PaulDotCom mailing list archives
U3 hacking on encrypted flash drives
From: msalmon813 at hotmail.com (Michael Salmon)
Date: Tue, 17 Mar 2009 23:29:27 -0400
I posted this comment/question on the PaulDotCom forum, but I'm wondering what you guys think. First, let me start saying the PaulDotCom podcasts are awesome and Irongeek is a big influence on my interest in computer security (his video's are great!). Feels like I'm talking to moviestars, lol ... I hope I'm not beating a dead horse. I know U3 hacking has been around for years and so has the UniversalCustomizer tool. My company purchased back in 2007 the Kingston DTSP (DataTraveler Secure Privacy Edition) USB keys for their hardware encryption. Last year Kingston replaced the drives with DTVP (DataTraveler Vault Privacy Edtion) and my manager asked me to find out if it was possible for a virus to install on the CD-Rom partition. I called Kingston to discuss the matter and ask other detailed questions about their product. I was a bit surprised when the engineer told me it uses U3 technology... I shouldn't have been, but because U3 didn't seem very secure to me I assumed they developed their own CD-Rom emulation software. I tested the UniversalCustomizer tool against the older DTSP driver first and it recognized it as a U3 drive and overwrote their CD-Rom partition, although the data on the key was gone and even with data recovery tools (used PhotoRec) I couldn't retrieve anything, it really concerned me that a virus could overwrite the CD-Rom area and Antivirus wouldn't be able to delete the infection. The tool failed to recongnize the newer DTVP drive as a U3 enabled key, but that doesn't mean someone else won't figure out a way to overwrite it. Kingston didn't have an answer when I asked what kind of security is in place to protect against this (I'm still in talks with them, hopefully someone will give me an answer). So now I'm interested in Ironkey, but on a recent PaulDotCom eposides it was said that also uses U3 technology. I'm going to contact Ironkey soon, but i have very little trust in what vendors say, has anyone else researched this? Company's put a lot of faith on hardware encrypted keys and believe it's a secure mediam, allowing their "secure drives" access through device blocking products. Kingston was confident that CD-Rom partition is READ-ONLY, thus creating a false sense of security (at least for their DTSP). Sounds like a big security hole to me. Your comments are appreciated. _________________________________________________________________ Windows Live?: Life without walls. http://windowslive.com/explore?ocid=TXT_TAGLM_WL_allup_1a_explore_032009 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090317/5ef856b5/attachment.htm
Current thread:
- U3 hacking on encrypted flash drives Michael Salmon (Mar 17)
- U3 hacking on encrypted flash drives John (Mar 17)
- U3 hacking on encrypted flash drives Tim Mugherini (Mar 18)
- U3 hacking on encrypted flash drives John (Mar 17)