[e-privacy] Protected Memory Stick Easily Cracked
Anonymous
nobody at remailer.paranoici.org
Fri Apr 13 17:01:03 CEST 2007
http://it.slashdot.org/article.pl?sid=07/04/13/1230223
A $175 1GB USB stick designed to protect your data turns out to be a
very insecure. According to the distributer of the Secustick[1], the
safety of the data is ensured: 'Due to its unique technology it has
the ability to destroy itself once an incorrect password is entered.'
The Secustick is used by various European governments and organizations
to secure data on USB sticks. Tweakers.net shows how easy it is to break
the protection of the stick[2]. Quoting: 'It should be clear that the
stick's security is quite useless: a simple program can be used to fool
the Secustick into sending its unlock command without knowing the
password.
Besides, the password.exe application can be adapted so that it accepts
arbitrary passwords.' The manufacturer got the message and took the
Secustick website offline. The site give a message (translated from
Dutch): 'Dear visitor, this site is currently unavailable due to security
issues of the Secustick. We are currently working on an improved version
of the Secustick.'
[1] http://www.secustick.nl/
[2] http://tweakers.net/reviews/683
More information about the E-privacy
mailing list