Slashdot Mirror
Self-Destructing USB Stick
Hugh Pickens writes "PC World reports that Victorinox, maker of the legendary Swiss Army Knife, has launched a new super-secure memory stick that sounds like something out of Mission: Impossible. The Secure Pro USB comes in 8GB, 16GB, and 32GB sizes, and provides a variety of security measures including fingerprint identification, a thermal sensor, and even a self-destruct mechanism. Victorinox says the Secure is 'the most secure [device] of its kind available to the public.' The Secure features a fingerprint scanner and a thermal sensor 'so that the finger alone, detached from the body, will still not give access to the memory stick's contents.' While offering no explanation how the self-destruct mechanism works, Victorinox says that if someone tries to forcibly open the memory stick it triggers a self-destruct mechanism that 'irrevocably burns [the Secure's] CPU and memory chip.' At a contest held in London, Victorinox put its money where its mouth was and put the Secure Pro to the test offering a £100,000 cash prize ($149,000) to a team of professional hackers if they could break into the USB drive within two hours. They failed."
Oh common, you're ruining the movie!
Cut off the finger stick in mouth then use.
Against the trojan on the computer you hook it up to.
The knife might be useful for cutting off your finger though.
Indeed.
Not only do you have to let it out of your sight/control if you fly, it also comes with a built in way for someone to threaten you or cut off your finger (and use it quickly.. they are not nice to touch once they go cold)
Teacher, I swear I wrote up the entire 40 page paper, but I burned my thumb really bad the other day and when I went to retrieve my paper, it exploded.
Here is a picture of the launch event. (safe for work. Really!) Surely a hacker who looks like that must be a expert in hacking USB sticks. ;)
Surely if somebody can chop off your finger he can also warm it up?
sexist.
The article fails to say that you have to press the fingerprint identification every 108 minutes or else it will self-destruct.
So she could not use the device. Security should have fingerprint, strong password, challenge question and voice recognition.
Help end the use of Sigs. Tomorrow
"...if they could break into the USB drive within two hours. They failed."
Am I completely deluded if I think that if crackers have a physical access to a USB drive, they just may be able to withhold it for more than two hours? Maybe I'm proposing a completely implausible scenario here, but suppose the USB drive has been "stolen" (a term which means "physically removed from the possession of the legitimate owner" for those who don't grok this high-tech security lingo) - in such case, the legitimate owner may, theoretically, need more than 2 hours to recover the USB drive, and the attacker can use a longer period of time to their advantage. I remember reading in the literature that "stolen" USB drives may, in some cases, be recovered days, weeks, months later - and in many cases, they may never be recovered. Whether that qualifies as significantly longer than 2 hours, I don't know. I'm not an expert.
In case you're wondering, no, I don't put much faith in hacking contests, especially if the scenarios they test have small obvious flaws like this. =)
Except that anyone using a secure USB stick as the only copy of important data deserves to loose it if they loose the password.
Dear gods man, twice in the same sentence? WHAT HAVE YOU DONE?!! Run, before the most foul ranks from the deepest depths of nether spelling nazi hell are unleashed and rain their fiery vengeance upon you!
which is totally what she said
http://xkcd.com/538/
Presumably, if you had physical access to the drive, wouldn't you have more time to crack it than two hours?
Exactly. You have 24 before Keifer Southerland kicks your ass.
When are they going to make a USB Stick with a corkscrew? I might just need to recover with a bottle of wine after my thumb drive destroys itself.
Better yet, why bother with the microwave? That would be an unneeded hassle (and somewhat suspicious, if in a public area). Instead, stash the finger in one of your body's seemingly-designed-for-this warm orifices, the surreptitiously remove it when it's time to use it.
"Trolls they were, but filled with the evil will of their master: a fell race..." -- J.R.R. Tolkien on Olog-hai
Rather than try to "protect" the data contained within a thumb stick (which is kind of passive if you think about it), why not actively try to destroy all data to whatever is connected to the thumb stick instead...
Criminal: "Ha! I stole this thumb stick from that stupid corporation, and I am sure it is just stuffed with credit card info! Now to just use these easily available utilities I found online to crack it..."
Plugs in device
PC: "Password: "
Criminal: "Pffft I can just ignore that, now where did I put that cracker utility..."
PC: "Timeout. Initiating self destruct!"
Criminal: "Pfft as if it is going to blow up or something, what a joke..."
PC: "Virus Loaded....Deleting all files.... Complete. Have a nice day!"
Criminal: "....."
Criminal: "....."
+1 tinfoilhat