Welcome to Incremental Social! Learn more about this project here!
Check out lemmyverse to find more communities to join from here!

What are your thoughts on USB storage drives that have keypad encryption?

It seems like the benefits are having the device lock/wipe itself after a set amount of attempts in case of a brute force attack and not having to run software to decrypt the drive on the device you plug it into.

I included a picture of the IronKey Keypad 200 but that's just because it's the first result that came up when I was looking for an example. There seem to be a few other manufacturers and models out there and they probably have different features.

I am curious what do you think of them? Do you think they are useful? Do you find it more a novelty?

It was an ExplainingComputers video titled Very Useful Small Computing Things that made me think of them.

Chefdano3 ,
@Chefdano3@lemm.ee avatar

One thing I can tell you, it's that you can't use them as bootable drives to install an OS from. And if you try to pass the USB connection from an ESXi host to a VM on it, it won't work.

Aside from that, they're really annoying to work with.

NuXCOM_90Percent ,

Didn't use ironkey specifically but you can totally boot from an apricorn. Basically involved plugging it in, rebooting the machine, and VERY rapidly entering the unlock code before the bios finishes starting up and gets to the "so which drives are bootable?" phase.

It was hellish but it was also corporate policy to not use any USB storage devices that did not have a keypad for encryption. And DVDs were strongly controlled by the IT department (who were about as stupid as you would expect to have signed off on a policy like that).

EuphoricSquirrel ,

If you are lucky enough to know the admin key for the apricorn drives you can put them in lock override mode which keeps it unlocked till it completely loses power off the USB bus

Chefdano3 ,
@Chefdano3@lemm.ee avatar

Ah it was easy enough to get the iron key unlocked during post, as those HP servers take forever to boot, problem was the bios couldn't recognize the USB. Whatever firmware is on it that does the security confused the system, and while it saw the drive, it didn't know what it was and wouldn't boot from it. In both uefi mode, and in legacy bios mode

ryannathans ,

Nice just look at the most worn buttons

WarmSoda ,

Damn. Dude just comes in and ends the entire discussion.

CorrodedCranium OP , (edited )
@CorrodedCranium@leminal.space avatar

It seems like these drives can use up to 15 digit pins and lock out after a set number of attempts. I don't know if that would be a huge issue

ninpnin ,

Permutations have entered the chat

NuXCOM_90Percent ,

It still drastically narrows down the search space and makes social engineering a LOT easier.

Because you tend to have one of two sources for any password that people need to remember.

  1. Randomly generated with no rhyme or reason. And written down on a sticky note as a result
  2. Something with meaning to the user

And it is the latter where this becomes an issue. Because let's say they are a 50 year old and 1, 4, 6, 7, and 9 are heavily worn. Well, they were born in the 70s so let's verify exactly when. Hmm, May. No 5 means it probably isn't their birthday. Wait... their partner was born on April 7th, 1976. No luck. Oh, but what if they were clever and it is actually 197647 instead of 471976? Boom, in.

CorrodedCranium OP , (edited )
@CorrodedCranium@leminal.space avatar

Related XKCD

https://leminal.space/pictrs/image/78609103-00d3-44ce-95a5-e8ba6ccba7ae.png

It's a shame more people don't think of obscure numbers they've been forced to remember in the past or see constantly and use those.

  • A number from a song

  • Your middle school locker combination

  • The number of a local pizza place

  • Your library card number

  • The barcode number on something you carry around all the time

If you combined any two of those I imagine it would make for a pretty secure password.

NuXCOM_90Percent ,

No. That xkcd (not loading but I assume it is the password one?) is not relevant. Because you can't make a meaningful and easy to remember mnemonic out of a numeric password. That is WHY a purely numeric password is bad for anything that needs security. They are great for 2fa but the unique key should still be the other device.

And all of your good codes are similarly easy to social engineer out, are screwed the moment it is compromised once, or are literally reading off a sticky note.

Which gets back to these kinds of devices largely being security theatre. Because there is no good use case for them that wouldn't also involve encrypting the data/volume after you pin in. At which point... why waste money on something conspicuous with an easy to crack code?

CorrodedCranium OP ,
@CorrodedCranium@leminal.space avatar

I included it because passwords don't need to be hard to remember. If they make sense to you and have a bit of thought behind them they can be just as secure.

I am not saying these codes are perfect but if they are the weakest link in your network of security it's a decent start. Someone could be trying to get your passcode for days but unless they see you checking something like the bar code of a notebook before you have it memorized they could spend months guessing before realizing a segment of your passcode is the number of a pizza place in your hometown. It's not exactly something that's going to come up naturally.

I mentioned it in another comment but they also lock you out after a set number of attempts preventing brute force attacks.

I am not saying they aren't overpriced for what you are getting ($100 for 8GB) and considering the other options that are available but I doubt they are significantly easier to crack than a smartphone

NuXCOM_90Percent ,

Look up how hard it is for humans to remember long strings of numbers. That is WHY ICQ (and eventually phone numbers) were dropped almost immediately in favor of social media and the ability to exchange numbers just by tapping phones.

And in the time it would take to memorize a bar code (12-ish digits, depending on standard) you likely should be rotating that password anyway. And in the time it would take to memorize it you are also very blatantly reading off a sticky note as you "discretely" look at your notebook every time you want to access your password database in public. And if you aren't in public? Why go through these extra steps when there are much better ways to secure this that are a lot more obvious if they are tampered with.

I get that a youtuber you like talked about this. Youtubers talk about a lot of stupid products in the interest of making Content. But maybe listen to the people who have experience with this kind of hardware and the kind of security theatre policies that make them "a good idea".

CorrodedCranium OP , (edited )
@CorrodedCranium@leminal.space avatar

I get that a youtuber you like talked about this. Youtubers talk about a lot of stupid products in the interest of making Content. But maybe listen to the people who have experience with this kind of hardware and the kind of security theatre policies that make them "a good idea".

I think you might be confused. I'm not saying these devices are good. I started the post by asking if people thought they were a novelty. I just don't think it's as black and white as you are making it out to be and we got off on a tangent about passwords.

I think often enough people have a few numbers memorized that they can use and a lot of the time they're going to be too obscure to social engineer. I don't think you could do some CSI Miami style deduction to easily find out a passcode that's over ten digits in length.

I will admit you could probably brute force it and it's going to take less time than an alpha numeric password.

wreckedcarzz ,
@wreckedcarzz@lemmy.world avatar

a number from a song

I've got it! 8, 6, 7, 5, 3, 0, 9. Bulletproof, thanks op!

CorrodedCranium OP ,
@CorrodedCranium@leminal.space avatar

That's why I said to combine it with something else. Jenny's number might be in a dictionary that is used in a brute force attack but hopefully something like your middle school locker combination isn't. It's still 7 extra bits of entropy.

wreckedcarzz ,
@wreckedcarzz@lemmy.world avatar

(yeah yeah but that's not funny so I ignored it :p)

Preflight_Tomato ,

Password Entropy = length * log2(possible_chars). So this would actually add 7*log2(10) => 23 bits of entropy, assuming the attacker knew that this section was numeric, or ~45 bits if they didn't.

For anyone curious: Current best practice is a minimum of 100 bits, or 16 characters assuming only letters, numbers, and special characters. The recommended minimum bits increases every year with computing power.

CorrodedCranium OP ,
@CorrodedCranium@leminal.space avatar

Whoops thanks for the correction

fidodo ,

Just press the rest of the keys after you unlock it. Or use all the keys in the password. Or purposefully scuff them up.

AnnaFrankfurter ,

Obligatory XKCD

fruitycoder ,

Stopping low effort attempts to get data it seems good, as an addition too software encryption it seems great. Of course hardware can range from child toys, gimmicks, to serious hardened hardware, so results WILL vary.

HelixDab2 ,

Seems like it's a good starting point.

I wonder if you can encrypt the files prior to storing them on the key, which would then encrypt them a second time with a different method. Would the compromise the data in any meaningful way? Or would it mean that you had to decrypt the key and then decrypt the data a second time?

CorrodedCranium OP ,
@CorrodedCranium@leminal.space avatar

I believe you would have to decrypt them a second time. For example if you wanted to be real secure you could have the USB device, an encrypted folder that holds important documents and files you want to back up, and inside of that could be a password database that requires a Yubikey or similar device.

I believe what you are talking about is kind of like using a combination of cascading algorithms like AES->Twofish–>Serpent.

I could be wrong though. If I am I hope someone can correct me.

HelixDab2 ,

So if that's correct, then a single company breaking the IronKey isn't, by itself, that big of a deal unless and until the knowledge bcomes fairly widely available.

CorrodedCranium OP ,
@CorrodedCranium@leminal.space avatar

I think it's a factor to consider but it depends on your threat model. A few people have linked an article about a Bitcoin wallet that was on one of these drives that was cracked. I imagine replicating the process would be difficult but with a big enough group going after you who knows?

The extra layers of security always helps though.

HelixDab2 ,

I think that if your threat model is the NSA, then them having physical control over the drive--and probably you in a black site--is probably going to be the end of the road for you.

Imprint9816 ,

Yeah i dont see how this would be better then a run of the mill thumb drive (that doesnt scream im worth stealing) and just creating a cryptomator vault on it.

fidodo ,

Is that solution portable for any device and os you might plug it into?

Pantherina ,

No its not I think, at least Androids restricted af model doesnt allow that.

Same with veracrypt

fidodo ,

I view portability to be the main benefit of a hardware solution. I agree that software options will allow for better security, but imo a less secure hardware option is better than nothing if portability is a requirement.

Imprint9816 ,

Its available on linux mac and windows so id say it's pretty portable. You could even keep unencrypted installers on the same thumb drive in case internet access is an issue.

fidodo ,

Available or built in? Because there are a lot of jobs and use cases where you need to transfer to systems you don't have full control over.

Imprint9816 ,

At that point you should probably use a cloud based solution anyway. Any decently secured system wouldn't let you plug in a random usb drive anyway.

I had assumed the use case was more for travel not for trying to access sensitive data on systems that you have limited access.

alphafalcon ,

They occupy a strange niche full of contradictions.

Entering the code on the device itself should increase security as opposed to entering it on a compromised computer.

But plugging it into a compromised computer means the data is compromised anyway.

Their security is way harder to audit than a software solution like PGP.
The actual "encryption" varies from actual decent setups to "entering the code connects the data pins with no actual encryption on the storage chip"

Not having to instal/use software to use them means they are suitable for non-technical users which in turn means more support calls for "I forgot the pin, it wiped itself, can you restore my data"

They are kind of useful to check the "data is transported on encrypted media" box for compliance reasons without having to manage something bigger.

morgin ,

like everyone else has said hardware level encryption doesn’t seem like the most sound option.

Personally i’ve just encrypted sensitive files with picocrypt, only just started looking into better encryption techniques though so there’s probably better alternatives.

MonkderZweite ,

Same problems as any firmware based encryption (encrypting SSDs, etc.). Firmware is quickly outdated and the triangle price - speed - security usually neglects the security part.

Dyskolos ,
@Dyskolos@lemmy.zip avatar

Useful for what?
Hiding stuff from family-member or coworkers? Yeah sure. Why not.

Hiding stuff from professionals that really want your data? Probably not very helpful.

Also what about backup? One controller-malfunction and your stuff goes poof. I just assume the data is somehow important or else you wouldn't care about such a device 😊

CorrodedCranium OP ,
@CorrodedCranium@leminal.space avatar

Those are some good points. The IronKey Keypad 200 says it has a self recharging battery but I wonder how long it would last sitting out of use as a backup or if plugging it in would always be enough.

scott ,
@scott@lem.free.as avatar

Self-recharging? The world needs more of this mysterious technology.

THE_MASTERMIND ,

Yeah i am stumped what do they mean by that . Also that statement alone indicates their product is not good as they say.

CorrodedCranium OP ,
@CorrodedCranium@leminal.space avatar

I think they mean it doesn't rely on a battery that would need to eventually be replaced. It wouldn't have a disposable button cell battery for example

THE_MASTERMIND ,

But that's an odd way to put it

delirious_owl ,
@delirious_owl@discuss.online avatar

Do encryption in software. History taught us hard lessons about this.

CorrodedCranium OP , (edited )
@CorrodedCranium@leminal.space avatar

Can you think of some notable examples of hardware based encryption failing?

Besides the actual device dying I mean

jwt ,

https://m.youtube.com/watch?v=beMtNM7nwfQ&t=35m

Lojcs ,

There's no password involved in that demo

jwt ,

That wasn't part of the assignment. ;)

kevincox ,
@kevincox@lemmy.ml avatar

The downside with doing encryption in software is that you can't limit attempts. If you are using a high-entropy key this is fine. But getting users to use high-entropy keys has problems. If there is an HSM integrated into the device you can limit the potential guesses before the key is wiped which is critical without high-entropy keys.

A blog I follow recently had a good post about this: https://words.filippo.io/dispatches/secure-elements/

Of course you are still better off with a high-entropy key and software. But if you trade off too much usability in the name of security you will likely find that your users/employees just work around the security.

delirious_owl ,
@delirious_owl@discuss.online avatar

Sure you can. Use a memory hard hashing algo

kevincox ,
@kevincox@lemmy.ml avatar

That mitigates the problem but doesn't solve it. If you want unlocking to be <1s and your adversary has 10k times the RAM and can take a month they can make 26 billion guesses. So unless your password is fairly high entropy it is at risk. Especially if they have more resources or more time. PINs are definitely out of the question, and simple passwords too.

delirious_owl ,
@delirious_owl@discuss.online avatar

Good passwords are important. Always.

csm10495 ,
@csm10495@sh.itjust.works avatar

I had one of the SanDisk flash drives that had some launcher thing on it and I had a password for some reason on it.

In high school, a classmate tried to guess it, 3 times and I lost everything on it forever, since it stupidly locked forever after 3 tries.

I had software projects from back then that I can never get back.. including a web browser. I could have had the next Firefox..

If you're out there, Liz: I'll never forgive that.

THE_MASTERMIND ,

Was it going to be open source ?

csm10495 ,
@csm10495@sh.itjust.works avatar

I didn't know what that was yet.. but probably.

TonyTonyChopper ,
@TonyTonyChopper@mander.xyz avatar

Liz taught you to make backups of data you value

YeetPics ,
@YeetPics@mander.xyz avatar

These are handy if you have to move sensitive information but I've experienced more than one event at work where irreplaceable files were lost due to user error on these type of drives.

I couldn't tell you about the lifespan of these devices either, something tells me the keys won't last more than a few years if it's being used regularly.

kevincox ,
@kevincox@lemmy.ml avatar

If your only copy of critical data is on a portable storage device you are doing so many things wrong.

YeetPics , (edited )
@YeetPics@mander.xyz avatar

Agreed.

Have to stay within hipaa, sadly that means tech-illiterate c suite dipshits make decisions on hardware.

INHALE_VEGETABLES ,

I'll store my weird shit on an unsecured hard drive stashed in the woods. Like those that came before me, and those before me.

THE_MASTERMIND ,

You meant and those before them right ?

INHALE_VEGETABLES ,

You heard what I said. You heard it just like those before me.

Churbleyimyam ,

Store it in your bosses garden.

hanke ,

The IronKey has been cracked

Toribor ,
@Toribor@corndog.social avatar

Like most things, it's important to remember what threats you're trying to protect yourself against.

Are you trying to protect yourself against dropping a USB in a parking lot and someone picking it up? Or are you trying to protect yourself from a nation state?

potatopotato ,

Just my opinion but I don't really like the common belief of separating nation and non nation state actors. We're getting to the point where nation states are making up a large portion of the really damaging attacks, and it's frequently ones own government or a government they're in conflict with which means there are very kinetic consequences for failure even if you're a nobody. It's not just someone stealing some money anymore.

Pantherina ,

Only buy stuff with upgradeable firmware.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • privacy@lemmy.ml
  • random
  • incremental_games
  • meta
  • All magazines
    •