this post was submitted on 19 Feb 2024
1 points (100.0% liked)

Privacy

32004 readers
659 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
1
What are your thoughts on USB storage drives that have keypad encryption? (leminal.space)
submitted 9 months ago* (last edited 9 months ago) by [email protected] to c/[email protected]
109 comments fedilink hide all child comments
 

It seems like the benefits are having the device lock/wipe itself after a set amount of attempts in case of a brute force attack and not having to run software to decrypt the drive on the device you plug it into.

I included a picture of the IronKey Keypad 200 but that's just because it's the first result that came up when I was looking for an example. There seem to be a few other manufacturers and models out there and they probably have different features.

I am curious what do you think of them? Do you think they are useful? Do you find it more a novelty?

It was an ExplainingComputers video titled Very Useful Small Computing Things that made me think of them.

(page 3) 12 comments
sorted by: hot top controversial new old
[–] [email protected] 0 points 9 months ago* (last edited 9 months ago) (1 children)

I have a USB drive with a keypad on it, it stores my FIPS Compliant SSH-key for IL-5 government systems. I unlock it to add my key into my ssh-agent, and don't use it for anything else. Though it is an 8gig USB stick, so I could in theory run some kind of security/pen testing flavor of linux plus a VPN Client to connect to said systems.

load more comments (1 replies)
[–] [email protected] 0 points 9 months ago* (last edited 9 months ago) (1 children)

What is your use case for this?

  • Confidential files in a public setting? Don't fucking bring confidential files to a public setting. But if you must, a big bulky laptop with (good) FDE is a lot more sequre than a flash drive someone can pickpocket.
  • Border crossing? Guess what? You paint a MASSIVE red flag on your back and get to learn that you don't actually have all that many rights in the time between stepping on foreign soil and being admitted by customs. Congrats, you gave them the wrong code three times and it got wiped. They are going to break your face and put you in a black site.
  • Hiding sensitive/highly illegal content in the event of a police investigation: Yeah... if you are at the point where there is a warrant (or black van) out for your arrest than it really doesn't matter if they can see whatever you were looking at last night.

At my old job we required these for "thumb drives" and all they ever did was make reformatting machines pure hell.

[–] [email protected] 0 points 9 months ago* (last edited 9 months ago)

What is your use case for this?

In the ExplainingComputer's video he was using it to store his passwords. I'm not sure if he was doing it in conjunction with something like an encrypted password database or a plain text file.

[–] [email protected] 0 points 9 months ago

First time I've seen something like that, but my initial thought was: wow, that's a lot of parts that can break and things that can go wrong (compared to only encrypting the data itself before storage).

[–] [email protected] 0 points 9 months ago* (last edited 9 months ago) (2 children)

They are interesting. But they are a huge red flag and scream examine me if it's in your luggage and your crossing a boarder.

I'm somewhat dubious about a hardware system not having long term undiscovered flaws. Be sure to use software based data protection on top of the hardware solution.

[–] [email protected] 0 points 9 months ago

But they are a huge red flag and scream examine me if it’s in your luggage and your crossing a boarder.

Good point. I guess you'd need to look into key disclosure laws at that point

load more comments (1 replies)
[–] [email protected] 0 points 9 months ago

The ones that went through FIPS 140-2 Type 3 or above validation are legit. We used Apricorn for CUI data…examples: https://www.archives.gov/cui/registry/category-list

[–] [email protected] 0 points 9 months ago (1 children)

Useful for what? Hiding stuff from family-member or coworkers? Yeah sure. Why not.

Hiding stuff from professionals that really want your data? Probably not very helpful.

Also what about backup? One controller-malfunction and your stuff goes poof. I just assume the data is somehow important or else you wouldn't care about such a device 😊

[–] [email protected] 0 points 9 months ago (3 children)

Those are some good points. The IronKey Keypad 200 says it has a self recharging battery but I wonder how long it would last sitting out of use as a backup or if plugging it in would always be enough.

load more comments (3 replies)
[–] [email protected] 0 points 9 months ago (3 children)

Ironkey has been more careful than some other vendors but the concept still seems dubious to me, if you are tryna to stop serious attackers. You want the decryption key to be completely separated from the storage.

[–] [email protected] 0 points 9 months ago (4 children)

Ironkey has been more careful than some other vendors

In what aspects? This is a topic I don't know much about

load more comments (4 replies)
load more comments (2 replies)
[–] [email protected] 0 points 9 months ago

As long as the security software it uses is solid I think it's a decent idea.

load more comments
view more: ‹ prev next ›