Related Links

Top 5 Stories


Secure USB drives have flaws, warns Kingston

30 December 2009

Kingston Technology, the memory and secure drives specialist, has warned users that some of its DataTraveler secure USB drives - under the right conditions - "a skilled person" can access the data on the drive.

The USB drives affected by the security flaw are the DataTraveler BlackBox, as well as DataTraveler Secure and Elite Privacy units.

Sales of the BlackBox are on hold, Kingston said, whilst the the latter two USB drives are no longer sold by the company.

In a reseller warning posted to its website, the firm said: "The above drives still operate as normal, but if lost or stolen it could be possible for a skilled person to access data held on the drive."

"We understand that the attack used to access the drive's encrypted content is sophisticated and that Kingston have rated this issue as a priority.

"The attack used by the company who found the issue does not affect any of Kingston's other secure drives (DataTraveler Locker, Locker+, Vault or Vault Privacy)."

Commenting on the security warning, Andy Cordial, managing director of storage systems integration specialist Origin Storage, said this is a classic illustration of the increasing levels of hacker sophistication making lower level encryption technologies obsolete.

"Although the Secure and Elite Privacy units are no longer on sale, there are a number of these secure USB drives in active use by public and private sector organisations - who's going to tell them their supposedly secure drives are hackable?", he said.

Because of these issues, he added, any organisation considering a secure method of storing, transporting and/or sharing data should select only those systems that use the most powerful encryption technology - and preferably with an additional layer of protection, such as a PIN / password system, on top of the encryption.

Origin's DataLocker products, he explained, are an example of such technology because, as well as featuring high levels of encryption, they also have brute force hacker defence technology as a standard feature.

"The days of selecting the cheapest secure USB drive and similar storage technologies are now long gone, as the Kingston situation clearly shows", he said.

"The better equipped secure storage devices freely available on the market today are highly secure against today's - as well as well as tomorrow's - hackers, making an investment in the technology something of a no-brainer, compared to the potential legal and reputational damage of sourcing a lower-cost, lower-spec solution", he added.

This article is featured in:
Data Loss  •  Encryption



Blueeyes1978 says:

01 January 2010
This is all the more reason to purchase the most secure flash drive on the market; the Ironkey:

Here is an article an Ethical Hacker and pentration tester did on the Ironkey that further supports this statement:

Once you own one of these flash drives, you will never want to buy anything else.

Note: The majority of comments posted are created by members of the public. The views expressed are theirs and unless specifically stated are not those Elsevier Ltd. We are not responsible for any content posted by members of the public or content of any third party sites that are accessible through this site. Any links to third party websites from this website do not amount to any endorsement of that site by the Elsevier Ltd and any use of that site by you is at your own risk. For further information, please refer to our Terms & Conditions.

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×