Secure Coding mailing list archives
Design flaw in Lexar JumpDrive
From: "Kenneth R. van Wyk" <Ken () krvw com>
Date: Tue, 28 Sep 2004 21:00:05 +0100
Greetings SC-L folks. Wow, it's been absurdly quiet here lately, and not just because I've been out of the office on travel so much. Perhaps we've reached an end of Software Security topics to discuss? ;-) In any case, I thought that I'd try to seed things a bit with this... I know that this isn't exactly _news_, as it's a couple weeks old now, but it's interesting nonetheless. A recent @Stake advisory (http://www.atstake.com/research/advisories/2004/a091304-1.txt) detailed a vulnerability in Lexar's JumpDrive USB drive. According to the @Stake advisory, even though the device is able to encrypt user data using 256-bit AES encryption, "The password can be observed in memory or read directly from the device, without evidence of tampering." That strikes me as a pretty glaring example of a _really bad mistake_ made in designing the crypto system. Certainly not the first -- or, I'm sure the last -- time that we've seen mistakes like this. It seems to me, though, that a good threat modeling exercise should have prevented this from being introduced into the product in the first place. Or, do you think that the developers knew of the problem, but the pressures of product marketing overwhelmed sound design practices? It's a rhetorical question, obviously, since I can't imagine anyone from the design team speaking up publicly, but it sure would be interesting to know... Cheers, Ken van Wyk -- KRvW Associates, LLC http://www.KRvW.com
Current thread:
- Design flaw in Lexar JumpDrive Kenneth R. van Wyk (Sep 28)
- <Possible follow-ups>
- Re: Design flaw in Lexar JumpDrive Greenarrow 1 (Sep 28)
- RE: Design flaw in Lexar JumpDrive Joel Kamentz (Sep 30)