Encryption Cracked on Certified USB Drives


General News

Just a warning out there to those who use SanDisk, Verbatim, or Kingston USB flash drives and take advantage of their encryption to secure your files that these are easily cracked due to an extremely dim-witted move: the same decryption string is provided when accessing encrypted files no matter what your password is. Meaning, you just have to bypass their authentication program and send this string, which is even the same string on all three of the brands listed at the beginning of this article. Yeesh! Remember folks, these are the same drives that are certified by NIST as FIPS 140-2 Level 2 (PDF) and are used by the American Armed Forces and the US government (for unclassified data).

 

Security expert firm SySS (click here for english link) has created a demo program that can access encrypted files within seconds. You can access their press release and papers here.

 

Read more to see the recalls and security notes from the three flash drive makers...

Depending on which manufacturer built your drive select the appropriate link:

Tag: encryption sandisk verbatim kingston usb flash drives nist what were they thinking

Share It!

A friend brought up to me that Bruce Schneier posted on his blog a follow-up to the question on how such a device could still be considered certified by NIST with such a glaring flaw.

 

Partial Quote:

The problem is that no one really understands what a FIPS 140-2 certification means. Instead, they think something like: "This crypto thingy is certified, so it must be secure." In fact, FIPS 104-2 Level 2 certification only means that certain good algorithms are used, and that there is some level of tamper resistance and tamper evidence. Marketing departments of security take advantage of this confusion -- it's not only FIPS 140, it's all the security standards -- and encourage their customers to equate conformance to the standard with security.

 

It's an interesting thought and gives a glimpse into some of the issues with marketing vs. truth. Yeah, the devices passed based on the algorithm used to encrypt the data, but the implementation failed miserably.

Your this post on the encryption cracked on certified USB drives is so informative. A lot of people want to know about these ideas because they have a direct link to it. There is some online assignment writing ideas from the best writers for the people who want to learn about it and this is so good for the people to read from here and apply for their ease.
The Seventies vibe currently dominating menswear isn't just limited to the clothes on your replica watches - it's also breaking through in swiss replica watches. Nowhere is this better seen right now than with Audemars Piguet's new yellow gold additions to the Royal Oak range - a throwback to the first gold editions of the rolex replica uk timepiece launched in 1977 (although the very first 1972 version was in stainless steel). Unveiled at SIHH 2016 earlier this year, these new Royal Oak Yellow Gold editions - otherwise known by reference 26574BA - will sit alongside the iterations in stainless steel and rose gold that hit the market last year. Available in an extra-thin tourbillon, perpetual calendar (complete with beautiful moonphase dial), chronograph, all with a 41mm case, and a self-winding version with a 37mm case - as well as a blingier breitling replica watches, 33mm quartz model with a diamond-studded bezel for women - they all have a chunky-yet-sophisticated retro vibe.
I have had such kind of experiences to take the cracked USB which missed all the important data, the article reminds me that faults. Writers http://www.buyassignmentservice.com/pay-to-do-my-homework Do My Homework & provides good data
Great Post! I really like it https://simplemp3downloader.xyz/apk/ https://spotifydownloader.pro/apk/ https://statusdownloader.xyz/apk/
Founded in 2013 and based in Kingston, Ontario, Skycap Loans strives to offer a better lending experience, through a fast and easy loan application process.

https://www.crunchbase.com/organization/skycap-financial#section-overview
<a href="https://www.newswire.ca/news-releases/skycap-financial-teaches-clients-about-finances-with-new-skycap-university-course-682661781.html">Skycap Financial</a> specializes in helping people with low credit or poor credit gain financial assistance, offering short-term loans ranging from $500 to $10,000.