Slashdot Mirror

← Back to Stories (view on slashdot.org)

Encrypted USB Key With TOR, Firefox

Posted by kdawson on from the and-a-pony dept.

An anonymous reader writes "Gizmodo has a writeup on the new IronKey — a self-destructing, hardware-encrypted and -authenticated USB flash drive with on-board secure Firefox, high-speed TOR network, password manager, and online encrypted backup. Here is the demo page. $79 for a 1GB, $149 for 4GB." Ironkey works on XP and Vista only. Let's hope its self-destruct feature works better than Secustick's.

10 of 170 comments (clear)

  1. Useless because of host security by iamacat · · Score: 4, Insightful

    If you don't trust the host machine, it can log the password, read/alter your data after the valid password is entered and even maliciously destroy your data by simulating 11 wrong authentication attempts. If you do trust the host, there is little point in hardware encryption/authentication. And if your flash drive is physically stolen, it's enough to have plain software file encryption. Sounds like a solution in search of users who misunderstand the problem.

    1. Re:Useless because of host security by TubeSteak · · Score: 2, Insightful

      If you do trust the host, there is little point in hardware encryption/authentication. The point of having onboard hardware encryption is that you don't need to install a decryptor on someone else's box.

      I generally agree with the rest of your points though.
      --
      [Fuck Beta]
      o0t!
  2. Re:10 tries? by Kazymyr · · Score: 2, Insightful

    Who modded this funny? It's actually very sound advice.

    --
    I hadn't known there were so many idiots in the world until I started using the Internet -Stanislaw Lem
  3. Re:Why The Fuck are such things MS-only? by Ant+P. · · Score: 2, Insightful

    The simple answer is that Linux already has far better security tools that a novelty like this can never match.

  4. pointless security by bl8n8r · · Score: 2, Insightful

    While you're decrypting your Sup3rs3kr3t w4r3z on the usb key, any malware* you haven't found yet is potentially logging every keystroke. You need to choose windows, or security; you really can't have both.

    [*] - http://www.emsisoft.com/en/malware/?Adware.Win32.P owered+Keylogger

    --
    boycott slashdot February 10th - 17th check out: altSlashdot.org
  5. Re:10 tries? by fastest+fascist · · Score: 2, Insightful

    Why would anyone suspicious of destructive countermeasures try the password even once? They'd know the chances of guessing the password are infinitesimal, and the risk of losing data high. Such an adversary would move directly to alternative methods, and again, it doesn't matter if it would take 10 tries or one try to wipe the drive.

  6. Re:I use Fearless Browser by Hatta · · Score: 2, Insightful

    A keystroke logger in the host OS or hardware could still be catching your passphrase.

    --
    Give me Classic Slashdot or give me death!
  7. Only works if someone doesn't know what it is by BlueCoder · · Score: 2, Insightful

    In all reality you wouldn't plug it in, you'd take the thing apart and dissolve the black goo. Then you would proceed with a hardware attack, reading the contents of the flash memory out and then attempt to crack the memory file.

    Only if the attacker doesn't know what the memory stick is will it be able to erase itself.

  8. Re:Sound? by iminplaya · · Score: 3, Insightful

    Better not to have the blueprints than let the enemy have them.

    Is that code for "keeping your wife out of your porn collection"?

    --
    What?
  9. Ok, but what if... by 8ball629 · · Score: 2, Insightful

    What if the computer has a keylogger and it logs the password that unlocks your data? Am I missing something?