Seen this Flash Drive and figured I will post It for whom may be interested.http://www.ironkey.com

The following quote is from their site:

"To prevent unauthorized people or crimeware (malicious software such as viruses and Trojans) from gaining access to your encrypted drive, the IronKey prevents password guessing attacks (e.g. brute-force or dictionary attacks). After 10 incorrect password attempts (and ample warnings), the IronKey locks out all further password attempts. It initiates a patent-pending self-destruct sequence that securely and permanently erases your encryption keys and data. You can use IronKey's Secure Backup software to restore your backed-up data to a new IronKey."

It explains that an attack could be safely defeated but would be expensive if the 10 attempts (from trojans on your own PC) lead to a self-destruct when, obviously, you're still in physical possession of the device.:'(

Where's the backup then, on their server(s)? Yes, I know, a separate backup could be done to the "home PC data storage devices, which may also be encrypted.

So the trojan fails, your data is safe, but you have to buy a new device which may take a "day or three", and during that time you can't access your data.:'(

I'm totally lost when talking about the following, but the same benefit/danger scenario applies:

"This IronKey Cryptochip is hardened against physical attacks such as power attacks and bus sniffing. It is physically impossible to tamper with its protected data or reset the password counter. If the Cryptochip detects a physical attack from a hacker, it will destroy the encryption keys, making the stored encrypted files inaccessible.":'(
Need a new device then?

Device prices per Each range from 1GB-$79USD to 8GB-$299USD.
The 1GB would be sufficient for most data storage needs while still providing the very attractive password and anonymity features.

But, what's the annual cost to continue with the password and anonymity features? The prices are the same initially for both the Basic (no Internet Security features) and Personal (with the features) so there's no clue there. It would be good to know in advance rather than discovering later on that it's higher than you think reasonable.

And, how does the built-in Firefox browser get updated? Is it secure?

Rather short warranty period, other flash devices have up to 10 years warranty:
"All IronKeys carry a 90 Day Limited Warranty against defects in materials and workmanship."

Not withstanding the concerns expressed above, this sounds amazing (too amazing? :doubt:).

Jim C

It looks to be a Well made Device key word looks.It seems to offer a good security,But as you said the price from the basic to the personal is the same.Why would some by the basic then when you get for the money with personal.A bit confusion on the same points you made.It also seems more targeted for goverment officals of top secret files more then the Home user though.For $299.00 for the 8mb it should be 14 kt solid gold.

Here's an IronKey article, from ComputerWorld (http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9062527&pageNumber=5) - March 2008, comparing it to 6 other USB drives. The last article, Winners and runners-up (http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=Storage+Security&articleId=9062527&taxonomyId=153&pageNumber=9), says this about the IronKey:
-{ Quote: "Overall, however, the IronKey's numerous security features -- hardware-based encrytion, random password generator, two-factor authentication, secure Web browsing, and self-destruct mechanism -- along with its longer-life, single-level cell NAND memory, put it over the top as the highest quality, most secure drive of the bunch." }-

-{ Quote: "Here's an IronKey article, from ComputerWorld (http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9062527&pageNumber=5) - March 2008, comparing it to 6 other USB drives. The last article, Winners and runners-up (http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=Storage+Security&articleId=9062527&taxonomyId=153&pageNumber=9), says this about the IronKey:" }- Your research just proves that both you and the authors missed my points above.
Neither article questioned the lack of pricing for the annual Internet Protection nor did they stress the caution that the device may be forced to self-destruct requiring purchase of a new device nor the maintenance of the "built-in" Firefox.

The manufacturer should provide a means to recover from the "destruction" if you can prove that you are the owner without having to purchase a new device. I don't mean when there's outright theft or loss, i.e. when you no longer have possession, I mean when you lock down the device and leave your PC logged in (as opposed to using a password protected screen saver) and some fool decides to try to access your device, possibly just for fun, then it can be "lost" in a different way (not stolen, just useless).
To again quote the marketing fluff:
"If someone does happen to gain access to your flash drive and they fail to type in the correct password more than 10 times, IronKey will self-destruct, permanently locking out users and wiping out all the data on the drive".
That's a definite loss.

Faster transfers, longer life aren't really that important. Most will buy USB 3.0 devices soon.
Yes, the rest of the features look very good.

-{ Quote: "Your research just proves that both you and the authors missed my points above." }-
JW, my intent in providing the article link was meant to shed more light on a subject that djohn had originally posted, not a rebuke of the points you were making. IronKey is not for everyone, but if someone is interested in acquiring it, the more info they have at their disposal, plus any discourse on its merits or shortcomings, would make an informed buying decision even better.

-{ Quote: "JW, my intent in providing the article link was meant to shed more light on a subject that djohn had originally posted, not a rebuke of the points you were making. IronKey is not for everyone, but if someone is interested in acquiring it, the more info they have at their disposal, plus any discourse on its merits or shortcomings, would make an informed buying decision even better." }-
Hey I appreciate the additional info it did shed more light.I am really thinking about it my self. I have been looking around at some but I like that it is waterproof not that I plan on river raft in the rapid waters and the constrution is or seems excellent.

At $299US for a 8GB, I'm not that desperate :dry:

-{ Quote: "At $299US for a 8GB, I'm not that desperate :dry:" }-
Can you say the same thing about the computer in your sig?
Sorry, i couldn't resist i just wish i had that computer :).

-{ Quote: "Hey I appreciate the additional info it did shed more light.I am really thinking about it my self. I have been looking around at some but I like that it is waterproof not that I plan on river raft in the rapid waters and the constrution is or seems excellent." }-
And also to JRViejo, I appreciate your explanation, I took the original post the wrong way, so........

I guess the best approach is to go to the manufacturer, which I did just now. I sent them the following (very succinct compared to my previous posts verbosity):
"1) Cost to renew annual Internet protection? I couldn't find it.
2) Suggest you provide a means to reactivate after self-destruct if owner is in possession of device. example: my young grandchildren may innocently try to unlock the device yet I still possess it and don't want to buy a new one.
See discussion in thread http://www.wilderssecurity.com/showthread.php?t=227110"

I should get a response within 2 days (their claim), and I'll share it with you folks. Who knows, they may even post here themselves.

Jim C

-{ Quote: "And also to JRViejo, I appreciate your explanation, I took the original post the wrong way, so........

I guess the best approach is to go to the manufacturer, which I did just now. I sent them the following (very succinct compared to my previous posts verbosity):
"1) Cost to renew annual Internet protection? I couldn't find it.
2) Suggest you provide a means to reactivate after self-destruct if owner is in possession of device. example: my young grandchildren may innocently try to unlock the device yet I still possess it and don't want to buy a new one.
See discussion in thread http://www.wilderssecurity.com/showthread.php?t=227110"

I should get a response within 2 days (their claim), and I'll share it with you folks. Who knows, they may even post here themselves.

Jim C" }-
Hey great lets see how they respond,I have not thought of doing that good thinking JW and thanks for your efforts.:thumb:

-{ Quote: "Hey great lets see how they respond,I have not thought of doing that good thinking JW and thanks for your efforts.:thumb:" }-
Thanks Dave.
I actually may buy the 1GB. It's big enough for my truly private financial data which I do take with me when I travel and if the stick was physically lost then the IronKey self-destruct is perfect.
The Internet protection is a bit of icing on the cake if not too expensive.
I currently carry two Corsair Survivors which use TrueCrypt security so my data's reasonably safe if I suddenly went swimming with them in my pocket or was run over by a 'big truck'. I might drown or resemble a flat cartoon character, but my son could recover the data ;D. On the other hand, they are more vulnerable than the I-Key.
So, will I buy one? It depends on their answers.
Jim C

-{ Quote: "And also to JRViejo, I appreciate your explanation, I took the original post the wrong way, so........" }-
No harm, no foul, JW! :thumb: Do let us know their response. Take care.

In response to the numerous people who say 'My kid accidentally got hold of the key and caused it to self destruct' / 'left it in the computer and some joker ..etc', The first, F I R S T, thing anyone will tell you about security of anything is 'Once you've lost the physical security of the device, the battle is almost over.' This is especially true with PCs. The best security in the world on a computer becomes moot the moment an attacker actually has his hands on the computer itself. (Face it, even a root password can be reset on a Linux box if you have access to the hardware, unless the drive is encrypted.)

If security is important enough to you that you are willing to drop $80 for a 1GB USB Key, you are not going to simply 'leave it in the machine' or leave it somewhere that your grand kids are going to. If you do, two things, you are not as serious about security as you think you are, and if you lose all the data on the drive its YOUR OWN FAULT. Take frigging responsibility for yourself. If you leave your USB key somewhere and someone causes it to self destruct because YOU were sloppy, why is it the responsibility of IronKeys Makers to have a 'Fix' for it?? its NOT.

Sorry... I'm just tired of "Security Conscious" people asking for back doors 'just in case they do something stupid' that's 'not their fault.'

(PS. That's also what backups are for to have copies of 'lost' data itself.)

-{ Quote: " If you leave your USB key somewhere and someone causes it to self destruct because YOU were sloppy, why is it the responsibility of IronKeys Makers to have a 'Fix' for it?? its NOT." }-
I see your point here. However, you have to account for the fact that everyone makes mistakes. Since USB flash drives are small, it is really easy for them to get lost.

-{ Quote: "In response to the numerous people who say 'My kid accidentally got hold of the key and caused it to self destruct' / 'left it in the computer and some joker ..etc', The first, F I R S T, thing anyone will tell you about security of anything is 'Once you've lost the physical security of the device, the battle is almost over.' This is especially true with PCs. The best security in the world on a computer becomes moot the moment an attacker actually has his hands on the computer itself. (Face it, even a root password can be reset on a Linux box if you have access to the hardware, unless the drive is encrypted.)

If security is important enough to you that you are willing to drop $80 for a 1GB USB Key, you are not going to simply 'leave it in the machine' or leave it somewhere that your grand kids are going to. If you do, two things, you are not as serious about security as you think you are, and if you lose all the data on the drive its YOUR OWN FAULT. Take frigging responsibility for yourself. If you leave your USB key somewhere and someone causes it to self destruct because YOU were sloppy, why is it the responsibility of IronKeys Makers to have a 'Fix' for it?? its NOT.

Sorry... I'm just tired of "Security Conscious" people asking for back doors 'just in case they do something stupid' that's 'not their fault.'

(PS. That's also what backups are for to have copies of 'lost' data itself.)" }- Nothing like a good flame on a cold winter's day to keep us all warm and cozy, thanks Kooky
JW
PS You missed my points totaly!

-{ Quote: "I see your point here. However, you have to account for the fact that everyone makes mistakes. Since USB flash drives are small, it is really easy for them to get lost." }-

So's your housekey, but if you lose it you don't demand the locksmith come and open your front door now do you? Or say that the locksmith is responsible for providing you a new key to your door? No you have duplicates made (Backup your data elsewhere) and know that if you lose all your keys then you need to pay to have a new lock put in. (Or just buy the lock if your the handy-man type.)

JW - We both posted around the same time so let me respond to you. Yes, it is damn cold and a flame is great, but I was not really intending to flame you. I'm just complaining about the fact that no one wants to accept responsibility for their own actions. I went back and re-read your first post of the thread,

-{ Quote: "So the trojan fails, your data is safe, but you have to buy a new device which may take a "day or three", and during that time you can't access your data." }-

You go on to talk about how all the self destructs require a 'new purchase' of a fresh drive and it comes off sounding as if you are complaining about that fact. From a security and common sense standpoint, the odds are significantly in favor that you will have to purchase a new drive anyways. Why? Because most 'attackers' are going to steal your usb key, so you will never see it again anyways. QED you'll need to buy a new device. So perhaps you can explain why one of your biggest complaints is the fact that you have to buy a new key in many situations? Odds are your key is likely to be stolen as opposed to destroyed while still in your possession.

With regards the line I quoted, if your data is properly backed up locally on your drive, why would you have to wait five minutes to have access to it?

-{ Quote: "So's your housekey, but if you lose it you don't demand the locksmith come and open your front door now do you? Or say that the locksmith is responsible for providing you a new key to your door? No you have duplicates made (Backup your data elsewhere) and know that if you lose all your keys then you need to pay to have a new lock put in. (Or just buy the lock if your the handy-man type.)" }- The analogy is that I wouldn't want to have to buy a new house. Of course I'd politely ask a lock smith to help me, and I'd pay him a reasonable fee, I certainly wouldn't *demand* his help or expect it to be free. And, I wouldn't keep another house with duplicates of everything :wacko:. (I do have multiple backups of my financial data though, being the sensible thing for this type of thing). You're fighting a battle which you can't really win, that's so sad. Take two aspirins but, please, I ask you politely, don't call me tomorrow morning. ;)

-{ Quote: "
So perhaps you can explain why one of your biggest complaints is the fact that you have to buy a new key in many situations? Odds are your key is likely to be stolen as opposed to destroyed while still in your possession.

With regards the line I quoted, if your data is properly backed up locally on your drive, why would you have to wait five minutes to have access to it?" }-
If lost or stolen, the self destruct is perfect and I'd buy a new drive. No disagreement there, that's two of the many situations. A third situation, based on the marketing description provided by IronKey, is that there could be a trojan on an improperly protected machine, not mine surely, which would attempt to gain access. The description didn't explain clearly enough how this might work so I took the worst case scenario which was that the trojan could make 10 attempts so quickly that I couldn't stop it and the drive self destructs. In that scenario, I'm away from home and my PC backup. The backup provided by IronKey requires a new device for recovery from their servers. If I'm on a two week trip and this happens during the first few days the fastest recovery would be to buy a new drive, recover my backup from the IronKey server, etc. Or, as I suggested/requested, they provide a secure 'backdoor' to allow me to resurect my key. Notice in my post above that I carry 2 drives, each cost close to $100CAD, so I'm not really unconscious to basic security and back ups, paranoid maybe. Personally I'd still carry them, and if a trojan 'got my IronKey' I'll be happier than if it was able to steal data from my Crucials, although they are encrypted, etc. I'd find a different PC, pop in a Crucial and recover as best I could. (and hope it didn't have a trojan) The fourth situation is that someone tries to gain access, similar to the trojan, when I'd left the drive in a PC in a 'locked' state. That won't happen to me, I won't leave it plugged in (unless I forget, which is possible). Ergo, if my math is correct, we now realize that 'many = 4, or more?'.
I understand that the IronKey provides an extra level of security, which has value, but I'd still like a back door.
--------------------
I received a reply from IronKey yesterday. The annual cost for the Internet Protection is $24USD which is very reasonable. The device pricing is a bit unclear but the Personal at $79 includes the I.P. suggesting that the device cost is only $55, however the Basic is also priced at $79.???
They confirmed that self detruct is permanent at present, but my request would be passed on to their product management group for consideration. Does that mean that they might offer an 'insurance policy' of some sort? Only time will tell.

-{ Quote: "I received a reply from IronKey yesterday. The annual cost for the Internet Protection is $24USD which is very reasonable. The device pricing is a bit unclear but the Personal at $79 includes the I.P. suggesting that the device cost is only $55, however the Basic is also priced at $79.
They confirmed that self detruct is permanent at present, but my request would be passed on to their product management group for consideration. Does that mean that they might offer an 'insurance policy' of some sort? Only time will tell." }-
JW, thanks for the info! :thumb:
Who knows... your request, if implemented, might help others who are hesitating in buying IronKey because of that self destruct mechanism.

yes thanks JW.:thumb:

I got another answer from IronKey tech support, two answers actually.
1) Apparently my concern about potential attacks from a trojan is answered by the following:
[The device has to be unlocked (to have access to the encryption keys that decrypt the data). After 3 incorrect password entries (by the Trojan), the device must be physically removed and then reinserted. A prompt appears informing the user that the device needs to be unplugged and why.]
So, that's safe enough then:).
2. [Any add-ons that are compatible with the Fire Fox web browser can also be added to the IronKey's on board Fire Fox.]
And that's good too:). They did point out that there's still a problem with FF 3.0 and that users should continue to use (and maintain) FF 2.xxxx until IK can resolve it:(.
Still sensible, and they do provide instructions on how to revert FF backwards if a user upgrades to FF 3.0xx inadvertently. So that's a good and responsible thing for them to do:).
In summary, if you lose physical control, the device protects you by self destructing. If you keep physical control, sneaky trojans can't get past the security but the device doesn't self destruct. You get extra Internet protection for a reasonable $25USD/year and the Firefox on a stick which is part of the Internet protection means that you can use it on any PC, not just your own.
They deserve a :thumb:.
Jim C.

-{ Quote: "I got another answer from IronKey tech support, ...
They deserve a :thumb:
Jim C.
" }-
Nice :)
:thumb:

-{ Quote: "They did point out that there's still a problem with FF 3.0 and that users should continue to use (and maintain) FF 2.xxxx until IK can resolve it:(." }-
JW, I agree with your frown because if you read this article Mozilla plugs 13 holes in Firefox, retires older 2.0 browser (http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9123679), Mozilla has finally pulled the plug on FF 2, with version 2.0.0.19 being the final security update. Let's hope IronKey can resolve their issues with FF 3.0, soon.

very Nice even Nicer if fox 3 gets on.:thumb:

-{ Quote: "JW, I agree with your frown because if you read this article Mozilla plugs 13 holes in Firefox, retires older 2.0 browser (http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9123679), Mozilla has finally pulled the plug on FF 2, with version 2.0.0.19 being the final security update. Let's hope IronKey can resolve their issues with FF 3.0, soon." }-
I agree, but this isn't quite as bad as deserving a :thumbd: because the 'on device' FF is 'only' used for their Secure Sessions Service (SSS) (the $25USD/year thingy). Just for those that would like an explanation of that here rather than hunting on IK's site, I'll paraphrase what they say:
[IronKeys are optionally pre-configured with Secure Sessions Service (SSS) and a portable version of Mozilla's popular Firefox Web browser.

All data, cookies, and web history are maintained locally on the IronKey. The SSS protects your privacy on the Web by triple-encrypting your web surfing traffic, and provides secure DNS services to help assure that you are not visiting a spoofed website.

The Ironkey Password Manager locally manages all your online passwords with secure one-click direct access and protection against keystroke-logging spyware and other online threats. Optional encrypted password backup is provided as an online service.

SSS uses complex routing algorithms and high performance Tor servers to provide a layer of anonymity to protect your identity and confidentiality while ensuring an enjoyable web experience. Websites will no longer be able to see your IP address or know where in the world you are coming from, you can easily change which country your Web traffic is coming from at any time. You can easily and quickly disable SSS by clicking a button in the browser, which is handy when security and privacy are not important but data transfer speeds are.

When users access IronKey web sites and services, all information is exchanged over an encrypted channel. This is accomplished through Secure Socket Layer (SSL) and by utilizing Verisign Secure Site and Verisign Secure Site Pro certificates. To ensure additional security for its services, IronKey qualified for and is using Extended Validation SSL. The IronKey applications encrypt all sensitive data prior to transmitting it within the IronKey network and storing in databases.]
So, if you're on your own PC and don't need to hide behind their Tor servers, you can use FF 3.xxx (and your own password manager) on your PC. You would have to maintain passwords in two places, but that shouldn't be hard to do, maybe hard to remember to do though. I think that FF 2.xxx is OK if you're restricting yourself to known safe sites, but who knows for sure. They did say that you can install NoScript to the FF on the device and I'd do that, certainly (assuming there's still a NS for FF 2.xxx of course).
Probably the biggest reason for buying one of these is the self destruct should you lose possession and have 'sensitive' data stored on it.
Now a thought just popped into my head and I'm not sure if Wilder's will let me say this, but the self destruct would be handy should you be asked for the password by authorities and you kept giving them (10) different passwords. Voila, data's gone, forever. The risk is that the authorities make you disappear forever too. Definitely a :gack:.
I'll have to buy one when I'm visiting my kids in the U.S. though, that's the only place they'll sell one. Then hope they'll just think I travel to Canada a lot because that's where I'll use it most of the time.
Jim C. (now, off to shovel some snow....)

-{ Quote: "I think that FF 2.xxx is OK if you're restricting yourself to known safe sites, but who knows for sure. They did say that you can install NoScript to the FF on the device and I'd do that, certainly (assuming there's still a NS for FF 2.xxx of course)." }-
JW, thank you for the outstanding evaluation of this product. To answer the above, so far, NoSscript is being updated for FF2.

The FF version 2.0.0.19 was updated yesterday by Mozilla: What's New in Firefox 2.0.0.20 (http://www.mozilla.com/en-US/firefox/2.0.0.20/releasenotes/) but they do state This is the last planned release of Firefox 2.

Hello, I'm Drew from IronKey. Sorry if I'm a little late to the party on this thread...if you do have any questions regarding the IronKey, I am happy to answer them, and plan to check in here a couple of times a week to see if anyone does have such questions.

From the above posts, it looks like Tech Support (or me) have already answered most of these questions.

Regarding pricing...yes, the Basic and Personal version are the same price (Enterprise devices are also the same price), and with the Personal device you get more than you do with the Basic device.

For anyone in the "general public" the Personal is the device that you want.

The Basic device is designed for government and corporate deployments where network connectivity (including device updates) is considered a bad thing.

Yes, we do have have updates to our devices. These are free, signed, and securely delivered. :)

If anyone has any questions about IronKey, please let me know!

Drew, first, welcome to Wilders! As the saying goes, it's better late than never and it's always nice to have someone from a product's POV answer any questions from Wilders members.

I'm sure JW will have more but a quick question from me: did you ever resolve the issue with FF3 and if so, does IronKey use 3.0.6 now?

-{ Quote: "Drew, first, welcome to Wilders! As the saying goes, it's better late than never and it's always nice to have someone from a product's POV answer any questions from Wilders members.

I'm sure JW will have more but a quick question from me: did you ever resolve the issue with FF3 and if so, does IronKey use 3.0.6 now?" }- Hi JR, been awhile.
FF3 is not available yet, that's as of Mar. 2nd. Check the Iron Key Forum for more information,
https://forum.ironkey.com where you have to register to see threads.
Drew has summarized a list of requests/suggestions which he clearly states are not to be presummed to be an official 'worklist', although some may be, and some points have generated additional posts indicating desired user priority is quite high for FF3. I haven't posted myself, yet.

To Drew: You can simply Subscribe to this thread, daily e-mails would probably suffice but Instant would certainly give you a heads-up. I registered in your forums as AquaPraxis.

Regards to all,

Jim C

-{ Quote: "Drew, first, welcome to Wilders! As the saying goes, it's better late than never and it's always nice to have someone from a product's POV answer any questions from Wilders members.

I'm sure JW will have more but a quick question from me: did you ever resolve the issue with FF3 and if so, does IronKey use 3.0.6 now?" }-

Currently, support for FF3 is part of a Beta test, that also involves our Identity Manager (a replacement for the current Password Manager), and many other bug fixes and new features.

Beta devices shipped with FF 3.0.5, but users are encouraged to update to FF 3.0.6 as they normally would.

FF3 support is one of our top requests from users, and we are definitely working on it.

@JW,
Thanks! That's why I asked the question; didn't see it anywhere but since I'm not registered in their forum, now I know why.

@Drew,
Thank you for the response. Keep us posted especially when FF3 comes out of the Beta test.

Since apparently no one else here has one, I'll throw in my .02

I really like mine. I use it more than any of my other drives, mainly to store some data I always want safe and with me, to store and keep backups of encryption keys, and to keep a couple apps with me.

The interface is clean and simple, however lacks a bit compared to say portableapps.com's start menu. The menu can be configured, but one thing I hate is it has 2 icon displays and one list display, but as soon as you remove the device it goes back to the default. For me, thats a PITA because I have a lot of apps, and I like a small list display.

I dont use the password manager, mainly because I use keypass and I dont know that I trust my passwords to a device that is capable of phoning home.

I do not use the online backup feature, again for the same reason.

I do really like the "secure sessions" which is Tor on steroids. I DONT like that they operate all the Tor nodes, meaning one US subpeaona and they know where I go, but I do LOVE the speed. I notice only a small lag with SS running. Since really my main goal for using SS is to encrypt my initial traffic past the "watchers."

The FF2 thing is a nag, esp since every time you use FF it downloads the upgrades and you have to tell it not to install, but it's not too big of an issue. One PITA is that new add-ons are 3.0 only, so you cant use them. Some of the more established add-ons have older revisions, but thats a YMMV thing.

Speedwise, I see only a minor lag vs a standard USB flash drive, not enough to ever cause an issue.

I have only gone through 1 update of the IK itself, and it went great. Straight point and click, no issues. (Much better than my U3 that corrupts during backup and removes all my apps and generally sucks.)

Their web interface is pretty neat. You can log into it from any machine, but you can only access some features if you are logged in with your IK. It also has some client certificate stuff to validate you are on IK's site, and that you are you.

All in all I love my IK. My only real issues are with the start menu and the FF versioning, other than that it is great. I'd love to see it available in MUCH larger sizes tho. I'd kill for a 32GB version - but I'm sure the price would be ridiculous (which it shouldnt be considering the price to make the device shouldnt alter much based on capacity).

-{ Quote: "Since apparently no one else here has one, I'll throw in my .02

I really like mine. I use it more than any of my other drives, mainly to store some data I always want safe and with me, to store and keep backups of encryption keys, and to keep a couple apps with me." }-

Great! Thank you for using an IronKey, and thank you for posting some questions/comments here.

-{ Quote: "The interface is clean and simple, however lacks a bit compared to say portableapps.com's start menu. The menu can be configured, but one thing I hate is it has 2 icon displays and one list display, but as soon as you remove the device it goes back to the default. For me, thats a PITA because I have a lot of apps, and I like a small list display." }-

That was such hassle. You might want to "check for updates", since we released an update to version 1.3.2 just over a week ago, that solves that problem (among other things). It also has enabled the Control Panel to run faster.

-{ Quote: "I dont use the password manager, mainly because I use keypass and I dont know that I trust my passwords to a device that is capable of phoning home.

I do not use the online backup feature, again for the same reason." }-

There is no "phone home" or back door to the device. I understand your privacy concerns...and they are very valid concerns. You are right that conceivably we could have engineered the device to do that (we haven't done that).

We have gone through great pains to make sure that we don't have access to your passwords. They online backup is an encrypted blob, and the key for this resides on your device.

-{ Quote: "The FF2 thing is a nag, esp since every time you use FF it downloads the upgrades and you have to tell it not to install, but it's not too big of an issue. One PITA is that new add-ons are 3.0 only, so you cant use them. Some of the more established add-ons have older revisions, but thats a YMMV thing." }-

Last week, we announced that the update for FF3 support will be coming April 21st.

-{ Quote: "Speedwise, I see only a minor lag vs a standard USB flash drive, not enough to ever cause an issue.

I have only gone through 1 update of the IK itself, and it went great. Straight point and click, no issues. (Much better than my U3 that corrupts during backup and removes all my apps and generally sucks.)

Their web interface is pretty neat. You can log into it from any machine, but you can only access some features if you are logged in with your IK. It also has some client certificate stuff to validate you are on IK's site, and that you are you." }-

That is great feedback, thank you very much.

-{ Quote: "All in all I love my IK. My only real issues are with the start menu and the FF versioning, other than that it is great. I'd love to see it available in MUCH larger sizes tho. I'd kill for a 32GB version - but I'm sure the price would be ridiculous (which it shouldnt be considering the price to make the device shouldnt alter much based on capacity)." }-

32GB? Someday. :)

Also, remember that we currently are only using SLC (Single Layer Cell) Flash memory, which is significantly more expensive than the more common MLC (Multi-Level Cell). I won't bore you with the mundane details of NAND flash...but SLC is rated to be roughly 10 times longer lasting, has lower error probability, has faster write speeds.

Getting interested again :)

-{ Quote: "
That was such hassle. You might want to "check for updates", since we released an update to version 1.3.2 just over a week ago, that solves that problem (among other things). It also has enabled the Control Panel to run faster.
" }-

I will try to do so today. Does it fix the damn control panel so that when you click on an app that the CP freaking closes? that was one thing I forgot. MINOR issue, but end user wise its a ROYAL PITA to click say FF and then have to go back to the CP window and click the X on the CP. If I launch an app, close that damn thing back to the tray!!!!

And I am SURE it will NEVER happen, but I would like the ability to get to the virtual cd partition and edit things. Certainly I am a more advanced user than normal, but there are small hacks I would like to make here and there.

One thing that would be nice, however LOW on the list up there at IK I'm sure would be the ability to "skin" the CP and interface. Some just for individuality, but some for obscurity. Sure its obvious that I have a giant stainless steel key sticking outta my computer, but still I dont like that if I open the CP that its OBVIOUS if you can see my screen that I am opening something "secret." Just arouses unneeded suspension sometimes. Nothing major tho.

Glad to hear about FF3, cant wait.

I'd also like to see IK implement the drive w/PKI for SSO and other token based authentication. Honestly, if I could also use my IK as a token, I dont know that I would ever buy another type of flash drive again. That support would freaking blow everyone else in the secure flash market away (more than you already have) and I think more people would use it than you may now know.

I'd also like to see what the IK-EntEd is all about. Is it just you std IK w/management abilities for multiple key's, or does it offer additional features? If it does more, believe it or not, I'd be interested in the IK-EE for personal / family use, but if it only adds support for device management to corp users, then not so much. And I dont see what management you could really do, but I havent looked that indepth to the EE...


And yes, 32GB. Honestly, as a consumer, I dont care what or why you have limitations. I see 32GB and 64GB drives sitting on shelves for less than the smallest size IK, and I want a bigger IK. I use flash drives a LOT, and I want it bigger. Again, just like token support, you give me a 32gb IK with token support, and Ill never need another drive. (unless you charge me $500 for it, in which case I stick with a normal 64GB flash drive w sw encryption) ;D

-{ Quote: "Getting interested again :)" }-


You wont be disappointed, IMO.

Plus, it's funny, with other flash drives, I forget them at home, or on my desk, or they end up in the bottom of my bag, never to be seen or used again (ohh THATS where I saved that file I was looking for) but with the IK you wont do that. Something about this heavy, shiny, silver, sexy beast that makes you WANT to carry it. It's all mental, but I NEVER forget my IK, based just on how it looks. It stands out, and screams "I'm important, don't forget me!" Some days it stays in the pocket, but I always have it.

Which to the point I guess I didnt cover in my review - the physical device.

It is obvious to anyone that has checked out IK.com, the thing is sexy and rugged, but I will speak to it anyway.

I think I have covered the "looks", but again, it's a sexy looking device. Simple and plain, but sexy.

And the thing IS as rugged as they say. Sure, the shine is gone from mine, and it has some scratches and dings, but its a beast. I have put it through hell, and no plastic drive would have lived. One thing that really shocks me, and speaks to how well it is built is the cap of all things. It has a rubber lining, I assume to keep water out, but all that holds the cap on is that rubber lining. Only the tight fit holds it on. After a year of use, that thing is like new. Plastic caps wear down after so many pops on and off, but the IK doesnt. And honestly when I got it, I expected that to be an issue. I expected the rubber would lose grip, wear down, and/or just lose the friction to hold the cap on, but it is just like new....

-{ Quote: "And I am SURE it will NEVER happen, but I would like the ability to get to the virtual cd partition and edit things. Certainly I am a more advanced user than normal, but there are small hacks I would like to make here and there." }-

As an individual? Doubtful. But we have talked about releasing an SDK so that developers could make some modifications (and possibly facilitate helping those developers get the mods to other users).

-{ Quote: "One thing that would be nice, however LOW on the list up there at IK I'm sure would be the ability to "skin" the CP and interface. Some just for individuality, but some for obscurity. Sure its obvious that I have a giant stainless steel key sticking outta my computer, but still I dont like that if I open the CP that its OBVIOUS if you can see my screen that I am opening something "secret." Just arouses unneeded suspension sometimes. Nothing major tho." }-

You aren't the first to ask for this. It's on our "yes, that would be nice to have list". But we've got a lot more core functionality that we are hard at work on.

-{ Quote: "Glad to hear about FF3, cant wait." }-

April 21st, is what we are targeting for that. It's posted on our website, so this isn't quite 'insider information'.

-{ Quote: "I'd also like to see what the IK-EntEd is all about. Is it just you std IK w/management abilities for multiple key's, or does it offer additional features? If it does more, believe it or not, I'd be interested in the IK-EE for personal / family use, but if it only adds support for device management to corp users, then not so much. And I dont see what management you could really do, but I havent looked that indepth to the EE..." }-

What would be the additional features that you are looking for family use?

-{ Quote: "You wont be disappointed, IMO.

Plus, it's funny, with other flash drives, I forget them at home, or on my desk, or they end up in the bottom of my bag, never to be seen or used again (ohh THATS where I saved that file I was looking for) but with the IK you wont do that. Something about this heavy, shiny, silver, sexy beast that makes you WANT to carry it. It's all mental, but I NEVER forget my IK, based just on how it looks. It stands out, and screams "I'm important, don't forget me!" Some days it stays in the pocket, but I always have it.

Which to the point I guess I didnt cover in my review - the physical device.

It is obvious to anyone that has checked out IK.com, the thing is sexy and rugged, but I will speak to it anyway.

I think I have covered the "looks", but again, it's a sexy looking device. Simple and plain, but sexy.

And the thing IS as rugged as they say. Sure, the shine is gone from mine, and it has some scratches and dings, but its a beast. I have put it through hell, and no plastic drive would have lived. One thing that really shocks me, and speaks to how well it is built is the cap of all things. It has a rubber lining, I assume to keep water out, but all that holds the cap on is that rubber lining. Only the tight fit holds it on. After a year of use, that thing is like new. Plastic caps wear down after so many pops on and off, but the IK doesnt. And honestly when I got it, I expected that to be an issue. I expected the rubber would lose grip, wear down, and/or just lose the friction to hold the cap on, but it is just like new...." }-

THANK YOU!

-{ Quote: "As an individual? Doubtful. But we have talked about releasing an SDK so that developers could make some modifications (and possibly facilitate helping those developers get the mods to other users)." }-

It would be nice to release the SDK to all, but i guess that depends on how much of the SDK gives inside knowledge to the workings of the IK, and if that could compromise the overall security of IK's. I'm just an open it up and play with it kinna guy.


-{ Quote: "
You aren't the first to ask for this. It's on our "yes, that would be nice to have list". But we've got a lot more core functionality that we are hard at work on." }-

Agreed....although if the SDK gives me the ability to get to the CD partition and make edits, I can skin it all myself with ResHacker... ;D


-{ Quote: "
What would be the additional features that you are looking for family use?" }-
More just curiosity on the EE and what it is all about, what it offers.

Really my main "wants" would be:
Auto Launch features (ie run app A, B, C when unlocked)
The damn start menu closing after I launch something
Token support
Encryption of files outside the IK that would require the IK to unlock
Customization
A "Terminate all open processes and lock" option. I run a lot of apps from my IK, most do not need to shutdown gracefully, so it would be nice for it to have the option to just close all and lock, instead of closing each app one by one.
AutoLock feature (time based, workstation lock based, hibernate/standby based, etc)

I think that's about it. Really nothing that is stopping me from using my IK, I love it as is, but those would be some initial improvement thoughts. AND SIZE! ;D

The size factor could be mitigated with the ability to encrypt files on other drives and require the IK present and unlocked to access them. My goal here is a secure portable machine. I am working on a completely self sufficient windowz USB device, and the size of the IK just wont support the size of a VM. Right now my solution is to use a 3rd party encryption with encryption keys stored on my IK to unencrypt my USB device with my VM on it, which is just an extra step I'd like to use the IK for. But I am sure I am not in the majority iwth deployments like this.

I'd really like to see the features of the GoldKey + Token support built into the IK, at least at a personal level, but I'm sure the market would be there at an Enterprise level as well.

Great feedback.

Thank you for posting.

I've forwarded to our Product Management team (although I know that couple of those are already on the road map).

-{ Quote: "Drew, first, welcome to Wilders! As the saying goes, it's better late than never and it's always nice to have someone from a product's POV answer any questions from Wilders members.

I'm sure JW will have more but a quick question from me: did you ever resolve the issue with FF3 and if so, does IronKey use 3.0.6 now?" }-

To follow up regarding this. We have released Firefox 3.0 support. This update is currently available to our existing users. The update includes many new features and Firefox 3.0.8, which can be updated to the latest (I'm using 3.0.10, today).

Drew, thank you for the heads-up!

-{ Quote: "Great feedback.

Thank you for posting.

I've forwarded to our Product Management team (although I know that couple of those are already on the road map)." }-

Just another feature request, I would really like to have a "Startup" or "Autorun" folder on the menu for the IK (or wherever, config, etc). There are some apps that I run EVERY time I open my IK (keepass for example) and I would like to have those launch on unlock.

A dream request would be a builtin (feature rich, not a hack job) FW w HIPS, but I dont know how hard that would be to implement.

Also, is there a way to edit the sandbox'ing of FF on the IK. I like the sandboxing, but much like some virtualized apps I run, I set specific folders to not be boxed, which makes downloading files a HELL of a lot easier. I hate having to navigate to find them, plus having to keep the downloaded files cleaned up so the sandbox on the IK isnt wasting space.

One more, also, does teh sandbox clear on exit?

-{ Quote: "Just another feature request, I would really like to have a "Startup" or "Autorun" folder on the menu for the IK (or wherever, config, etc). " }-

Autorun opens up a whole host of issues (Conficker, etc). I know what you are saying about this being convenient...and we've tinkered with it a bit in a more secure manner...but "autorun" of any sort is just a bad word in the industry these days.


-{ Quote: "There are some apps that I run EVERY time I open my IK (keepass for example) and I would like to have those launch on unlock." }-
KeePass? You need to download a newer version and give the Identity Manager a go. You can import your KeePass database (after exported to XML).



-{ Quote: "A dream request would be a builtin (feature rich, not a hack job) FW w HIPS, but I dont know how hard that would be to implement." }-

That's an awesome idea. For our security minded user base, intrusion protection would add a great deal of value.

-{ Quote: "Also, is there a way to edit the sandbox'ing of FF on the IK. I like the sandboxing, but much like some virtualized apps I run, I set specific folders to not be boxed, which makes downloading files a HELL of a lot easier. I hate having to navigate to find them, plus having to keep the downloaded files cleaned up so the sandbox on the IK isnt wasting space." }-

I'm not sure what version of our device you have...this changed when we moved from using FF 2.x to FF 3.x

-{ Quote: "One more, also, does teh sandbox clear on exit?" }-

No, it does not.

-{ Quote: "Autorun opens up a whole host of issues (Conficker, etc). I know what you are saying about this being convenient...and we've tinkered with it a bit in a more secure manner...but "autorun" of any sort is just a bad word in the industry these days.



KeePass? You need to download a newer version and give the Identity Manager a go. You can import your KeePass database (after exported to XML).





That's an awesome idea. For our security minded user base, intrusion protection would add a great deal of value.



I'm not sure what version of our device you have...this changed when we moved from using FF 2.x to FF 3.x



No, it does not." }-

I have updated to the latest IK version with FF3, but it sandboxes at least the desktop, which can be a real PITA.

Even tho I clear everything on exit, it would be nice to have the option to destroy the session sandbox on exit.

Also, a MUCH needed addition is the ability to easily terminate and restart the whole SecureSessions package. I've had a LOT of issues with it lately, and sometimes the only solution is locking the IK and unlocking to close out SS and re-launch it. If there is a manual way to do it, I havent found it, since SS stays running even when you kill FF. Like I said, I run a lot of virtualized apps from my IK, so having to exit all of them to lock and unlock the IK is a royal pain, on the level of having to reboot your machine, just because your browser isnt working. I know SS isnt perfect, but lately it seems like it has had a lot of issues no matter what I do to try and rebuild circuts.

I know autoruns can be a nightmare, but maybe an additional password layer could be added to add an autorun to the IK and then require some sort of HIPS style confirmation when the IK is unlocked and autoruns your apps.

Maybe I will test out the password/identity manager in the next few weeks now that I have my HIPS tuned, just to verify it doesnt "phone home:." I know you have assured me it doesnt, but seeing is believing in security. The only thing about the IK identity manager, is AFAIK it doesnt have any capabilities to sync with a mobile device, which is really where *I* need to go with my password manager. I havent tested keepass for BlackBerry yet, but I MUST have something that replicates my passwords to my device.

I know the lecture on that opening an attack vector to my passwords, but the fact is I use 16-64 char alpha/num/high ansi passwords for EVERYTHING, and I need a way to be able to say hit an email account from my BB over webmail that I dont sync to my BB, along with other web apps I need to access via the BB on the go.

Dont get me wrong, I still LOVE the IK, and I promote it like crazy and I wouldnt use anything else, just things Id liek to see.

Also TOKEN SUPPORT is SO high on my list. I know I have mentioned it, but the possibilities for token support from the CD partition for use in SSO apps, windows token/smart card signon, and the ability to use it as a TrueCrypt token would seriously make my world, above everything else.

And let me just say to those out there thinking about the IK, read my above posts, and then read this: Over a year and running, I run my IK 9+ hours straight a day, and I carry it EVERYWHERE when not plugged in, in my pocket with keys, glasses, wallet, change, everything, and this thing really can take a hell of a beating. The mere fact it has stood up to the pure hours of use, and the beating in my pocket everyday is enough to justify this device cost even without the security benefits (which I dont mean to diminish in ANY way, they are fabulous.)

Drew, do you have a public beta program at all that I could get involved in (PM me if so). Also, is there any chance of getting ahold of an IK at a reduced cost just for pen testing? It could have a 2MB chip for all I care, I would just REALLY like to go through some deep testing at extracting and soft-breaking into the device, w/o jeopardizing my device!!!

CaixFang,

Great feedback (as always).

-{ Quote: "I have updated to the latest IK version with FF3, but it sandboxes at least the desktop, which can be a real PITA." }-

Can you explain this a little more? It should be storing everything on a "separate instance of desktop" that is on the drive, not your actual desktop.

Currently, we do not have any "non-device" interface for using the Identity Manager...so that would rule out your BlackBerry need. At least at this time.

Have you talked to our Technical Support (support.ironkey.com/supportrequest) team about your issues with Secure Sessions?

Are you also, on the IronKey Forum? If not, a lot of what you have posted here is great fuel for discussion amongst our users.

Regarding Betas, typically we run closed Betas, I do get a lot of Beta testers out of our Forum.

OK. Lost the cap. I look like a dork keeping a flash drive on my key chain. I can live with that, cause it's handy when I need it. But I look even more like a dork with a flash drive with no cap. Expensive to buy a new drive just for the cap.

I've tried a couple of caps from cheap giveaway drives, but they don't fit.

Any ideas?

:(

-{ Quote: "OK. Lost the cap. I look like a dork keeping a flash drive on my key chain. I can live with that, cause it's handy when I need it. But I look even more like a dork with a flash drive with no cap. Expensive to buy a new drive just for the cap.

I've tried a couple of caps from cheap giveaway drives, but they don't fit.

Any ideas?

:(" }-


Contact IronKey Customer Service.
customerservice@ironkey.com

They would be glad to help you out.

-Drew

well i hope its soon not ended up sumthg like this..
http://www.troublefixers.com/how-to-fix-please-insert-a-disk-into-drive-error-in-windows/#comment-4433

:doubt:

-{ Quote: "well i hope its soon not ended up sumthg like this..
http://www.troublefixers.com/how-to-fix-please-insert-a-disk-into-drive-error-in-windows/#comment-4433

:doubt:" }-


I would hope not.

Improper removal of a USB drive can cause such problems. I know that it is so easy to just yank the device out, and most users don't even know that they should take the extra 10 seconds to properly eject the device.

I was happy to note no one in that thread mentions using an IronKey...which doesn't mean that we are immune to such things, but we do try promote the concept of locking your device to users (more than most other USB manufacturers).

I am looking into rolling out some IronKeys to store information for about 10 people. What got my attention with the IronKey was the built in encryption, how indestructible they are ( I have a couple clumsy users) and the password function ( its just so finial - love it).

What I am looking to do is to store data on them that will need to be sync'ed with a file server at least once a month ( or whenever it is plugged in).
The key question is how do I make it idiot proof. There is syncing software out there but I haven't seen any yet that I can invoke and app before it tries to sync. I want the user just to see the password prompt.
The other issue is how it will sync to a moving target - the drive letter keeps changing.
If Iron Key can do that - I will be sold.

Hope you can help

-{ Quote: "I am looking into rolling out some IronKeys to store information for about 10 people. What got my attention with the IronKey was the built in encryption, how indestructible they are ( I have a couple clumsy users) and the password function ( its just so finial - love it).

What I am looking to do is to store data on them that will need to be sync'ed with a file server at least once a month ( or whenever it is plugged in).
The key question is how do I make it idiot proof. There is syncing software out there but I haven't seen any yet that I can invoke and app before it tries to sync. I want the user just to see the password prompt.
The other issue is how it will sync to a moving target - the drive letter keeps changing.
If Iron Key can do that - I will be sold.

Hope you can help" }-

I'm not going to speak to what the IK guys could do in a custom deployment, because I havent been down that road, but as I understand it, OOTB, you arent going to be able to sync automatically with the IK and your central servers. A few things you will have to overcome:

Autolaunch - IK doesnt provide native autolaunch abilities, for good reason. I can think of some hacks, and some ways to make it, but nothing I would recommend in a business environment.

As for the actual syncing of files on insert, or unlock, it seems like I have seen this either discussed, or there is a solution out there, but as far as I have seen its not built into the IK, unless this is something the Enterprise level can facilitate natively.

As for the drive letters, you can address that with some scripting under windows. Whatever your autorun (or manual run) process, you either need to fetch the drive letter the IK is mounted on based on the device id, or you need to supplementally mount the IK using that device id. That I have done using some scripts on my drive, but now you are looking at some additional issues when you are doing multiple drives, as you need to know the device id of each to put in your code. Perhaps there are some internal variables that the IK manager uses that you could call to get the drive letter of the IK you are running from to build that code. I believe last time I asked there was not an open SDK for the IK, but that the IK guys would help build solutions as needed. The lettering of the drive, is the smallest of the issues I see in this deployment.

Are the IK's going to only be connected to computers that are on your LAN / VPN, or are you going to expose your fileshare to the internet in someway to allow the IK to sync with the fileserver over any internet connection?

Either way, how are you going to handle a device plugged into a machine that cannot connect to sync (you mentioned the sync being part of the unlock process, but what if there is no internet, its down, offline pc, restricted pc, etc.)

I think, from my experiences with the IK you should be able to do what you want, really you arent doing anything that is special based on it being an IK. Basically this could be done on any usb device, you just want the additional benefits of the IK. Other than the autorun, and possibly the drive lettering, IK shouldnt have to provide much to the solution, the big one is the actual sync s/w and the rules on how to govern the device before, during and after a sync, and in the absence of.....

Nice analysis, CaixFang.

We do have a SecureBackup function in our devices, but there is no forced or scheduled option (at this time).

There other 3rd party offerings that you could use. Toucan is a great, free sync app. It may not be the exact match for what you are looking for, but it is popular amongst our users.

Also, feel free to post on the IronKey Forum...there may a user there that has had the same requirement as you, and has already solved this issue.

-{ Quote: "Nice analysis, CaixFang.

We do have a SecureBackup function in our devices, but there is no forced or scheduled option (at this time).

There other 3rd party offerings that you could use. Toucan is a great, free sync app. It may not be the exact match for what you are looking for, but it is popular amongst our users.

Also, feel free to post on the IronKey Forum...there may a user there that has had the same requirement as you, and has already solved this issue." }-


Drew,

Are there any SDK offerings from IK? There are SO many things I would like to be able to dive deeper into doing with my IK, but with no available development path, and this being just one device the needs dont justify custom development from IK, I don't have many options.

Now that I finally have a device that I love and can't live without, I'd really like to incorporate some things into my use of the device.

For what its worth to anyone thinking about an IK, this USB drive will become such a part of your computing needs, that you won't be able to function without it! I managed to get all the way to the office yesterday without mine and had to turn around and make the hour round trip back to get mine. It really is more than just another flash drive to throw in a drawer or leave in the bottom of your laptop bag....

There is no SDK at the moment.

It is something that we would like to have, eventually.

-{ Quote: "There is no SDK at the moment.

It is something that we would like to have, eventually." }-


I bite my thumb at you in disgust, sir. :P

Always with the future offerings.....

-{ Quote: "I bite my thumb at you in disgust, sir. :P

Always with the future offerings....." }-



Yeah, can be slow to release stuff, instead of hurrying to get it out the door to meet a specific date.

It is very much our preference to do this. :)

-{ Quote: "Yeah, can be slow to release stuff, instead of hurrying to get it out the door to meet a specific date.

It is very much our preference to do this. :)" }-


I know. And the more options for development, the more possibilities for someone to inadvertently compromise the security of the device. Features add complexity, complexity adds security risk.

I'll hold out for an SDK or developers IK release.

(Thanks for the email)

Thank you CaixFang very much for you prompt and very detailed response. Since it is early in the game with this project you have given me some a very solid direction of how I need to proceed.
As for the sync - I did say automatic but I think I get a bit ahead of myself. :-[ I was going to have the users run it manually from an icon, I was planning to have it log on ( password prompt) and then have it sync the files in the back ground. That would solve the problem of no VPN, internet, office etc . . . connection.

Thanks again for you reply

IronDrew - I am running over to the IronKey form right now to have a look - thx for the suggestion - its one of those " why didn't I think of that " ideas ???

Just one other thing - ( since I have IronDrew's ear)
One BIG improvement on the Iron Key would be to have the cap connected to the body somehow. Like with a string or a sliding mechanism. I just know I will lose it – I always do . . :ouch:

-{ Quote: "Just one other thing - ( since I have IronDrew's ear)
One BIG improvement on the Iron Key would be to have the cap connected to the body somehow. Like with a string or a sliding mechanism. I just know I will lose it – I always do . . :ouch:" }-

That's about my only damn complaint with the IK, is the cap!

If you need some help, or need to bounce ideas off someone on this project, feel free to shoot me a PM. I don't have all the answers, but I never mind helping ask the questions!

How does the IK compare to Kingston's latest VAULT series? I know they don't have the onion routing network, but I'm really thinking of hardware and encryption methodology.

-{ Quote: "How does the IK compare..." }-

They don't. The IK is in a class of it's own, that to my knowledge, there are no competitors in. The pure physical security of the IK is unequaled in any flash device i have seen on the market. You simply cannot get to the actual flash memory and bypass the protection to try and brute force or crack the encryption.

I'm sure Drew can break down the actual encryption method differences in the two, but in my opinion, there is no need to. The IK blows everything else away based on the first point, that nothing else can put up a legitimate fight against it.

The added s/w and browsing features are really just bells and whistles to the device. Theoretically you could duplicate almost everything s/w wise on the device, but the device isnt sold to be a secure surfing device, its sold as a data protection device, and theyve thrown in the secure surfing as some icing. That doesnt at all minimize the quality or benefits of the sw on board, but you dont buy it for the sw, you by it for the security of your data on it. (BTW the IK does use the onion routing protocols and methods, but it does NOT use the public TOR network that you can download and connect to. They have made modification to the TOR sw and concepts and presented them to their users in a private package that they maintain, separate from the public TOR network. The IK does not use the public TOR network, and the public cannot access the private (SecureSessions) TOR network that IK provides to their devices....)

-{ Quote: "They don't. The IK is in a class of it's own, that to my knowledge, there are no competitors in. The pure physical security of the IK is unequaled in any flash device i have seen on the market. You simply cannot get to the actual flash memory and bypass the protection to try and brute force or crack the encryption.

I'm sure Drew can break down the actual encryption method differences in the two, but in my opinion, there is no need to. The IK blows everything else away based on the first point, that nothing else can put up a legitimate fight against it.

The added s/w and browsing features are really just bells and whistles to the device. Theoretically you could duplicate almost everything s/w wise on the device, but the device isnt sold to be a secure surfing device, its sold as a data protection device, and theyve thrown in the secure surfing as some icing. That doesnt at all minimize the quality or benefits of the sw on board, but you dont buy it for the sw, you by it for the security of your data on it. (BTW the IK does use the onion routing protocols and methods, but it does NOT use the public TOR network that you can download and connect to. They have made modification to the TOR sw and concepts and presented them to their users in a private package that they maintain, separate from the public TOR network. The IK does not use the public TOR network, and the public cannot access the private (SecureSessions) TOR network that IK provides to their devices....)" }-

They both use hardware encryption. Chips on board handle the encryption, they are both rugged, what's the big difference that the IK "blows away" the Kingston drives? They were first to the market with hardware encryption on flash drives with their old Secure Privacy Vault. The new "Vault" series looks very much the same. Does anyone know the differences? Beyond just the extra software stuff that IK has that I don't care about anyway?

Hi LockBox,

Kingston is a well known, well respected member of the flash drive manufacturing community, and we're not the types to wantonly bash competitors every time that someone brings one up. We find that fairly tacky, so I hope that no one is hoping that I'm being baited here.

Kingston makes some good products. The differences between our products, begins with different philosophical aims of our companies. IronKey is a security company who makes a memory product. Kingston is a memory company, who in some of their products includes security features.

IronKey includes "extra software stuff" that you have said that you don't care about, because all of these items are useful tools for user security. Creating a product that is secure is our number one priority. In many cases we have thought of solutions to attack vectors that most of our users have no idea even exist. A great claim, but hard to put into a value proposition.

It comes down to how much do you want to protect your data, and do you have regulatory concerns (SOX, HIPAA, etc).

Some people are less concerned with protecting the data and privacy than others. There is nothing wrong with that. I could make a rough comparison to this to digital cameras. I have a nice Canon point and shoot, it takes decent pictures and it fits in my pocket, and that's all that I care about. It cost about 1/4 of the digital SLR that a friend of mine has. He's into photography, and does some graphic design. I'll admit that his pictures look better than mine. But regardless of how much better his pictures look, I simply don't care that much about taking pictures to get a fancy digital SLR.

Where the analogy breaks down is that (of course) lesser quality pictures are never going to leave me open to identity theft.

Sorry for the digression...back to your question of the differences, another major difference is the physical security. In most USB drives the chips can be easily accessed and manipulated, making them vulnerable to brute force and other attacks. Under the IronKey's metal exterior it is filled with epoxy. Trying to access the chips this way, will destroy them.

Several off topic posts removed from this thread. Any more off topic posts posted in this thread will be removed without comment.

-{ Quote: "They both use hardware encryption. Chips on board handle the encryption, they are both rugged, what's the big difference that the IK "blows away" the Kingston drives? They were first to the market with hardware encryption on flash drives with their old Secure Privacy Vault. The new "Vault" series looks very much the same. Does anyone know the differences? Beyond just the extra software stuff that IK has that I don't care about anyway?" }-


LockBox,

Sorry if this "old news" now...but if you haven't been made aware of the vulnerability that was discovered in encrypted devices made by Kingston (as well as others) you may want to have a look at this: USB Vulnerabilities Exploited (https://www.ironkey.com/usb-flash-drive-flaw-exposed)

In fact this is very informative, particularly the Webinar, that was recorded and is available for your viewing.

Please note: this link will take to you the IronKey website.

I do appologise, I thought that saying what I said about IronKey was right and also in the right thread as the thread is called "IronKey.The world's Most Secure flash Drive." I thought this would be the best place to state my feeling about the IronKey like everybody else has.

I am sorry if the mods and adnim's didn't think this, and I hope it was done by a mistake and not out of censorship, if it's ok can I repost my feeling and what i have found out about IronKey for using them for a year and also beta testing for them

please let me know.

I would have sent in a PM but i am not able to at the moment as I guess there is not enought post on my account.

KRF - You may post your experiences with and opinions about the product(s) referred to in this thread. However, to stay within our guidelines, please do not post any private communications (even with the names removed) between you and them, as that is against our policy. Also, we don't debate how other people run their forums, so leave out whatever happened there between you and them. If people have an issue with another forum, they must take that up with the site directly, not here. This goes for any other forum, not just IronKey's. We don't fight forum wars here.

[Removed]