LinkBack URL
About LinkBacksRead more.Hardware-encrypted pen drives available in capacities of up to 256GB, offering USB 3.0 speeds of up to 240MB/s.
Read more.Hardware-encrypted pen drives available in capacities of up to 256GB, offering USB 3.0 speeds of up to 240MB/s.
I'd be interested to know how the encryption works on these, having had problems sourcing good, secure pen drives for customers.
Corsair used to do an nice design with hardware keypad which allowed buttons to be pressed to "unlock" the drive, without any software needed. Not seen anything quite like that since.
I recently had to supply a Lexar Secure JumpDrive, which has proven unsatisfactory. Unless formatted to NTFS, only 4Gb of data could be encrypted, which was useless on a 16Gb drive (customer had 10Gb of data that needed to be encrypted and stored). NTFS for pen drives isn't offered by default, since it seems prone to data corruption on removal (I'd like feedback on this, as to "real world" experience, if possible!).
All in all, I'm still looking for an effective, secure way to store 10Gb on a small, removable device. The data consists of a LOT of small files, which seems to grind most backup programs to a halt (inc SyncToy, and various other Sync apps we have tried).
vaporware. where are the other USB 3.0 flash drives they launched months ago?
Irien, take a look at Corsair's second-generation version of that very drive: http://www.hexus.net/content/item.php?item=22505Originally Posted by Irien
Semo, I believe SCAN.co.uk has them available: http://www.scan.co.uk/Product.aspx?WebProductId=1124557
Brilliant, thanks Parm! As (bad) luck would have it, that news article was posted the day I left for a week-long exhibition thingy down south, with no flippin internet access, so I missed it. (Not willing to pay mega-bucks for hotel-wireless, even for good ole hexus)
Thanks again!
Thanks Parm. I'm more eager for the ExpressDrive or PNQ's USB 3.0 drives which hopefully will be cheaper and smaller. As long as they have decent random r/w performance (1mb/s +) it's good enough for me!
240MB/s
The original corsair drive was barely secure at all, all you had to do was solder a resistor in the right place on the PCB to unlock it. If you want something VERY secure that does encryption properly then consider an Ironkey. I'm cautious to trust devices like this until they've been tested properly - even FIPS testing overlooked a big flaw in most encrypted USB keys (not including Ironkey), something to do with they all used the same encryption key to encrypt the data no matter what password you used i.e. all your password did was unlock that key which was identical on all devices. I think its been fixed now though in updates.
Edit: Hmm I missed that these drives (pro version excluded) use ECB as the mode of operation - that's not a great choice for securing what could be very sensitive data, I mean it's still encrypted but it's relatively insecure compared to other modes of operation. The way ECB works, when using the same key, is that any plaintext encrypted will always output the same ciphertext. This can lead to information leakage when encrypting more than a very small amount of data, and when you consider the size of these drives it's really not the best choice! I won't go into the details as it's easy enough to Google. Take a look at the image here for an example of what I mean, and potentially how big a problem it could be/is: http://en.wikipedia.org/wiki/Block_c...book_.28ECB.29
Last edited by watercooled; 04-03-2010 at 11:55 PM.
I thought it was standard practice to compress all data before encryption to maximise entropy anyway? Surely that would mitigate, to some degree, ECB's shortcomings?
PHP Code:$s = new signature();
$s->sarcasm()->intellect()->font('Courier New')->display();
Compression can help but I'm not sure these drives would implement it. I'm not saying using ECB is pointless or anything I just think it's a poor design choice, especially since most people won't know the difference between it and XTS and how potentially insecure it is. I mean it's probably more than enough for most people and it's more convenient than using software. Yeah, ECB is far easier and so cheaper to implement than XTS and they are offering a version which uses XTS but as I've said most people simply won't know the difference between them and why should they spend more on what they see as exactly the same product? They should emphasize the fact that ECB is nowhere near as secure as XTS but then I guess that's not a great marketing strategy...
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Reply With Quote