IronKey 1GB secure USB Flash drive
Cast-iron data security?
Review What do you give the data security nut who has everything? IronKey may have the answer: what it claims is an almost totally secure, steely USB Flash drive that doesn't simply encrypt the data kept on it but protects your applications and online activities.
IronKey's IronKey: data vault
So no more worrying your missus might find and try that cheap Flash drive you back-up your pr0n on, then? Perhaps, but IronKey - the company - has more serious uses in mind for its dinky metal-clad product.
Out of the box, the IronKey isn't particularly distinguishable from a host of Flash drives, for all its brushed aluminium looks. But this boy's tough shell is more than skin deep. The company claims the drive is waterproof to US military standard 810F, which, if fully implemented, means it's able to withstand high and low pressures; extreme temperatures; rain, ice, dust and sand; and even gunfire vibration.
Puddles, then, are no problem, but you may not necessarily want to take it diving. Whatever, IronKey also claims its drive is solid and tamperproof too. We tried, without success, but we'd not like to state categorically that it's impervious to a determined data-thief with the right tools.
In addition to 1GB, 2GB or 4GB of on-board storage, the IronKey has its own cryptography chip that uses the very-difficult-to-crack AES, RSA-2048 and SHA-256 encryption algorithms not only to protected the data stored on the device itself but also to scramble the data the drive sends back and forth over the host PC's USB connection should anyone be snooping it.
It's worth stressing this point. The IronKey has hardware encryption, while almost all other secure Flash drives out there use software encryption. So crypto operations take place on the drive, not in memory, where they could, potentially, be tapped. Passwords are not stored in the drive's file system, but in a separate part of the hardware. The encryption keys are not held in the Flash memory.
COMMENTS
Clarifying International Shipment
ThinkGeek has told us that they can no longer ship internationally as they cannot manage the export restrictions.
IronKey has received export approval from the Department of Commerce.
For International Orders - please call eCost at +1 972-265-4147, then press 1 for international sales. 5am to 9pm PST Monday through Friday.
Re. international shipment
I asked IronKey directly, and they said ThinkGeek would ship the product overseas.
@ Tony Smith & Dave
"You can buy it from Thinkgeek.com, which will ship internationally"
Not according to the last line of the ThinkGeek product description: "Sorry - due to export restrictions, we cannot ship outside the US and Canada."
Has anyone successfully ordered one from the UK? I'm tempted, but don't particularly want it impounding en-route.
Cheers, Mark.
IronKey and TrueCrypt
TrueCrypt is a wonderful piece of software. A number of our users run TrueCrypt from their IronKeys for double encryption. Here are the benefits of an IronKey over TrueCrypt
1. No software or drivers to install. Even the portable version of TrueCrypt installs drivers. This is not a problem if you have administrator rights, but....
2. IronKey does not require Administrator rights on Windows XP. This is super-critical in enterprise and government environments.
3. Brute force password guessing prevention. IronKey limits, in hardware, your password guessing attacks to 10 tries. With any software product like Truecrypt, you cannot prevent someone from trying millions or billions of passwords.
4. Hardware erasing of encrypted data. IronKey will trash not only the encryption keys but also the encrypted data. The benefit of doing this in hardware includes the fact that hardware erase can clear out flash blocks that are marked bad, as well as wear-leveling areas. Software removal cannot totally remove all data due to bad block mapping inside a flash drive.
5. Speed. Because IronKey crypto is in hardware, it is usually faster than software encryption implementations. YMMV.
So, by running TrueCrypt from an IronKey, you get the benefits of brute force password guessing prevention, tamper resistance, waterproofing, and double encryption. If running TrueCrypt is not an option (eg. using Windows XP non-Admin mode) then an IronKey is a great option IMHO.
@ Response to Response
Chris,
Sorry if you feel our marketing is misleading to naive users. We do our best to disclose exactly what we protect and how we do it, and we are pretty open about what we do not protect against (see learn.ironkey.com and forum.ironkey.com). We take your comments seriously, and we are trying to improve our messaging and marketing. However, I do think that we do at least as well, if not better, than our competitors in being open about how our products work, what the design goals were, what the threat models were, etc.
We also value the feedback of security experts and users alike, as we want to make our products better.
We have also found that naive users don't buy our products. It's almost all security folks and enterprise IT folks buying for their employees.
