Another Snake Oil Candidate
Aram Perez
aramperez at mac.com
Wed Sep 12 01:56:43 EDT 2007
Hi Jon,
On Sep 11, 2007, at 5:35 PM, Jon Callas wrote:
> I'm a beta-tester for it, and while I can understand a small twitch
> when they talk about "miltary" and "beyond military" levels of
> security, it is very cool.
>
> It has hardware encryption and will erase itself if there are too
> many password failures. I consider that an issue, personally, but
> it appeals to people. The reason I consider it an issue is that I
> have had to use a brain-dead-simple password I'm not going to
> forget because if I get cute and need to try a number of things,
> poof, I'm dead.
>
> Yeah, it's using AES CBC mode, but that's a good deal better than a
> lot of encrypted drives that are using ECB.
>
> It also has their own little suite of Mozilla plus Tor and Privoxy
> for browsing and they've set it up so that you can run that on
> another computer from the drive.
>
> It's not bad at all. My only real complaint is that it requires
> Windows.
The IronKey appears to provide decent security while it is NOT
plugged into a PC. But as soon as you plug it in and you have to
enter a password to unlock it, the security level quickly drops. This
would be the case even if they supported Mac OS or *nix.
As I stated in my response to Jerry Leichter, in my opinion, their
marketing department is selling snake oil.
Regards,
Aram
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list