Slashdot Mirror

← Back to Stories (view on slashdot.org)

IronKey Unveils Self-Destructing USB Flash Drive

Posted by ryuzaki0 on from the better-than-having-to-eat-it dept.

fysdt writes to share that IronKey has released a USB flash drive with self-destruct capability. Specializing in "secure flash drives," IronKey has launched the S200 aimed at government and enterprise customers, "featuring hardened physical security, the latest Cryptochip technology, active anti-malware and enhanced management capabilities. It's the 'first and only USB storage device to achieve FIPS 140-2, Level 3 validation' and delivers advanced Cryptochip featuring AES-256, tamper-resistance and self-destruction circuitry."

39 of 191 comments (clear)

  1. Re:Nerdgasm by afidel · · Score: 4, Informative

    You're impressed that they coated the circuit board with black epoxy? The only impressive thing about that is they use so little power that heat transfer isn't an issue.

    --
    There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
  2. Encryption is just as good as self destruction by basementman · · Score: 3, Informative

    What's the point of having it self destruct? Encrypt any old flash drive with True Crypt and you have accomplished the same thing at a much lower price. Want to destroy the data? Hit yourself on the head with a crowbar, making you forget the password. Problem solved.

    --
    A Magic the Gathering Article and Forum Aggregator
    1. Re:Encryption is just as good as self destruction by ocularDeathRay · · Score: 4, Funny

      didn't you just read the slashdot front page news that they can hack your brain now? god... pay attention. This is an anti brain hacking device.

      --
      Obama is a twitter sock puppet
    2. Re:Encryption is just as good as self destruction by CannonballHead · · Score: 2, Interesting

      Hit yourself on the head with a crowbar, making you forget the password. Problem solved.

      Maybe the information-hiding-people don't want to potentially allow themselves to be subjected to information-gathering techniques (*ahem* torture) by knowing the password. It's easier to just have the data destroyed after a certain period of time. Once it's gone, you don't have to forget a password and you don't have any password to be persuaded to remember?

    3. Re:Encryption is just as good as self destruction by Cyberax · · Score: 4, Funny

      Encryption can easily be beaten by thermorectal cryptoanalysis (http://en.wikipedia.org/wiki/Rubber-hose_cryptanalysis).

    4. Re:Encryption is just as good as self destruction by Hurricane78 · · Score: 5, Insightful

      So you think that will make the evil ones stop torturing the password out of you? They'll use that same crowbar to make you remember it! ^^

      (Interlude: WTF. I have my adblocker disabled for the first time in months, and the first thing I see, is an Ironkey banner. Truly a slashvertisement.)

      The point is, that the keyfile on your USB key is encrypted with your password. So if you destroy the keyfile, which would open your encrypted safe, your password gets useless. You could scream it to the whole world. It wouldn't matter. Nobody could open that thing now. Not even you.

      And that is why you never let someone know that you want access to his system. ^^
      Just use a keylogger, or a trojan horse, and be good. Become a cleaning person in that place. Or gain some trust otherwise.
      If you need it: There are some internal CIA agent training manuals on the net, that can teach you this. Or if you can speak Russias, I recommend some Russian forums. ^^

      --
      Any sufficiently advanced intelligence is indistinguishable from stupidity.
    5. Re:Encryption is just as good as self destruction by mlts · · Score: 4, Informative

      The advantage of having it drop access to the data after a certain amount of tries is the same reason people use cryptographic tokens -- brute forcing a passphrase becomes a non issue.

      There is another feature of the IronKey that isn't mentioned -- encryption on a machine, say at a student computer lab, but without requiring administrative rights to access the data. A lot of schools disallow admin access, and this is required to mount virtual volumes (TrueCrypt, BestCrypt, PGP, etc.) Having software to allow access to the drive that never needs to leave user space is a good thing in these cases.

      IronKey does have a market. Especially for students at larger universities where there are people who lurk in the 24 hour computer labs just looking for a USB flash drive to steal. With a stolen USB flash drive, they can either sell the done homework, or if someone has a paper for a popular class that isn't turned in, actually take the word processing document and call it theirs. The downside is that the distinctive metal case does lure thieves, but the user has to figure out a balance. To the user, is the data on the drive worth the price premium, especially if the data can be used by a thief or extortionist? This applies to faculty too. I'm sure there are those who would be more than happy to sell any test or quiz data that was gleaned from a USB flash drive swiped from a faculty lab.

      Another use for these USB flash drives is delivering to a customer something extremely confidental (such as TrueCrypt keyfiles or one time pads) that will be used for future communication of large volumes of data. For example, the customer gets the passphase from a rep, while a secure courier drops off the IronKey. This way, the data never crosses the Internet.

    6. Re:Encryption is just as good as self destruction by afabbro · · Score: 2, Insightful

      Especially for students at larger universities where there are people who lurk in the 24 hour computer labs just looking for a USB flash drive to steal. With a stolen USB flash drive, they can either sell the done homework, or if someone has a paper for a popular class that isn't turned in, actually take the word processing document and call it theirs.

      Sorry, but I have to call nonsense on this. Sure, there are people who steal flash drives. They get the drive, and that's benefit enough - any electronic dividends are just icing.

      But to posit that there are people who specifically look to steal USB drives so they can sell the done homework (do they take orders? is there a clearinghouse?) or by wild coincidence exploit the tiny window between a paper being due and a student writing it (which is no more than 24 hours most of the time!) coupled with the coincidence of being in the same class, is pretty unlikely.

      I'm not saying it couldn't happen, or that perhaps it hasn't happened once in the past, but I am skeptical that there are organized rings of "lurkers" in every university's computer lab. I bet 99.99% of flash drives are stolen, looked over ("yawn, Art History notes - and dude, she listens to David Archuleta, LOL!") and formatted.

      --
      Advice: on VPS providers
    7. Re:Encryption is just as good as self destruction by SixGunMojo · · Score: 2, Informative

      Not even close my friend. I've been using one for >18 months and I'll just hit the high points. First there are 2 chips in the Ironkey. The first is a hardware based encryption chip and the second is the actual flash drive. The data on the drive is always encrypted. Also the first won't even mount the second without the proper password (mine is 17 nums, chars, and letters long). You have 10 tries to guess that or the drive destroys all the data. In addition the epoxy they seal them with insures that any attempt to get to the actual flash chips a) damages them heavily and b) also triggers the self-destruct. The second biggie is the on-board browser and identity manager. This gives you the ability to securely surf the web from any computer (I even use mine on my computer whenever I am doing anything financial) and if you are feeling really paranoid you can toggle tor with one click and/or configure Privoxy. The identity manger also allows you to log into sensitive sites without worrying about keystroke loggers. If you really want to see how hardcore this drive is I would suggest you visit their website. To paraphrase an OpenBSD motto: Ironkey the flash drive for the practical paranoid!

    8. Re:Encryption is just as good as self destruction by Maximum+Prophet · · Score: 2, Insightful

      The identity manger also allows you to log into sensitive sites without worrying about keystroke loggers.

      If there is a hardware keystroke manager on a machine that you plug the ironkey into, or even a USB data monitor, your IronKey password is their's.

      If a machine is compromised, and you plug this into that machine, your data is compromised as soon as you unlock it.

      --
      All ideas^H^H^H^H^Hprocesses in this post are Patent Pending. (as well as the process of patenting all postings)
  3. Rip-off by Anonymous Coward · · Score: 3, Funny

    why would i pay $199 for that when i could buy a cheap USB drive and a hammer to break it with for less than $10?

    1. Re:Rip-off by caerwyn · · Score: 4, Insightful

      If you can break it with a hammer remotely, you should really be selling that capability- pretty sure someone would want to buy it.

      Until then, the self destruct does work remotely.

      --
      The ringing of the division bell has begun... -PF
    2. Re:Rip-off by Starteck81 · · Score: 5, Funny

      I believe the self-destruct is triggered by unauthorized attempts to access. While your way is cheaper I suspect that rubber banding your usb drive to a hammer with a note that says "In case of theft please smash drive" is somewhat less effective due the lack of ethics most thieves posses.

      --
      "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed H
    3. Re:Rip-off by Chabo · · Score: 5, Funny

      Here's my idea:

      Sell a USB drive that's approximately 2 feet by 2 feet by 4 feet in size. The drive will consist of a radiation-shielded box. Inside, there's a flask filled with poison, and a hammer connected to a Geiger counter. There's also a cat with a heart monitor. If the flask breaks and the cat dies, then the drive will self-destruct.

      Would you be willing to buy my product?

      --
      Convert FLACs to a portable format with FlacSquisher
  4. Where's the market? by religious+freak · · Score: 2, Interesting

    Funny, instead of paying extra, I'd just use a hammer, or a desk drawer, or if in a real pinch my two hands to break the thing apart. Unless you're James Bond, I don't see how most folks would need any more than this, and if they do need more, they already have it.

    --
    If you can read this... 01110101 01110010 00100000 01100001 00100000 01100111 01100101 01100101 01101011
    1. Re:Where's the market? by LWATCDR · · Score: 4, Insightful

      How would you transport a few gigabytes to a new location?
      FTP?
      External HD.
      DVD?
      And very large number of floppies?
      I take my source code home with me on a USB drive. I currently encrypt it but I could see this being even better.

      --
      See my blog http://ilovecookes.blogspot.com/ for light hearted technical information.
    2. Re:Where's the market? by pjt33 · · Score: 2, Informative

      Maybe there's some straightforward* way to hack your USB drivers so that the only devices they support are self-destructing drives, but if not then I'd prefer any computer with data sensitive enough to need this drive not to have the ability to mount any USB drive. You just need to look at the British civil service to see what happens when it's possible to dump your database to an unencrypted physical medium and then leave it on the train / lose it in the post.

      For security-conscious home users it's great. For government / enterprise users you need methods of transfer which the sysadmin can lock down.

      * Emphasised because I don't need to be told that if you use Linux you can obtain the source and break it to your heart's content.

    3. Re:Where's the market? by Abreu · · Score: 2, Funny

      How would you transport a few gigabytes to a new location?
      FTP?
      External HD.
      DVD?
      And very large number of floppies?
      I take my source code home with me on a USB drive. I currently encrypt it but I could see this being even better.

      I am partial to the classic solution: Microfilm in a hollow tooth

      --
      No sig for the moment.
  5. Re:Nerdgasm by Jah-Wren+Ryel · · Score: 3, Interesting

    You're impressed that they coated the circuit board with black epoxy? The only impressive thing about that is they use so little power that heat transfer isn't an issue.

    Indeed. Get back to us when they have a Level 4 product - that's what all the big boys use.

    --
    When information is power, privacy is freedom.
  6. Re:Nerdgasm by TooMuchToDo · · Score: 4, Funny

    Is that where my USB key is embedded in a stick of dynamite for quick data wiping?

  7. Smoke by wjousts · · Score: 5, Funny

    This better emit a puff of smoke when it self-destructs or I'm not buying it. It doesn't matter if the smoke is only for show.

  8. Comment removed by account_deleted · · Score: 4, Insightful

    Comment removed based on user account deletion

  9. The Market by NotQuiteReal · · Score: 4, Insightful

    Like most things, if you have to ask "who needs this?", the answer is not you.

    Personally, there are a great number of wildly popular products for which I am not in the market.

    --
    This issue is a bit more complicated than you think.
  10. Re:What a bad idea by NecroPuppy · · Score: 3, Informative

    Correct.

    In many branches, they are currently banned, largely because of the viral vector issue.

    --
    I like you, Stuart. You're not like everyone else, here, at Slashdot.
  11. Ironkey also supports Linux! by AMuse · · Score: 4, Informative

    I'm using an Ironkey at work (have been for about 2 years now) and the thing has been rock solid. However, the main reason I selected it is that it's the only key that I've had the opportunity to trial which is both FIPS 140-2l2 compliant *AND* supports Linux.

    I use it with WinXP and MacOSX daily and yes, they do ship with "alpha" Linux drivers. Not full support like Win* but enough to read and write the encrypted data, which is all I really use.

    Although the company claims that you can now "initialize" a key on MacOS, all the versions I've used required an initial bootstrapping under Windows before being cross-platform usable.

    1. Re:Ironkey also supports Linux! by AMuse · · Score: 2, Informative

      It practically doubles the cost of the drive if you're a standalone user with no job involving computers; for me, it was very easy to go over to my officemates' desk and initialize it on his Windows machine.

      Also, I did a pretty good amount of work using the IronKey inside a VM. Using VMWare Fusion in MacOSX Leopard and a Windows XP VMWare image, I was able to mount the key inside the Windows image and do an initialization successfully. One thing I did notice was that when doing so, it would always unmount my ipod from the VM, which was a bit odd.

    2. Re:Ironkey also supports Linux! by Eternauta3k · · Score: 2, Insightful

      Since I don't have any copies of that software, it pretty much doubles the cost of the drive

      Go to a cybercafe?

      --
      Yeah. Would you choose a neurosurgeon who pokes around people's brains in his spare time? I wouldn't.
  12. You're on to something! by SCPaPaJoe · · Score: 2, Funny

    I vote for the floppies. How about 5.25" 360k. 3 to 9 thousand of them!
    How many people can read those nowadays?

  13. unvi by kaoshin · · Score: 2, Informative

    I understand thinkgeek and slashdot are sister companies, so this post is more of an ad, but is the only thing different here the revision or level of certification, or is there something else newsworthy on this from a tech standpoint? Ironkey has been on thinkgeek for like a year, and the self destruct and other features have all been in this product for a long time.

  14. Mission Impossible by Neanderthal+Ninny · · Score: 2, Funny

    The new version of the Mission Impossible self-destructing tape player.
    However, how many spoofs has been made to this "self-destruction" capability so I wonder what if your USB key self-destructs accidentally in your pants pocket will it fry your gonads.

  15. Re:What a bad idea by NecroPuppy · · Score: 2, Interesting

    We don't have a compromise where I work.

    USB key drives are banned. There is even software loaded onto the machines, by default, that detects if you've inserted a key drive (and can tell the difference from a USB hard drive) and reports you to the IS guys.

    If you do this, you get yelled at, your computer gets scanned and scrubbed, and it can even affect your clearance.

    --
    I like you, Stuart. You're not like everyone else, here, at Slashdot.
  16. Thermite by Dr_Barnowl · · Score: 2, Insightful

    I keep wanting to build a flash drive with a thermite filler and some kind of rip-strip fuse that you could just yank on hard to set it off.

    No offence to IronKey, but how do you know that it's really, really, destroyed your data beyond recovery? Maybe it just locks out the disk controller. A small heap of smouldering slag is much more definitive.

    Now, if you could combine the thermite with their remote wipe protocols......

  17. Re:What a bad idea by ChaoticCoyote · · Score: 2, Interesting

    Flash drives are a big no-no in the federal government and military. If something is so sensitive that it needs this kind of encryption wrapped in dynamite, then it should not be walking around on a USB drive. Dumb dumb dumb.

    True... but not everyone who requires security is a government spook. For most of us non-spooks, this thing has merit.

    --
    All about me
  18. A hacker challenge by RobertLTux · · Score: 4, Insightful

    what iron key should do is go to DEFCON with a bunch of these drives and then run a contest

    If you can crack the drive you get some obscenely large amount of money
    how to run the contest fairly

    have the contents of the drive detail how to get to an offshore account with the prize money

    So Ironkey how much you want to bet this key is "secure"

    --
    Any person using FTFY or editing my postings agrees to a US$50.00 charge
  19. Strictly speaking, it doesn't self-destruct by e9th · · Score: 3, Interesting
    From IronKey's blurb:

    - Secure key management -encryption keys are born on the device in the Cryptochip and bound to the device
    - Hard-wired encryption key self-destruct defenses and electromagnetic shielding of the Cryptochip

    which I interpret as saying that only the key is wiped, while the actual data remains on the drive. If you've somehow managed to snarf the key before it was wiped, or if you're really cool and can break AES-256, you're good to go.

  20. Re:Oops... by Anonymous Coward · · Score: 2, Insightful

    Call IT support and tell them that you were not doing anything in particular when the computer did it by itself.

    Then tell everyone else that IT support failed to fix the problem costing the company thousands of dollars of spreadsheets.

  21. Re:This is nothing new. by Joe+U · · Score: 2, Funny

    I've been administering and deploying "self-destructing" USB drives for several years!

    After about a year, the drive stops working and all the data is gone. It's always the one the boss was using and it's always some important file that he didn't have a copy of somewhere else, so it is very consistant in that one regard.

  22. Re:Nerdgasm by bill_mcgonigle · · Score: 2, Informative

    "The only USB key to be banned by the TSA" -- product advertisement

    Come now, the Swiss Army Flash Knife is most certainly considered a WMD by the goon squad.

    --
    My God, it's Full of Source!
    OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
  23. Re:Nerdgasm by Malevolyn · · Score: 2, Interesting

    Er, why is this news? This exact item has been on sale at ThinkGeek for a couple years, now. Self-destruct capabilities and everything.

    --
    Your ad here.