Lexar JumpDrive Password Scheme Cracked
Saint Aardvark writes "Lexar describes the
JumpDrive Secure as "loaded with software that lets you password-protect
your data. If lost or stolen, you can rest assured that what you've
saved there remains there with 256-bit AES encryption." @stake
has a different take: The password can be observed in memory or
read directly from the device, without evidence of tampering." And
best of all, the punch line: "[The password] is stored in an XOR
encrypted form and can be read directly from the device without any
authentication." That's why I use ROT-13 for my encryption needs."
Three years to get .01% of the way done cracking this before someone realized it was ROT13. ;)
EVERYTHING violates the DMCA. Everything. Even talking about violating the DMCA violates the DMCA.
"I'm just here to regulate funkiness."
That's what happens when you get your security developers from the Cue::Cat Development team. Wasnt' their 'encryption' just XOR or something similar?
It allows those who forget their passwords to quickly access the 'lostpaswd?' file, saving on support calls.
The number one rule of talking about the DMCA and archiving the results, encrypted, on a Lexar JumpDrive.
You do NOT talk about DMCA and archive the results, encrypted, on a Lexar Jumpdrive!
And more importantly, do you even know what "redundant" means?
Horseshit. All my data is XORed against itself before it is written to disk. I assure you that you can't crack it.
-Peter
I was always forgetting important things, like the meaning of the word "redundant." But thanks to the Joe Johnson memory system, I can now remember things like the meaning of the word "redundant." Thanks, Jack!
Copyright 2004, Jake Johannson Memory systems.
"I'm just here to regulate funkiness."
I like those people. They're so stupid. I can get chocolate out of them simply by saying "I use the 9 billion names of God for my passwords. I'm up to Shiva".
SJW: a person who perceives an injustice, and while correcting it, commits a greater injustice.
I use ROT-26.
-
What a waste of valuable CPU cycles! Here's a speedup that does the same thing much faster:That should run much faster -- standard library functions are always well-optimized.
Just doing my part for data security.
steveha
lf(1): it's like ls(1) but sorts filenames by extension, tersely
That joke sure was cryptic.
Since no one else is stupid enough to use that pad, it's a one time pad.
Another milestone in encryption technology - One time Pad CRACKED!
Emergency patch: Now they use the Pad "000000000...."
I think you just killed Schrodinger's Cat.