OK Computer Guys - Iron Key, Is It Worth The Money?

[TriggerT]

I keep a good deal of personal information on a 4 gig flash drive. While Scan Disc has password protection standard, my understanding is that it is child's play to force your way past their password protection. I was told by one of the guys I know that "Iron Key" flash drives were pretty much the **** if you want to protect your data. Anyone have any experience with them? I am serious about protecting my data, but I wonder if there is another solution that isn't quite as expensive?

 

[uctofeej]

Super secret agent spy stuff! :assassin: Self-destruct after 10 incorrect password attempts? Hope you don't drink and type...

I'm not convinced of IronKey's abilities. If it's plugged in and unlocked, it's vulnerable. I'm sure someone with mad Russian or Chinese hacking skills could get into it if they found it and knew about it's encryption capabilities up front. But that also applies to any other flash drive. In all the years that I've heard "this security feature is unbreakable," I've never seen a claim hold up longer than a year.

Bottom line, you'd be paying about $100 for the self-destruct option, assuming it would actually work. How important is your data to you? Only you can answer that. But if you consider this a good protective measure, it might be worth it.

For my own personal use, I've formatted a Lexar usb flash drive with encryption as a Linux drive. A windows machine can't open it, but anyone who knows linux could brute force their way past my encryption... if they really wanted to. I'm playing the odds because that's what I think is the best line of defense.

 

[twistedcricket]

Save your money. The ironKey solution is nice, but waaaay overpriced.

I've used this with success (recently) - THIS

Read, read, read, and read about it before using it. I think it's fairly straight-forward but I'm generally off-center.

1 - it works with any usb drive

2 - works with any OS

3 - will screw you hard if you mess it up

Good luck

 

[Silent]

Why not just keep the files on the flash drive zipped with a password protect. That will keep your **** personal files safe. You can use that in conjunction with the normal flash drive security protocols.

 

[Aasland]

Thumbs up on Truecrypt! I use it too. Makes it easy to backup too .. just copy the whole truecrypt volume. Best of all, it doesn't require a 'special' USB key. And backups are important, especially with USB keys and their limited r/w cycles.

I deal with tape encryption at work and while not directly applicable, here are some things to keep in mind:

1. If the effort of breaking into your data is higher than the benefits of your data, you're good. An identity thief won't put a lot of effort into getting your data - it is easier to dumpster-dive. On the other hand, if you have encrypted child-pr0n on there, the Canadian gov't will spend lots of effort to get at it.

2. Is the data actually encrypted, or just access to the data? This is relevant, because if the data is "in the clear" anything that can dump memory will see it.

3. If the data is encrypted, where is the certificate/key? If it is storing it with the data, but requiring a password to access the certificate/key (like Truecrypt) is less safe (but more convenient) than keeping them separate.

My recommendations:

1. If just protecting personal stuff, get a cheap USB key and Truecrypt.

2. If protecting child-pr0n, go shoot yourself delete it and seek counseling.

 

[jmarran]

Work gave me an IronKey a little over a year ago. I've been using it and it works well in the sense it's secure, but also user-friendly. I was going to say it's DoD standard, but just re-checked the box and don't see that, so won't.

 

[TriggerT]

No **** on the flash drive. Mainly work documents, like bids for projects we are working on that would be bad to loose.

 

[uctofeej]

I was going to say it's DoD standard, but just re-checked the box and don't see that, so won't.

I was wondering about that, too. The demo said it is "military compliant" and then it showed some number code as evidence. ???

 

[jmarran]

Well, let's just say that it's really the only one that they want to risk us losing potentially with sensitive data.

I'm guessing there isn't one out there (yet) with actual DoD encryption, but chances are if you REALLY need that you REALLY shouldn't be carrying that data around at all.

I'm thinking it's more than enough secure for what Trigger's needs are. In fact, probably a good honest solution.

 

[tcfjr]

Save your money. The ironKey solution is nice, but waaaay overpriced.
I've used this with success (recently) - THIS

Gunny on TrueCrypt. It's free, and it just plain works. I've been using it for all my sensitive files, both business and personal, for 4+ years, with no problems. But as Cricket said, don't forget your password, or you're really hosed.

 

[TriggerT]

Well, let's just say that it's really the only one that they want to risk us losing potentially with sensitive data.I'm guessing there isn't one out there (yet) with actual DoD encryption, but chances are if you REALLY need that you REALLY shouldn't be carrying that data around at all.

I have a cousin that works with the DOD. He has told me that he has worked in Area 51, and has let me know of a few projects he has worked on that are now declassified. He isn't allowed to take ANYHTING that could be used to store any type of data in to work with him. They even frown on him even having a PC at home.

 

[FightOrFlight]

I'm another satisfied TrueCrypt user. It's super easy to use and the software itself can exist on the flash drive you are securing.

 

[TruWrecks]

The current powers won't let anything be publicly sold that they can't already break. Just sayin'

 

[jmarran]

They have "closed" areas here, and I was in one for a bit when setting up the network. It's pretty amazing how secure that stuff is. If you have classified or truly sensitive data, it never sees anything even close to a public or intranet network. You can't even carry a cell phone in one - and that's non-camera phones. I wish I could mention some of the occasional stuff I've seen, but wouldn't dare.

 

[twistedcricket]

No **** on the flash drive.

I call ********

I tested truecrypt first. Don't EVER just start throwing your sensitive data on there until you're comfortable using it. Create a few files with just a few lines of text or a spreadsheet with just one thing in it and get used to how it works. Test the recovery features. You never know when you might need it

Plus, and I can't stress this enough, pick a password that is secure and easy to remember (no kids names, dates, etc) - you're truly hosed if you forget that one password.

I would prefer that my employer ban USB drives at work... reduces my liability and the chance that some user infects the entire company with some bad stuff.

 

[GunMD]

I would prefer that my employer ban USB drives at work...

Mine did.

None. Zero. Nada. Zilch. I get a report showing all the hostnames/usernames of machines that have been "violated" by having any removable flash based media inserted. It gets checked out and the computer gets taken away for a "cleaning".

h34r:

 

[TriggerT]

No **** on the flash drive.

I call ********

Dude, why save the stuff when there is such an ever changing variety of good free **** for the taking? Besides, you can get online from just about anywhere.

Wait, unless you are talking FJR Pron. There is some of that on my Flashdrive. I have found some great pictures over the last few years, and I like having them so I can use them as wallpaper on different laptops.

 

[DaSpyda]

Okay, my question: what if you lose the flashdrive?

Wouldn't it be easier to store it on some obscure website host somewhere - fully accessible from any location?

You can create a dummy site that isn't worth stopping at, and access zip files, etc from the locations only known to you.

You can even name them innocently in case someone accesses the directory to look for some stuff that would end up looking totally lame.

 

[twistedcricket]

Okay, my question: what if you lose the flashdrive?
Wouldn't it be easier to store it on some obscure website host somewhere - fully accessible from any location?

You can create a dummy site that isn't worth stopping at, and access zip files, etc from the locations only known to you.

You can even name them innocently in case someone accesses the directory to look for some stuff that would end up looking totally lame.

If the files are secure, losing the drive won't really be an issue. The files should be inaccessible.