It seems like the benefits are having the device lock/wipe itself after a set amount of attempts in case of a brute force attack and not having to run software to decrypt the drive on the device you plug it into.

I included a picture of the IronKey Keypad 200 but that’s just because it’s the first result that came up when I was looking for an example. There seem to be a few other manufacturers and models out there and they probably have different features.

I am curious what do you think of them? Do you think they are useful? Do you find it more a novelty?


It was an ExplainingComputers video titled Very Useful Small Computing Things that made me think of them.

  • HelixDab2
    link
    fedilink
    arrow-up
    3
    ·
    9 months ago

    Seems like it’s a good starting point.

    I wonder if you can encrypt the files prior to storing them on the key, which would then encrypt them a second time with a different method. Would the compromise the data in any meaningful way? Or would it mean that you had to decrypt the key and then decrypt the data a second time?

    • Corroded@leminal.spaceOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      9 months ago

      I believe you would have to decrypt them a second time. For example if you wanted to be real secure you could have the USB device, an encrypted folder that holds important documents and files you want to back up, and inside of that could be a password database that requires a Yubikey or similar device.

      I believe what you are talking about is kind of like using a combination of cascading algorithms like AES->Twofish–>Serpent.

      I could be wrong though. If I am I hope someone can correct me.

      • HelixDab2
        link
        fedilink
        arrow-up
        1
        ·
        9 months ago

        So if that’s correct, then a single company breaking the IronKey isn’t, by itself, that big of a deal unless and until the knowledge bcomes fairly widely available.

        • Corroded@leminal.spaceOP
          link
          fedilink
          English
          arrow-up
          2
          ·
          9 months ago

          I think it’s a factor to consider but it depends on your threat model. A few people have linked an article about a Bitcoin wallet that was on one of these drives that was cracked. I imagine replicating the process would be difficult but with a big enough group going after you who knows?

          The extra layers of security always helps though.

          • HelixDab2
            link
            fedilink
            arrow-up
            1
            ·
            9 months ago

            I think that if your threat model is the NSA, then them having physical control over the drive–and probably you in a black site–is probably going to be the end of the road for you.