Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Advertise on LowEndTalk.com
Recommendations for self encrypting external hdd
New on LowEndTalk? Please read our 'Community Rules' by clicking on it in the right menu!

Recommendations for self encrypting external hdd

I am looking for a self encrypting external hard drive... Any recommendations for the same?

A low storage is also OK.

Thanks.

Comments

  • Addonics has some interesting products like that:

    http://net.addonics.com/products/diamond_Cipher/overview.asp

    #lexit spread the word.

  • @willie said:
    Addonics has some interesting products like that:

    http://net.addonics.com/products/diamond_Cipher/overview.asp

    Thanks. Any other alternatives?

  • Lots of drives have built-in encryption. Or you can do it in software.

    #lexit spread the word.

  • @willie said:
    Lots of drives have built-in encryption. Or you can do it in software.

    I prefer something which will encrypt data at rest. Any recommendations?

  • Bitlocker if it's NTFS
    dm-crypt if it's LVM/Ext4

  • emgemg Member
    edited December 2016

    @mik997 said:
    Bitlocker if it's NTFS
    dm-crypt if it's LVM/Ext4

    Add: FileVault if it's Mac.

    There are third party commercial and open source full disk encryption software products also available for several platforms. These articles may help (or may add to the confusion because of the number of options available!):

    If you want hardware-based full disk encryption, there are number of solutions. The first question to answer is whether a person is physically present to unlock the drive.

    I recommend Apricorn Aegis Secure Key flash drives to my customers. They are "thumb drives" with an integrated keypad for unlocking the drive. Apricorn also makes similar products tied to hard drives, but I have not examined them carefully.

    Warning: I have seen a variety of similar products which are not as secure. Some appear to have 10 digits for password entry, but in fact they have only five - a pair of digits is coupled to each button. Many have preloaded cryptographic keys, which is not a good sign. Most drives automatically wipe their contents after a given number of failed unlock attempts. (Actually, they wipe the key.) If the cryptographic keys are preloaded (and you trust them to be random - really?) then the drives will fail after a certain number of resets when they run out of keys. The better (newer) encrypting thumb drives have a random number generator incorporated into their design, allowing an unlimited number of keys.

    I have analyzed other hardware encrypting drives and found major security issues. Don't trust a manufacturer just because they say that their product is used by a government or military or the GRU or the Mossad or ISIS or whomever.

    There are also several brands of encrypting drives which use hardware tokens to unlock them. Some that I have analyzed appear to be secure, but I worry about the chain-of-custody through the manufacturing process. Even if a product uses good cryptography and large key sizes, there is nothing to stop them from limiting the key search space. Even if the symmetric key size is 256 bits, if the manufacturer chooses the actual keys from a few billion keys, then the actual keyspace is only 32 bits. The buyer has no way to verify the security of the key generation process. That might be a cause for concern, considering that some of these systems are manufactured in China. Some manufacturers can provide tooling that let you generate your keys - a much better system, but far more expensive. IMPORTANT: I am not accusing any manufacturer of limiting keyspace in their token-based encrypted drive products. The issue is that there is no way for the end user to know one way or the other.

    Some drive manufacturers are incorporating encryption in the drive hardware itself. You buy a drive, but must also have the appropriate tools to use them. The tools may be software or hardware based. If software, then you need drivers, etc. It gets messy.

    Good luck!

    Edit:
    P.S. I would stay away from encrypting drives (typically thumb drives) that require special driver software to be installed on your computer to unlock them. Some of them are secure, but they have a limited lifetime because the manufacturers don't update their drivers to match operating system changes. The manufacturers stop supporting them with updates.

    Thanked by 1deadbeef
  • @emg said:

    @mik997 said:
    Bitlocker if it's NTFS
    dm-crypt if it's LVM/Ext4

    Add: FileVault if it's Mac.

    There are third party commercial and open source full disk encryption software products also available for several platforms. These articles may help (or may add to the confusion because of the number of options available!):

    If you want hardware-based full disk encryption, there are number of solutions. The first question to answer is whether a person is physically present to unlock the drive.

    I recommend Apricorn Aegis Secure Key flash drives to my customers. They are "thumb drives" with an integrated keypad for unlocking the drive. Apricorn also makes similar products tied to hard drives, but I have not examined them carefully.

    Warning: I have seen a variety of similar products which are not as secure. Some appear to have 10 digits for password entry, but in fact they have only five - a pair of digits is coupled to each button. Many have preloaded cryptographic keys, which is not a good sign. Most drives automatically wipe their contents after a given number of failed unlock attempts. (Actually, they wipe the key.) If the cryptographic keys are preloaded (and you trust them to be random - really?) then the drives will fail after a certain number of resets when they run out of keys. The better (newer) encrypting thumb drives have a random number generator incorporated into their design, allowing an unlimited number of keys.

    I have analyzed other hardware encrypting drives and found major security issues. Don't trust a manufacturer just because they say that their product is used by a government or military or the GRU or the Mossad or ISIS or whomever.

    There are also several brands of encrypting drives which use hardware tokens to unlock them. Some that I have analyzed appear to be secure, but I worry about the chain-of-custody through the manufacturing process. Even if a product uses good cryptography and large key sizes, there is nothing to stop them from limiting the key search space. Even if the symmetric key size is 256 bits, if the manufacturer chooses the actual keys from a few billion keys, then the actual keyspace is only 32 bits. The buyer has no way to verify the security of the key generation process. That might be a cause for concern, considering that some of these systems are manufactured in China. Some manufacturers can provide tooling that let you generate your keys - a much better system, but far more expensive. IMPORTANT: I am not accusing any manufacturer of limiting keyspace in their token-based encrypted drive products. The issue is that there is no way for the end user to know one way or the other.

    Some drive manufacturers are incorporating encryption in the drive hardware itself. You buy a drive, but must also have the appropriate tools to use them. The tools may be software or hardware based. If software, then you need drivers, etc. It gets messy.

    Good luck!

    Edit:
    P.S. I would stay away from encrypting drives (typically thumb drives) that require special driver software to be installed on your computer to unlock them. Some of them are secure, but they have a limited lifetime because the manufacturers don't update their drivers to match operating system changes. The manufacturers stop supporting them with updates.

    Thank you for the detailed post.

    At this point I am trying to keep some data available to me in a secure way such that if any random person stealing it will not be able to easily get access to my data.

    Wiping off the drive after a few wrong attempts sounds good.

    I do not have a very big budget.

    Thanks

  • AbdussamadAbdussamad Member
    edited December 2016

    self-encrypting drives are not really secure. the drive maker has backdoor keys that they can use to decrypt the data. they make these available to data recovery professionals for example.

  • ClouviderClouvider Member, Provider

    Most SSD drives encrypts data on the fly. You could set a key on those in hardware. I don't know how it goes with usability and stuff, but doable.

    Clouvider Limited - Leading Hosting & Connectivity Partner || Dedicated Server Sale from £39/m - Our Latest LET Offer

    Cloud Web Hosting | SSD & SAS HA OnApp VPS | US, UK, NL & DE Dedicated Servers | Network Services | Colocation | Managed Services

  • @willie said:
    Addonics has some interesting products like that:

    http://net.addonics.com/products/diamond_Cipher/overview.asp

    My god, they still exist.

    Thanked by 1willie
  • @Abdussamad said:
    self-encrypting drives are not really secure. the drive maker has backdoor keys that they can use to decrypt the data. they make these available to data recovery professionals for example.

    Thanks. So what's the purpose to mark them as self encrypting in the first place?

  • plumberg said: Thanks. So what's the purpose to mark them as self encrypting in the first place?

    to make money by selling them.

  • emgemg Member
    edited December 2016

    @plumberg said:

    Thank you for the detailed post.

    At this point I am trying to keep some data available to me in a secure way such that if any random person stealing it will not be able to easily get access to my data.

    Wiping off the drive after a few wrong attempts sounds good.

    I do not have a very big budget.

    Thanks

    You're welcome. Now that you have given us more about the requirements, I would recommend buying an encrypted flash drive, such as the Apricorn Aegis Secure Key that I recommended above. If speed and capacity are not too much of an issue, the USB 2 versions are reasonably priced.

    If you are only concerned about a "random person stealing it", where the random person does not have strong technical skills or government backing, then the less expensive "five button" encrypting flash drives should be sufficient for your needs.

    Many of the drives I have described are based on various ClevX chipsets.

    @Abdussamad said:
    self-encrypting drives are not really secure. the drive maker has backdoor keys that they can use to decrypt the data. they make these available to data recovery professionals for example.

    I respect @Abdussamad's opinion regarding backdoors in encryption products. I voiced similar concerns above regarding key generation. There is ample historic precedent for backdoors in encryption standards and products. Nonetheless, if we consider @plumberg's threat model, any typical encrypting drive should be sufficient for his/her needs.

    Speaking directly to @Abdussamad, I want to point out that hardware manufacturers whose livelihood depends on the quality of their encryption products may be less likely to cooperate by installing backdoors in the modern era. That is because the risk of disclosure is higher and the results of a disclosure can be economically devastating to the company. This sort of backdoor in a dedicated encryption product is different than the backdoors we normally talk about related to software and services. Frankly, government agencies are more likely to resort to hacking and subterfuge rather than direct cooperation with the manufacturer, with the obvious exception being the more authoritarian regimes (e.g., China). For an example of hacking and subterfuge, research what happened to Juniper VPNs.

    Thanked by 1deadbeef
  • @emg said:
    Warning: I have seen a variety of similar products which are not as secure. Some appear to have 10 digits for password entry, but in fact they have only five - a pair of digits is coupled to each button. Many have preloaded cryptographic keys, which is not a good sign. Most drives automatically wipe their contents after a given number of failed unlock attempts. (Actually, they wipe the key.) If the cryptographic keys are preloaded (and you trust them to be random - really?) then the drives will fail after a certain number of resets when they run out of keys. The better (newer) encrypting thumb drives have a random number generator incorporated into their design, allowing an unlimited number of keys.

    It is amusing how it's always the same class of vulnerabilities that get repeated over and over across difference niches. Love the "I'll trash your hardware by failing to login many times" ... feature :D

    I have analyzed other hardware encrypting drives and found major security issues.

    That's plain awesome.

    There are also several brands of encrypting drives which use hardware tokens to unlock them. Some that I have analyzed appear to be secure, but I worry about the chain-of-custody through the manufacturing process. Even if a product uses good cryptography and large key sizes, there is nothing to stop them from limiting the key search space. Even if the symmetric key size is 256 bits, if the manufacturer chooses the actual keys from a few billion keys, then the actual keyspace is only 32 bits. The buyer has no way to verify the security of the key generation process.

    If I understand correctly, the symmetrical key in this case is generated by the device and the user can't provide one on its own?

    I recommend Apricorn Aegis Secure Key flash drives to my customers.

    What is your profession? I mean, are you pen testing for a living?

    Thanked by 1vimalware
  • emg said:

    Speaking directly to @Abdussamad, For an example of hacking and subterfuge, research what happened to Juniper VPNs.

    What happened with juniper products was that the NSA installed a backdoor with the connivance of the manufacturer and the Chinese were among those exploiting it. That is what happened. The Chinese MO is to find and exploit vulnerabilities. The NSA does that + install vulnerabilities themselves.

    With open source software you know it has been peer reviewed and there is at least some hope that there aren't any backdoors. With hardware you don't really know anything. The way I see it there is no point in spending extra for hardware encryption when you don't know whether its better. And BTW it often isn't better.

  • @Abdussamad said:
    With open source software you know it has been peer reviewed

    Ha ha ha ha ha ha ha ha ha ha ha, rofl, rofl rofl, rofl, rofl, rofl, rofl.

  • deadbeef said: Ha ha ha ha ha ha ha ha ha ha ha, rofl, rofl rofl, rofl, rofl, rofl, rofl.

    You laugh but this is what the experts say:

    As a cryptography and computer security expert, I have never understood the current fuss about the open source software movement. In the cryptography world, we consider open source necessary for good security; we have for decades. Public security is always more secure than proprietary security. It's true for cryptographic algorithms, security protocols, and security source code. For us, open source isn't just a business model; it's smart engineering practice.

    https://www.schneier.com/crypto-gram/archives/1999/0915.html#OpenSourceandSecurity

    It's why all the crypto algos we use are opensource. Their implementation should also be open source.

  • emgemg Member
    edited December 2016

    @deadbeef said:

    It is amusing how it's always the same class of vulnerabilities that get repeated over and over across difference niches. Love the "I'll trash your hardware by failing to login many times" ... feature :D

    I don't think of it as a vulnerability, but a feature, and it is a feature that I want. If my encrypted drive falls into @deadbeef's hands, I encourage deadbeef to wipe my data quickly - better to have my data destroyed right away than have deadbeef hand the drive to someone who might have better luck getting at my data. The feature could be treated as a denial of service attack, but that's okay. I keep backups, as everyone should.

    All physical thefts are denial of service attacks. The thief has your device, which prevents you from using it. If deadbeef is considering stealing the data my encrypting drive in a way that I won't detect, that's much harder to do, and I am not concerned about it, especially if deadbeef wants continual, ongoing access to the encrypting drive as the data on it changes. It's possible if deadbeef knows of some hidden backdoor, but in general, that's not part of my threat model.

    If I understand correctly, the symmetrical key in this case is generated by the device and the user can't provide one on its own?

    Mostly true, but not exactly correct. Some encrypting drives come preloaded with a limited number of strong, randomly generated symmetric keys. Those strong keys are created externally and loaded onto the drives during manufacture. The first key is used to encrypt the data on the physical media. If the physical media falls into an attacker's hands, they must contend with data that was encrypted with that strong random key.

    The reason for generating the strong keys externally is that some encrypting drive designs do not have a built-in random number generator (and no reliable way to gather entropy).

    The user chooses their own password or numeric code sequence, which is used to authorize the hardware to "unlock" the drive with the strong key. Sometimes multiple passwords/codes can be set for enterprise use. The IT department has a "master" password/code, and one or more users have their own individual password/codes to unlock the drive. The encrypting drive lets people change the passwords/codes without wiping the underlying strong key that encrypts them.

    Someday the owner may want to reset the encrypting drive for a different, untrusted user by replacing the strong symmetric key that is used to encrypt the drive. In that case, the first strong key is destroyed, effectively wiping the drive. The next strong key is used when the drive is re-deployed. When the drive runs out of strong keys (typically 5 or 10), then it is permanently bricked and can never be used again.

    There is no real difference between a deliberate reset as described in the paragraph above, and when an attacker attempts too many guesses where the drive wipes itself.

    In case it is not obvious to you, the security of this design depends on the tamper resistance of the cryptographic module that stores the strong keys and implements the other features of the encrypting drive. It also depends on the manufacturer's key generation and loading process during production. You must trust that the manufacturer is using a true random number generator and is not recording the resulting strong keys that are loaded onto drives. (They must also have a way to identify individual drives to look up the keys, and have a way to bypass their own tamper resistance and self-destruct mechanism). Of course, you must also trust that the manufacturer did not incorporate a backdoor into their design. I already pointed out the huge risk that manufacturer would take if they did that.

    Some newer drives have a built-in random number generator. They create their own strong keys internally, and there is no limit on the number of resets that can be performed.

    I have described only one specific type of encrypting drive in the paragraphs above, but deadbeef asked. I have seen many other encrypting drives that operate under completely different security models and have their own specific issues.

    What is your profession? I mean, are you pen testing for a living?

    If you know enough to ask the question, then you should have guessed that I won't answer. Sorry. :-(

    Suffice it to say that I am a VPS hobbyist, nothing more. I have learned a lot from everyone here, and I want to express my appreciation to those who have helped me along the way. VPS administration is not my forte.

    @Abdussamad said:

    What happened with juniper products was that the NSA installed a backdoor with the connivance of the manufacturer and the Chinese were among those exploiting it. That is what happened. The Chinese MO is to find and exploit vulnerabilities. The NSA does that + install vulnerabilities themselves.

    Please cite authoritative sources for your assertion that the NSA is responsible for the Juniper hacks. I acknowledge that the NSA is highly suspect, but I have seen nothing that conclusively shows that they were involved, nor how they did it. (It would not surprise me to learn that Juniper knows much more than they have publicly disclosed.) In addition, I would like to see your sources that show that the Chinese discovered the vulnerabilities and were actively exploiting them prior to when it was publicly disclosed. More than one vulnerability was discovered. It is not apparent to me that the same party is responsible.

    I will agree with your assertions that the NSA can be (at times) very arrogant, deliberately creating exploitable vulnerabilities. The NSA seems to operate under the assumptions that:

    • The NSA is so smart that the underlying technology of their exploits will not be independently discovered by others.
    • The vulnerabilities that the NSA creates are so clever and subtle that they will never be uncovered by others after they are deployed, at least not within their useable lifetimes.
    • The NSA can exploit those manufactured vulnerabilities in ways that will not be detected.
    • The NSA so good at keeping secrets that their activities will never be leaked to the public or acquired through espionage.
    • If exposed, nobody cares enough to hold the NSA accountable for the collateral damage that they have done to the country as a whole by degrading its security. It is this last assertion that bothers me the most. In attacking their targets, the NSA never seems to consider the great harm that they may do to the very country that they are defending.

    With open source software you know it has been peer reviewed and there is at least some hope that there aren't any backdoors.

    I strongly disagree with this assertion. I can cite many examples of open source software that has been extensively reviewed, yet has harbored disastrous vulnerabilities that went unseen for years, sometimes more than a decade. It doesn't matter how many eyeballs look at the code if those eyeballs do not have the knowledge and experience to recognize subtle security issues in that code, whether deliberately inserted or not. It is only recently that large companies have woken up to their dependency on the security of open source software, and they are starting to fund quality efforts to secure that code. Funding is still insufficient for the task at hand, and the proper skilled resources are in short supply.

    With hardware you don't really know anything. The way I see it there is no point in spending extra for hardware encryption when you don't know whether its better. And BTW it often isn't better.

    You are partially correct. As I already stated above, some hardware encryption is abysmally insecure. You have cited one example of many. As long as the hardware is sufficiently secure against your threat model (such as @Plumberg's) then it is good enough, because it keeps your data secure against those threats.

    I am not worried about a common thief getting my data from an encrypted drive, nor am I concerned about a highly skilled, well-funded, state-sponsored adversary attacking an encrypted drive of mine. Frankly, it would divert their limited resources away from my country's true national security interests, and demonstrate their poor targeting and resource management skills.

    Thanked by 1deadbeef
  • @Abdussamad said:

    You laugh but this is what the experts say:

    As a cryptography and computer security expert, I have never understood the current fuss about the open source software movement. In the cryptography world, we consider open source necessary for good security; we have for decades. Public security is always more secure than proprietary security. It's true for cryptographic algorithms, security protocols, and security source code. For us, open source isn't just a business model; it's smart engineering practice.

    https://www.schneier.com/crypto-gram/archives/1999/0915.html#OpenSourceandSecurity

    It's why all the crypto algos we use are opensource. Their implementation should also be open source.

    I would never argue with Bruce Schneier, who is the preeminent authority in this space. Nevertheless, I believe that Mr. Schneier would want to revise those comments, considering the date of that quote, and the lessons we have learned since then.

    I am not saying that proprietary source code is more secure than open source. What I am saying is that security of anything is dependent on the quality of the security process that is followed to produce it. A carefully designed proprietary product may be more secure than its open source equivalent if it is produced by passionate people who are highly skilled in the art, compared with open source that is hacked together without a cohesive, security-baked-in-from-the-start design and implementation. I will say that given the same level of security quality in a product, making it open source is better.

    I agree 100% with Mr. Schneier that open standards are absolutely essential if we are discussing cryptographic algorithms or protocols (or source code at that level). I would never consider using a proprietary cryptographic algorithm, or protocol, or closed-source cryptographic library; the thought of doing so today is laughable.

    In the distant past some commercial cryptographic libraries were sold as closed source. Sometimes you could pay an extra fee (and sign non-disclosure agreements) to get the source code. Of course we always paid the fee. Sometimes we bought closed-source library licenses, but chose to incorporate open source implementations of the patented algorithms that we licensed.

  • AbdussamadAbdussamad Member
    edited December 2016

    wow @emg those are great walls of text that you've erected there! I for one am not going to climb those.

    I'll just answer this one bit here:

    Please cite authoritative sources for your assertion that the NSA is responsible for the Juniper hacks. I acknowledge that the NSA is highly suspect, but I have seen nothing that conclusively shows that they were involved, nor how they did it. (It would not surprise me to learn that Juniper knows much more than they have publicly disclosed.) In addition, I would like to see your sources that show that the Chinese discovered the vulnerabilities and were actively exploiting them prior to when it was publicly disclosed. More than one vulnerability was discovered. It is not apparent to me that the same party is responsible.

    I can't be bothered looking for sources. When this whole thing first came to light I read about it on various news sites and what I wrote above is just something that I picked up then.

    anyway we've done a splendid job of derailing the thread. keep it up guys!

    Thanked by 1boernd
  • deadbeefdeadbeef Member
    edited December 2016

    @Abdussamad said:

    deadbeef said: Ha ha ha ha ha ha ha ha ha ha ha, rofl, rofl rofl, rofl, rofl, rofl, rofl.

    You laugh but this is what the experts say:

    I'd suggest you stop giving your ass to experts (especially by quotes) and start subscribing to security lists to get an idea of how Open Source is by itself any kind of guarantee. In the mean time:

    Ha ha ha ha ha ha ha ha ha ha ha, rofl, rofl rofl, rofl, rofl, rofl, rofl.

  • deadbeefdeadbeef Member
    edited December 2016

    @emg said:

    First of all, thank you for the big & meaningful post. Thumbs up!

    My only objection is this:

    I don't think of it as a vulnerability, but a feature, and it is a feature that I want. If my encrypted drive falls into @deadbeef's hands, I encourage deadbeef to wipe my data quickly - better to have my data destroyed right away than have deadbeef hand the drive to someone who might have better luck getting at my data.

    The thread model I had in mind was something like "I have the disk around and some co-worker/kid/whatever intentionally destroys it while I'm at the toilet" - for the fun of it. This is more probable than the threat of "the encryption is going to be practically broken in the practical future, so it's best the stolen encrypted data to be deleted".

    In other words, the getting ddos'd feature is a potential low-barrier-of-entry source of frustration while its benefits non-practical.

  • emgemg Member
    edited December 2016

    @Abdussamad said:
    wow @emg those are great walls of text that you've erected there! I for one am not going to climb those.

    I answered specific questions that were posted in the thread regarding encrypting drives, which I happen to know something about. It is my hope that detailed responses such as mine serve as a legacy for others who search the internet for specific information about those drives.

    If the information is not relevant to your needs or you are too lazy, then don't read my posts. You already figured that out on your own.

    I'll just answer this one bit here:

    I can't be bothered looking for sources. When this whole thing first came to light I read about it on various news sites and what I wrote above is just something that I picked up then.

    I do my best to separate facts from conjecture. Not everybody puts in the effort, but I won't point fingers. :-)

    anyway we've done a splendid job of derailing the thread. keep it up guys!

    I can't argue with that, especially if you consider this particular response.

    @deadbeef said:

    First of all, thank you for the big & meaningful post. Thumbs up!

    [...]

    The [threat] model I had in mind was something like "I have the disk around and some co-worker/kid/whatever intentionally destroys it while I'm at the toilet" - for the fun of it. This is more probable than the threat of "the encryption is going to be practically broken in the practical future, so it's best the stolen encrypted data to be deleted".

    In other words, the getting ddos'd feature is a potential low-barrier-of-entry source of frustration while its benefits non-practical.

    @deadbeef's threat model is the same as if the co-worker/kid/whatever steals, destroys, or hides the drive. If they have physical access, then they can destroy deadbeef's data. The only difference is that my threats are tamper-evident, and deadbeef's threats may or may not be tamper-evident, depending on circumstances.

    The obvious mitigations are:

    • Maintain good backups that are not readily accessible to your attackers.
    • Don't leave your encrypted drives in a place where untrusted attackers may find them.

    Sometimes I go to meetings and conferences in "hostile" environments. Whenever I get up (to use the toilet, for example), I always shutdown my laptop fully. I keep my current notes from the trip on an encrypted thumb drive which I have in my pocket. It is inconvenient, but it works for me and it is reasonably secure. (Pedants may think of ways to recover the data from my laptop even in its shutdown state. I have considered them, but such attacks are not realistic to my situation.)

    Putting the thread back on track:

    I recommended that @plumberg (the OP) buy an Apricorn Aegis Secure Key flash drive for his needs. They come in USB2 and USB3 models. If USB2 speeds are acceptable, then plumberg can save money. If you consider plumberg's specific concerns, then the lower cost, five-button encrypting thumb drives are acceptable. They are less expensive than the Apricorn Aegis drives.

    Thanked by 1deadbeef
  • @emg said:
    @deadbeef's threat model is the same as if the co-worker/kid/whatever steals, destroys, or hides the drive. If they have physical access, then they can destroy deadbeef's data. The only difference is that my threats are tamper-evident, and deadbeef's threats may or may not be tamper-evident, depending on circumstances.

    Not exactly. The risk of actual theft vs "press the button 5 times" isn't the same, especially in an office setting.

  • Nice thread guys.
    Since you seem to have more knowledge on the subject, I'd like to ask you if these are good:
    http://www.corsair.com/en/flash-padlock-3-64gb-secure-usb-3-0-flash-drive

    I am aware of the issues of previous versions (especially 1st gen). However, those critical are gone AFAIK.
    I want a fast and safe thumb drive that won't ruin my budget.
    Any disadvantages/advantages of this Corsair drive that you know?

  • Ironkey (ironkey.com) used to be good. Don't know about now that they're acquired by kingston.

    #lexit spread the word.

  • emgemg Member
    edited December 2016

    @deadbeef said:

    Not exactly. The risk of actual theft vs "press the button 5 times" isn't the same, especially in an office setting.

    Okay, you win. It isn't in my threat model, but it seems a very real possibility where you work. I have worked with many bright and capable people who are skilled at practical jokes, but never those who would consider destroying someone else's critical data, joke or not. Sometimes people make stupid mistakes without regard for the consequences, but deliberately destroying personal or corporate data for the lulz is beyond the pale. Backups would clearly help, but if "coworkers deliberately destroying critical encrypted data" ever appeared on my radar as a reasonable possibility, then I would seriously reassess my current job situation. Trust is a critical glue that binds great teams together. Without it, I wonder about what such a team can accomplish and the quality of the deliverables.

    The corsair drive mentioned by @X4N1T (above) mitigates @deadbeef's data destruction problem by imposing long wait times before finally wiping the data on the 20th attempt. It starts with 2 minute delays, then graduates to a 12 hour delay before the final 5 tries.

    @X4N1T said:
    Nice thread guys.
    Since you seem to have more knowledge on the subject, I'd like to ask you if these are good:
    http://www.corsair.com/en/flash-padlock-3-64gb-secure-usb-3-0-flash-drive

    I am aware of the issues of previous versions (especially 1st gen). However, those critical are gone AFAIK.
    I want a fast and safe thumb drive that won't ruin my budget.
    Any disadvantages/advantages of this Corsair drive that you know?

    I do not know anything about the internals, but I can make an educated guess. I had a quick peek at the user manual.

    The Corsair Padlock 3 seems okay enough, but I have misgivings about Corsair's misleading advertising (see below). It is probably good enough for any reasonable loss or theft scenario that does not involve adversaries with high technical skills.

    Here are my minor concerns about it:

    • A 5 button numeric keypad, where each pair of digits is combined into a single button. I prefer the models with 10 buttons.
    • It defaults to a non-encrypted mode.
    • The advertising about FIPS compliance is very misleading. Corsair claims FIPS-197 compliance for their Padlock 3 product. This claim is deliberately specious and deceptive. Shame on Corsair! See my additional comments about FIPS in the paragraphs below.

    There are many different Federal Information Processing Standards (FIPS). FIPS-197 defines the AES (Rijndahl) encryption algorithm. Anything that uses AES for encryption can claim to be FIPS-197 compliant. Corsair appears to be trying to trick the people who are looking for a "FIPS Compliant" product. Those people do not understand that FIPS-197 and FIPS-140 are completely different standards.

    FIPS-140 is the FIPS (standard) that encrypting drive customers should care about. FIPS-140 describes the security of cryptographic modules. FIPS-140 references cryptographic algorithms such as AES, but it has a much wider scope than that, spanning many different security areas. For example, FIPS-140 also covers physical security, such as tamper resistance.

    If you want to get FIPS-140 certification for your product, then it must undergo a rigorous, time-consuming, and expensive review by an independent lab that is licensed to certify FIPS-140 compliant cryptographic modules. (Did I omit "painful"? DAMHIK.) There are different levels of FIPS-140 compliance ranging from 1-4. Each level has increasingly stringent requirements. Most encrypting drives are certified to level 2, sometimes level 3. A FIPS-140 certification does not guarantee that the product is secure. Several FIPS-140 certified products have been successfully compromised by security researchers.

    You cannot claim that your product is "compliant with FIPS-140" or words to that effect, unless it has been properly certified. All FIPS-140 certified cryptographic modules are documented on NIST's website, so you can verify the FIPS certification for yourself. It may take some work to identify which certified cryptographic module applies to your product. Read the Security Policy document. It will be a dry, technical read, but you may learn something interesting.

    Many encrypting drives come in a regular version and a FIPS-140 certified version. They are identical, except that the FIPS-140 certified version costs more. Some customers (e.g., government and military) are required to buy FIPS-140 certified products, and this is a way for the manufacturer to recoup some of the certification costs, which are significant. I like knowing that an encrypting drive has undergone FIPS-140 certification, but I always buy and recommend the non-FIPS version to customers who do not require FIPS-140 certification.

    Bottom line:

    The Corsair Padlock 3 encrypting drive is good enough for most general uses to prevent theft of data. I do not like their misleading advertising.

    Thanked by 2deadbeef X4N1T
Sign In or Register to comment.