: (Score:3, Insightful)
Sound? (Score:2)
Artificially reducing the re-try count to 1 seems to increase risk of data loss with negligible increase in security...but I'm no security expert.
Re: (Score:2)
God, we're such geeks. Yes, data loss=bad, but in this case, data loss would be kind of the point. Better not to have the blueprints than let the enemy have them.
Re: (Score:3, Insightful)
Is that code for "keeping your wife out of your porn collection"?
Re: (Score:2)
Re: (Score:2)
<sarcasm>Is that what most of the spies [slashdot.org] you know do?</sarcasm>
Honestly, why not just configure it to destruct after 1 failed password? (Note: I know nothing of the product, but if you can't configure this, then it is a waste. 10???????? attempts? Great if you have a non-TLA agency trying to crack it, or the person isn't working with a list of your likely passwords.
Re: (Score:3, Informative)
Re: (Score:3, Funny)
NOOO... who told you? I mean, I hate Megatron... Are favorite Pokemon any more secure?
Re: (Score:2)
Honestly, why not just configure it to destruct after 1 failed password?
I've experienced a few cases where I mistyped a password that I did know. This resulted in an account lockout (and thus preventing me from doing some of my work properly), as I took around three attempts. Normally, typing in a password is not an issue, but if you are tired, hyperactive or confused, you will encounter this problem.
Also, if you have an acceptable-strength password (e.g. random alphanumeric of 8 characters), there's no practical difference in security between 1 attempt and 10 attempts. A
Re: (Score:2)
Re: (Score:2)
So 9 times is correct -- if the next attempt fails, you want the contents cleared before the device can be attacked through other means (like a bitwise copy, brute forced against the key itself, without running any of the software on the key; or, like exploiting file system weaknesses, or even using a backdoor key which NSA an
Re: (Score:2, Insightful)
Spy vs. Spy (Score:2)
Or because of human curiosity which will probably make quite a few people try despite orders to the contrary?
That said, if it's a government that's after you, you're probably better off with a dead mans switch, where the content will auto-erase unless the device has been logged into during the last day. My guess is that most
XP and VISTA only (Score:5, Funny)
Remember, it's only secure as long as you don't plug it in.
I know, I know. I kid.
Re:XP and VISTA only (Score:5, Funny)
Re: (Score:2)
If the latter, then yes, this *is* a joke. If the former, if the hardware documentation is released to open source groups and drivers written, this might not be so bad...
Useless because of host security (Score:5, Insightful)
Re:Useless because of host security (Score:5, Informative)
Re:Useless because of host security (Score:4, Interesting)
I, however, am looking for a USB key with the encryption and password entry built into the key itself. I am looking to enter the password or fingerprint on the device. That way, I am not dependent on the host. The drive could allow mounting after the biometric or password are supplied to it, and present a FAT32 volume, which would mount on any OS. I am looking for a portable solution.
Re: (Score:2)
Tell me, what does it matter if the decryption is in the hardware if you send the password through the USB stack ? How will
Re: (Score:2)
Uhm, I'd pick software dependance over hardware dependance any day. Software is easier to patch and maintain, if a vulnerability is found there is a higher chance you can fix the software than the hardware. If it is open source you have mor insight into what it actuallyd does etc.
Re: (Score:2)
Re: (Score:2)
Re: (Score:3, Insightful)
I generally agree with the rest of your points though.
Re: (Score:2)
Re:Useless because of host security (Score:5, Informative)
Failing that, I'd go with something which uses commodity, standard, and commonly available technology at the lowest level possible. It's PROBABLY the case that a DVI monitor is not bugged; much less likely that a random DVI monitor at a net cafe is itself secure than that the host OS is secure.
The host OS and applications installed are by far the weakest link. I carry a laptop everywhere, but the next step down from that is a bootable USB flash drive with your choice of secured OS installation on it. It's easy enough to implement disk encryption.
It is also fairly straightforward to use "write only" public key cryptography (i.e. each time you save your work, encrypt it with a public key, the private key for which is held on trusted hardware at home).
The only customization I'd do to the USB dongle would be for protecting the keying data -- some way to mount a / partition, but have a data partition which is encrypted with PKC held on the USB device, with only the passphrase being entered into the local PC, rather than an actual key entered via the host PC. This in practice only gives you marginally better security, as if you used a hardware-trojaned PC (or vmware installation...) to boot your USB device, that trojaned machine could just copy the relevant data out of your USB key.
There are a lot of "procedural" ways to improve security with this USB boot thing. Maybe have multiple partitions, each with different keys, per project or security level. If you're at a machine belonging to client A, and need access to client A files, you can stick your USB in a client A machine, boot, and then only unlock the client A partition on the USB. Or if you just need basic secure computing, but not access to your stored files, you could just unlock the OS partitions, leaving your own data partitions encrypted. Or, just buy multiple USB keys, and stick the least important key into the machine that is needed to accomplish your task.
Re: (Score:2)
Re: (Score:2)
It's a little more difficult to keep changing passphrases for bulk encrypted data stored locally, and a lot of the value of a USB drive vs. network storage is offline or limited-bandwidth use. (otherwise, just store all your sens
Re: (Score:2)
I was more thinking about a situation where you actually have to copy the data over to a local storage device without watching the data itself while protecting the source. S/Key and OPIE only do the latter. A bugged monitor or bugged keyboard is not a viable attack against such situation. A bugged USB
Re: (Score:2)
Give me a USb key with incredibly hard to break encryption and a linux live CD. barring someone installing a keylogger INSIDE the machine it's safe. and there are ways to get around that as well, on screen keyboard for example.
Re: (Score:2)
Sounds good, but is bad as well. Frist there are keyboard-based hardware keyloggers. Second, whow do you know you are not booting into a virtual machine? With the PC actually waking from hibernation instead of booting clean? I bet the effort to rig this would be quite reasonable.
Re: (Score:2)
Yeah, they would just have to dust the same keyboard that had a logger installed for your fingerprints.
Re: (Score:2)
The number of people that understand security/encryption/related is very small. I don't think I qualify as being knowledgeable. Anyways, it's a big potential market out there, those that don't know any better.
Re: (Score:2)
And you shouldn't, because it runs Windows. All Microsoft-bashing and fanboyism aside, Windows just cannot be trusted.
Re: (Score:2, Informative)
Re: (Score:2)
1. Faster. Now qualify this - did you run benchmark against a SSE3-optimized software implementation running on 2.33Ghz Core 2 Duo? Does the later really performs AES slower than the speed of USB2 or read/write speed of your flash hardware?
2. Hardware-based self-destruct
Disadvantages of IronKey:
1. No way for the user to supply their own algorithm other than AES - say if they distrust US go
Re: (Score:3, Informative)
It's so trivial to implement security on a flash drive that's fully cross platform.
When you insert the drive, mount a basic filesystem with an empty file in it called "password.in". Then all you have to do is:
echo 'yourfr3ak1npa$$w0rd!!11' >
upon which the "virtual" filesystem on the drive will receive the password and present a new USB storage device, the unlocked filesystem.
This implementation will work on any platf
Re:Useless because of host security (Score:4, Informative)
Re: (Score:2)
Re: (Score:2, Informative)
Re: (Score:2)
Re: (Score:2)
Just so. A compromised system.
High speed Tor (Score:2, Funny)
I thought, OMG! I want, NOW!!
Bootable Debian on USB key with root encryption? (Score:5, Informative)
Re: (Score:2)
pointless security (Score:3, Insightful)
[*] - http://www.emsisoft.com/en/malware/?Adware.Win32.
Hmmm (Score:3, Informative)
Everyones the miracle device (Score:5, Interesting)
I try my best to prevent false claims in our advertising, things like 'Your data is completely secure' falls into the false catagory as far as I'm concerned.
We've had two major companies asking us for secure USB devices to hold sensitive personal information, one of which was medical related, the other of which I dont recall right off the top of my head. Both of these places wanted software you could install on ANY flash drive, would encrypt all the data on it, would prevent the data from ever being copied off to another device, harddrive or whatever, and of course would automatically destroy itself if too many incorrect passwords were given.
Needless to say we were unable to help them, or even explain to them that what they were asking for is not currently possible. This is probably a failure to communicate on my part, but the real scary part is they went with other companies who claimed they could do it! Just to be clear, this was a software only solution running on any PC with the data on any flash drive.
Makes me wonder if we should start letting the BS flow in order to boost sales
This is old news.. (Score:5, Informative)
I did a talk for my local LUG [eclug.net] back in September of 2006 describing exactly how to do this [eclug.net] using TrueCrypt [truecrypt.org] for Linux and Windows
I described in detail how to install, boot and use the USB key as a bootable Linux distribution, and also how to use the USB key in Windows (or Linux) with TrueCrypt, using some fancy tricks to auto-prompt for the password upon insertion of the key, how to use a slew of PortableApps on the key, and even a launchable menu to find and access them.
This was almost a full year ago. IronKey, whatever it is, is nothing new.
High-Speed TOR Network (Score:2)
There is such a thing? I mean in terms of latency?
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Typically self-destruct is bogus... (Score:4, Informative)
According to the website, it does a "flash trash". This is insecure. Flash writing is relatively slow and draws a lot of energy. This allows stopping and preventing writes to flash. Also, unless they use special flash chips, the same hack as with the Secustick will work. Again, for the price I do not see them getting a specially bonded or manufactured Flash chip. Even if they do, desolder the chip and read it directly. You can then clone it for unlimited attack attempts.
I ecpect this will be relatively easy to break, just as the Secustick, i.e. at best a small step above a conventional stick encrypted, e.g., with TrueCrypt.
Re: (Score:2)
There's a big difference in attacking a one-off device vs. recovering something like the decoder keys from a bluray player where ANY single device is sufficient.
(I wonder if they potted it more for mechanical durability than for security, however)
Basically, if it's not FIPS
Re: (Score:2)
Takes patience, that is all. And you can get theones to practice on quite cheaply. However the epoxy will possibly prevent published break-ins, since nobody wants to spend the effort.
Basically, if it's not FIPS 140-2 Level 4, it's crap. No solely bus-powered device will mee
Re: (Score:2)
DS did this with the iButton, and that can fit inside the USB key form factor.
You might be able to get an ultracapacitor now which would power tamperdetect/destroy circuits for a few days at a time, and recharge when on USB. I'd be fine with a device which needed to be plugged into USB e
Must have battery... (Score:2)
Just destroying the escrow keys is not enough. Doubt they are using really heavy crypto such as the AES-Twofish-Serpent I use fo r my TrueCrypt backups... after all they are using a relatively moderate performance microcontroller for the OTF decryption.
Like the crypto descript
Re: (Score:2)
Doubt they are using really heavy crypto such as the AES-Twofish-Serpent I use fo r my TrueCrypt backups... after all they are using a relatively moderate performance microcontroller for the OTF decryption.
I don't know what they're using, but there's no reason they can't be using AES. AES is a very efficient algorithm, significantly faster in software (or hardware) than DES, and low-performance microcontrollers have been able to perform 3DES in software with acceptable performance for over a decade. Performance was one of the key requirements for AES and, in fact, the cipher selected (Rijndael) was the fastest of the serious competitors.
Re: (Score:2, Interesting)
You are right that without a battery we cannot reliably delete the gigabytes of encrypted data if the device is immediately pulled out of a power supply and never re-inserted into another computer. This would only happen with a very determined and knowledgeable attacker. In such case, their recourse is to disassemble the device and try to attack AES encrypted data.
Because the AES keys are randomly generated, and
Re: (Score:2)
So if you
Re: (Score:2)
Your claime may well be true, but without hard facts, they are nit really distinguishable from the ijdustry-standard snake-oil.
And there are quite a few fancy attacks against hardware, that do not use power measurements...
Re: (Score:2)
I wouldn't go that far. A level 3 device would be more than adequate for most people.
Re: (Score:2)
There's also "designed to meet" vs. "certified". I'd be fine with level 3 cert, designed to meet 4, at least in most areas.
Re: (Score:2)
I use Fearless Browser (Score:5, Informative)
Re: (Score:3, Insightful)
Re: (Score:2, Informative)
They have a bare metal version [moka5.com] that boots directly off the stick, so you don't need to worry about a compromised OS. I keep all my passwords stored in the Fearless Browser, encrypted with a main password. A hardware keylogger will only be able to capture my USB stick password, which is useless without my USB stick. It's an easy way to do two-factor authentication.
Only works if someone doesn't know what it is (Score:3, Insightful)
Only if the attacker doesn't know what the memory stick is will it be able to erase itself.
Re: (Score:3, Informative)
The AES keys are not accessible, because they are not stored in the flash memory, but rather in our cryptochip which is tamper-resistant. The AES keys are not based on a password (they are generated by a random number generator), thus they are v
Ok, but what if... (Score:2, Insightful)
You? (Score:2)
Re: (Score:2)
You can kludge this now by using a cellphone + blue
Advertised Via SPAM (Score:2, Informative)
IronKey FAQ and Crypto White Paper (Score:5, Informative)
Re: (Score:2)
Re: (Score:3, Insightful)
Re: (Score:2)
Because the kind of user who is aware of the issues at stake can recognise a pointless gadget when he sees one and knows he's far better off with something like TrueCrypt [truecrypt.org]?
Re: (Score:2, Funny)
Re: (Score:2)
Because said users will also quickly identify this product as snake oil.
Re: (Score:2, Informative)
Re: (Score:2)
For that price I would be willing to build you one, if you take at least 1GB size. Not too hard: A small, dedicated Linux computer, batteries, a strong steel box with light, shock and some other sensors, filled with epoxy and a keyboard on the outside. Tamper with it or enter your password wrongly several times and the power in the batteries is used to clear the encryption key in SRAM.
Still not very high security and
Re: (Score:2)
However, until there is a way to enter the password that is not on the physical host, I'm not sure what security this provides (other than being allowed to run as a non admin user) over TrueCrypt in Traveller mode.
Re: (Score:2)
Any info on which foundry/process/etc.? I assume at the $149 price point it's a custom chip.
Private TOR nodes Re:I smelled bullshit (Score:2, Informative)
Re: (Score:2, Funny)