 |
DIY Secure USB flash drives?29 ,January, 2009 From Dror Todress |
This article from the US title PC World shows a way to use open-source software to encrypt data on any old, ordinary flash drives that you might have lying around.
While it does offer a reasonable level of protection for data - and it’s certainly better than no encryption at all — it’s worth noting that this method can still leave data vulnerable, compared with a true secure USB flash drive.
First, the software-based encryption used in the article is not “always on” as part of the device specifications - so the user has to remember to actively encrypt data. Unlike the hardware encryption on our Cruzer Enterprise range of secure drives.
Second, hardware-based encryption does not require any type of driver or software installation on the host PC. This keeps the encryption independent of the PC without leaving behind software footprints. Solutions that require driver installation make the driver susceptible to attacks and making the drive more cumbersome to install.
Third, the encryption software’s code is often stored in memory. If it is stored in a common memory space, it may be possible for an attacker to modify it, causing the USB flash drive to either malfunction or leak critical information. With hardware-based encryption, the code is digitally signed against the hardware, verifying software integrity each time the USB flash drive is inserted in the PC.
There’s more information on our white paper on this issue. It’s worth knowing the risks before going DIY with data security.
|
