It seems like the benefits are having the device lock/wipe itself after a set amount of attempts in case of a brute force attack and not having to run software to decrypt the drive on the device you plug it into.
I included a picture of the IronKey Keypad 200 but that’s just because it’s the first result that came up when I was looking for an example. There seem to be a few other manufacturers and models out there and they probably have different features.
I am curious what do you think of them? Do you think they are useful? Do you find it more a novelty?
It was an ExplainingComputers video titled Very Useful Small Computing Things that made me think of them.
Hardware signing devices have lots of utility because they keep the key from ever being on the machine (which is more likely to be compomised). Think ledger or trezor for your Bitcoin. Hardware encryption devices are just really expensive and black-box ways to avoid Veracrypt.
If your encryption algorithm is secure, you have no use for automatic lock-out. If it’s not, automatic lockout won’t do much against an attacker with physical access to the device. Unless they are dumb enough to trigger the lockout AND the internal memory wipes itself sufficiently well AND/OR the attacker doesn’t have the resources to reverse engineer the device.
If your encryption algorithm is secure, you have no use for automatic lock-out.
This isn’t true. You need your algorithm and your key to be secure. If the key needs to be remembered or entered often it probably can’t be secure. So brute force protection becomes very important.
If it’s not, automatic lockout won’t do much against an attacker with physical access to the device.
This isn’t true. Yes, with enough time and effort it is possible to extract any data from any device. But in practice physical HSMs do an excellent job at raising the cost of key extraction. I would much rather have an attacker steal my Yubikey than a USB with my GPG key lying on it.
I don’t trust hardware implementations of encryption in the same way I don’t trust hardware raid arrays.
It’s very hard to actually secure something someone has physical access to and that can be disassembled.
Removed by mod
Useful for what? Hiding stuff from family-member or coworkers? Yeah sure. Why not.
Hiding stuff from professionals that really want your data? Probably not very helpful.
Also what about backup? One controller-malfunction and your stuff goes poof. I just assume the data is somehow important or else you wouldn’t care about such a device 😊
Those are some good points. The IronKey Keypad 200 says it has a self recharging battery but I wonder how long it would last sitting out of use as a backup or if plugging it in would always be enough.
Self-recharging? The world needs more of this mysterious technology.
Yeah i am stumped what do they mean by that . Also that statement alone indicates their product is not good as they say.
I think they mean it doesn’t rely on a battery that would need to eventually be replaced. It wouldn’t have a disposable button cell battery for example
Like most things, it’s important to remember what threats you’re trying to protect yourself against.
Are you trying to protect yourself against dropping a USB in a parking lot and someone picking it up? Or are you trying to protect yourself from a nation state?
Just my opinion but I don’t really like the common belief of separating nation and non nation state actors. We’re getting to the point where nation states are making up a large portion of the really damaging attacks, and it’s frequently ones own government or a government they’re in conflict with which means there are very kinetic consequences for failure even if you’re a nobody. It’s not just someone stealing some money anymore.
Only buy stuff with upgradeable firmware.
What is your use case for this?
- Confidential files in a public setting? Don’t fucking bring confidential files to a public setting. But if you must, a big bulky laptop with (good) FDE is a lot more sequre than a flash drive someone can pickpocket.
- Border crossing? Guess what? You paint a MASSIVE red flag on your back and get to learn that you don’t actually have all that many rights in the time between stepping on foreign soil and being admitted by customs. Congrats, you gave them the wrong code three times and it got wiped. They are going to break your face and put you in a black site.
- Hiding sensitive/highly illegal content in the event of a police investigation: Yeah… if you are at the point where there is a warrant (or black van) out for your arrest than it really doesn’t matter if they can see whatever you were looking at last night.
At my old job we required these for “thumb drives” and all they ever did was make reformatting machines pure hell.
What is your use case for this?
In the ExplainingComputer’s video he was using it to store his passwords. I’m not sure if he was doing it in conjunction with something like an encrypted password database or a plain text file.
These are handy if you have to move sensitive information but I’ve experienced more than one event at work where irreplaceable files were lost due to user error on these type of drives.
I couldn’t tell you about the lifespan of these devices either, something tells me the keys won’t last more than a few years if it’s being used regularly.
If your only copy of critical data is on a portable storage device you are doing so many things wrong.
Agreed.
Have to stay within hiipa, sadly that means tech-illiterate c suite dipshits make decisions on hardware.
I have this device and use it to store my keepassxc and onlykey backups, and it’s useful to me because I’ve stopped using passwords (I only need to remember the pins for these devices which can unlock my keepass dbs that have everything else).
It seems secure enough for my use case, especially since the files I store in it are themselves encrypted (the onlykey backup still requires a pin), but I still want them to be difficult to access.
I’ve had to rely on it before but only because I didn’t prepare a backup onlykey ahead of time- ideally it should be one of many recovery methods. But so far it’s worked great for me.
The ones that went through FIPS 140-2 Type 3 or above validation are legit. We used Apricorn for CUI data…examples: https://www.archives.gov/cui/registry/category-list
I wouldn’t trust any part of its hardware and software to store anything worth encrypting on it
They are interesting. But they are a huge red flag and scream examine me if it’s in your luggage and your crossing a boarder.
I’m somewhat dubious about a hardware system not having long term undiscovered flaws. Be sure to use software based data protection on top of the hardware solution.
But they are a huge red flag and scream examine me if it’s in your luggage and your crossing a boarder.
Good point. I guess you’d need to look into key disclosure laws at that point
Depending one where you are this may may be seen as normal in many airports as this isn’t uncommon in a business setting
I see one use-case, If you’re going w/ sth illegal as hell to a place where you might get arrested and searched for just being there i.e a protest, nuking your (illegal) data might save your ass.
One thing I can tell you, it’s that you can’t use them as bootable drives to install an OS from. And if you try to pass the USB connection from an ESXi host to a VM on it, it won’t work.
Aside from that, they’re really annoying to work with.
Didn’t use ironkey specifically but you can totally boot from an apricorn. Basically involved plugging it in, rebooting the machine, and VERY rapidly entering the unlock code before the bios finishes starting up and gets to the “so which drives are bootable?” phase.
It was hellish but it was also corporate policy to not use any USB storage devices that did not have a keypad for encryption. And DVDs were strongly controlled by the IT department (who were about as stupid as you would expect to have signed off on a policy like that).
Couldn’t the data be cloned and cracked off device without having to worry about the pin code?
Removed by mod
First time I’ve seen something like that, but my initial thought was: wow, that’s a lot of parts that can break and things that can go wrong (compared to only encrypting the data itself before storage).
