I want my USB
November 4, 2006 9:45 PM Subscribe
Does there exist a USB drive that is hardware encrypted?
I'm looking for a 100% hardware encrypted USB drive. No software workarounds. No installing any software. No drivers. I need a USB device that will be useless until the correct key is given.
Does a 100% guaranteed encrypted solution even exist?
If not, why not?
I'm looking for a 100% hardware encrypted USB drive. No software workarounds. No installing any software. No drivers. I need a USB device that will be useless until the correct key is given.
Does a 100% guaranteed encrypted solution even exist?
If not, why not?
Like this?
Kingston claims hardware AES on them.
posted by Dipsomaniac at 9:57 PM on November 4, 2006
Kingston claims hardware AES on them.
posted by Dipsomaniac at 9:57 PM on November 4, 2006
Where would you enter the key if there was no software to install? On a keypad on the outside of the device? Because if you're not installing any special software or drivers then how are you supposed to communicate the key to the device? It's got to identify itself as a standard USB mass storage device in order to be of any use.
And the claim that somehow a truecrypt AES volume could be cracked any easier than a hardware volume seems rather flimsy. If anything it's more secure, as the data traveling over USB is encrypted, whereas it would be in plaintext for a hardware-solution.
posted by Rhomboid at 10:43 PM on November 4, 2006
And the claim that somehow a truecrypt AES volume could be cracked any easier than a hardware volume seems rather flimsy. If anything it's more secure, as the data traveling over USB is encrypted, whereas it would be in plaintext for a hardware-solution.
posted by Rhomboid at 10:43 PM on November 4, 2006
I'm looking for a 100% hardware encrypted USB drive. No software workarounds. No installing any software. No drivers. I need a USB device that will be useless until the correct key is given.
If no software can be installed, you have two choices: (a) a USB drive that has some sort of keypad or other data entry device for access control, or (b) encryption that is supported natively by the OS.
For the first, I'd recommend something like the LaCie SAFE Mobile Hard Drive with Encryption. It is a USB hard drive that performs hardware Triple-DES encryption without any special software support (other than for the initial configuration). It uses a fingerprint scanner as the access control (I'd much prefer it if it had a keypad).
For the second, use a standard USB drive and place on it a single full drive-sized native OS supported encrypted disk image. For example, on Mac OS X you can create encrypted disk images using Disk Utility. Your data will be encrypted securely, will only be accessible via password, and will work on any machine running Mac OS X without having to install any 3rd party software.
posted by RichardP at 10:46 PM on November 4, 2006
If no software can be installed, you have two choices: (a) a USB drive that has some sort of keypad or other data entry device for access control, or (b) encryption that is supported natively by the OS.
For the first, I'd recommend something like the LaCie SAFE Mobile Hard Drive with Encryption. It is a USB hard drive that performs hardware Triple-DES encryption without any special software support (other than for the initial configuration). It uses a fingerprint scanner as the access control (I'd much prefer it if it had a keypad).
For the second, use a standard USB drive and place on it a single full drive-sized native OS supported encrypted disk image. For example, on Mac OS X you can create encrypted disk images using Disk Utility. Your data will be encrypted securely, will only be accessible via password, and will work on any machine running Mac OS X without having to install any 3rd party software.
posted by RichardP at 10:46 PM on November 4, 2006
I saw a USB flash drive once with two partitions on it - the first partition was floppy-sized (it actually mounted as B: drive on a Windows box) and held a PDF manual and an encryption/password tool that ran right from the drive (no install needed); the second partition was the rest of the flash, encrypted. It appeared to be a cheapie generic. Don't know who made it. But they do exist.
posted by flabdablet at 2:17 AM on November 5, 2006
posted by flabdablet at 2:17 AM on November 5, 2006
The Kingston and the FingerGear linked are windows only and require software.
A quick google finds this BioStik
However, I wouldn't put any faith in encryption that relies on fingerprint (way too easy to compromise), let alone a numeric keypad.
100% guaranteed encrypted doesn't make any sense. If you are wanting unbreakable encryption, that doesn't exist.
posted by mphuie at 2:19 AM on November 5, 2006
A quick google finds this BioStik
However, I wouldn't put any faith in encryption that relies on fingerprint (way too easy to compromise), let alone a numeric keypad.
100% guaranteed encrypted doesn't make any sense. If you are wanting unbreakable encryption, that doesn't exist.
posted by mphuie at 2:19 AM on November 5, 2006
Something like this is pretty standard for this sort of thing:
http://www.usbgear.com/secure-disk-hardware-encrypted-usb-drive.html
Physical 40-128bit DES encryption dongle(key) required, on-chip encryption, operating system independent, fast, hot-swappable, washes windows and tucks in the children.
For extra security, hide the key(s) in the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying "Beware of the Leopard."
posted by empyrean at 2:56 AM on November 5, 2006 [1 favorite]
http://www.usbgear.com/secure-disk-hardware-encrypted-usb-drive.html
Physical 40-128bit DES encryption dongle(key) required, on-chip encryption, operating system independent, fast, hot-swappable, washes windows and tucks in the children.
For extra security, hide the key(s) in the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying "Beware of the Leopard."
posted by empyrean at 2:56 AM on November 5, 2006 [1 favorite]
There's some talk about TrueCrypt and other alternatives here.
posted by phearlez at 8:32 AM on November 6, 2006
posted by phearlez at 8:32 AM on November 6, 2006
There's no such thing as total unbreakability. If it's electronic, it can be hacked. It's really a matter of how much time and energy an attacker is willing to put into cracking the encryption.
I highly recommend TrueCrypt, and be sure to look into its "hidden volume" feature if you're paranoid.
There's a kidnapping/child molestation/murder case here in the Pacific Northwest where the perp has pled guilty in exchange for a life sentence. One of the provisions of the deal is that he give up the passwords to the encrypted data on his computer, which may lead to evidence of other crimes. The police have had the hardware for a year or so and haven't been able to crack his encryption. Of course I don't know how hard they were trying...but it's still a reminder that modern encryption techniques and fastidious security procedures can make data very safe.
posted by lhauser at 9:58 AM on November 6, 2006
I highly recommend TrueCrypt, and be sure to look into its "hidden volume" feature if you're paranoid.
There's a kidnapping/child molestation/murder case here in the Pacific Northwest where the perp has pled guilty in exchange for a life sentence. One of the provisions of the deal is that he give up the passwords to the encrypted data on his computer, which may lead to evidence of other crimes. The police have had the hardware for a year or so and haven't been able to crack his encryption. Of course I don't know how hard they were trying...but it's still a reminder that modern encryption techniques and fastidious security procedures can make data very safe.
posted by lhauser at 9:58 AM on November 6, 2006
This thread is closed to new comments.
There are plenty of software based solutions that work fine, but they offer a false sense of security to those that don't understand the inner workings of the encryption software.
posted by bh at 9:50 PM on November 4, 2006