ACER Aspire 6935G battery
HomePortalCalendarFAQSearchMemberlistUsergroupsRegisterLog in


 Top rated Branded Secure USB Flash Drives Hacked

Go down 

Posts : 306
Join date : 2011-09-04

Top rated Branded Secure USB Flash Drives Hacked  Empty
PostSubject: Top rated Branded Secure USB Flash Drives Hacked    Top rated Branded Secure USB Flash Drives Hacked  EmptySun Nov 13, 2011 4:45 pm

January 05, 2010, Most key memory brands like Sandisk, Kingston and Verbatim offer Secure Flash Drives additionally to their standard flash drive range available on the market. Secure flash drives promise to maintain your data secure from hackers, viruses, water, earthquakes and other natural disasters.On January 05, 2010, a design flaw was reported, which would allow an attacker to gain access to secure flash drives manufactured by a few of the huge brand flash memory-makers. it was reported that it's feasible to send a "unlock" flag to the devices which would trigger them to unlock via the pc without requiring the user-set password. German Pen-Test firm SySS GmbH published a paper highlighting the flaws.Affected Devices SanDisk Cruzer? Enterprise FIPS Edition with McAfee USB flash drive, CZ46 - 1GB, SanDisk Cruzer? Enterprise FIPS Edition USB flash drive, CZ32 - 1GB, 2GB, 4GB, 8GBSanDisk Cruzer? Enterprise with McAfee USB flash drive, CZ38 - 1GB, 2GB, 4GB, 8GBSanDisk Cruzer? Enterprise USB flash drive, CZ22 - 1GB, 2GB, 4GB, 8GBKingston DataTraveler BlackBox (DTBB)Kingston DataTraveler Secure - Privacy Edition (DTSP)Kingston DataTraveler Elite - Privacy Edition (DTEP)Verbatim Corporate Secure FIPS Edition USB Flash Drives 1GB, 2GB, 4GB, 8GBVerbatim Corporate Secure USB Flash Drive 1GB, 2GB, 4GB, 8GBThe flaw is fairly straight-forward. When the drive is connected to the personal computer, software accompanied with the drive is run on the personal computer, which authenticates the password supplied and sends an "unlock" flag to the drive. When analyzed under a debugger, the code just translates to a typical "conditional jump", which may be patched to unlock the device.Such implementations of security have been criticized by reserve-engineers around the world and undoubtedly raise questions on the design procedure of the compromised flash drives.Several "cracks" for software are based around the exact same technique of changing the logic of software throughout runtime, which is easily visible under a good debugger, say OllyDbg and Softice. The concerning fact for public and several users who've purchased these devices is that they had boasted as being certified to FIPS 140-2 Level 2 security validation from the US Government organization NIST ( National Institute of Standards and Technology ).SySS GmbH utilized OllyDgb to change a flag within the software accompanying the drives to gain access to the drive without knowing the original password. Needless to say this begs the question, how and why did NIST certify the affected products as secure flash drives when they had such inherent flaws in design.NIST is obviously upholding their position and said "From our initial analysis, it appears that the software authorizing decryption, as opposed to the cryptographic module certified by NIST, is the source of this vulnerability"Yes of course."Nevertheless, we are actively investigating regardless of whether any changes in the NIST certification procedure ought to be made in light of this problem."The NIST certification is concerned with the cryptographic modules which encipher and decipher the data held on the device. As security buffs will argue, in the event you put the most secure encryption module behind insecure implementations, it'll result in an overall insecure system. For secure flash drives, it's fairly embarrassing to see the top vendors failing to deliver what their product had promised.As demonstrated by this flaw, media-led customers have an incorrect perception of certifications issued by huge organizations. These certifications do not make certain that the device is secure, only that the cryptographic module is secure, appropriate.Ironkey users would be happy to know that the flaw has not affected their products. Ironkey uses hardware based authentication rather than sending unlock flags to the device. All Ironkey Secure Flash drives remained unaffected by this flaw, and we are not surprised to see sales of this device hitting the roof.Keep in mind, not only software is vulnerable, but also hardware. It's less complicated to analyze software under a debugger, but with the correct tools, analyzing hardware under a debugger is just as effortless. Particularly vulnerable is the sequence which unlocks the drive once the authentication is complete - which nodoubt must be 1 of the most guarded routines on the flash drive.Luckily, Ironkey has designed its protection from the ground up. Chips on the drive are melted in ePoxy which means gaining access to the hardware is almost impossible, even by the most determined hackers.As we realize, should you have spent over the odds to purchase a secure flash drive, you shouldn't need to worry about implementation of security on the device. Even though Kingston, Sandisk and Verbatim will furiously try to do whatever they can to remedy and bury the issue, we believe it wont be an straightforward task to restore consumer confidence.

Back to top Go down
View user profile
Top rated Branded Secure USB Flash Drives Hacked
Back to top 
Page 1 of 1

Permissions in this forum:You cannot reply to topics in this forum
ACER Aspire 6935G battery :: Your first category :: Your first forum-
Jump to: