so this might be the holy grail of privacy and security

no need for a vm within a vm within a vm the last both being hidden , and all of em contained within a truecrypt container ,

this little ~ Snipped as per TOS ~ got hardware encryption and selfdestruction built right in bundled with a non logging vpn and your literally untouchable even if they was out to get you

take that LEA


http://www.thinkgeek.com/gadgets/security/99f1/

any comments?


time to bring in the experts here

 

As long as this really is true from their website. I would say this is a great product.

SOURCE

 

same thing i was thinking ..most excellent!

need more feedback thou

heres an article its old as hell but the comments are pretty pro , its bout plausible deniability , truecrypt and generally the inner workings

http://www.schneier.com/blog/archives/2008/07/truecrypts_deni.html

 

Pretty nice. Wish the price would was a bit cheaper though.

 

thing is remember the one court order bout you havint to hand over the password , well just hand some random password to them and after a couple trys just tell them you dont remember if it was upper or lower case and after the 10th try voila its a brick, sometimes i love what new ideas movies create xD

p.s: not sure how much all the hardware is worth but im sure its a fair price atleast for all the shebang it seems so to me, hell what we need is a 500gb version hell yeah!! xD

 

Yeah its pretty awesome sounding. But for the small amount of diskspace, I would wait awhile for larger drives and hopefully for the price to come down.

 

same thing i was thinking and a 256gb or a 500gb flash drive damn as a ironkey now THAT would be epic xD

thou ive seen something like those done to ssds but pretty expensive -.-'

 

The Ironkey USB drive is cool. However, their secure Internet service somehow combines Tor with their VPN service. Maybe it's a private Tor network. Maybe you won't be anonymous from them. Maybe there's a recurring access fee. It's hard to say from what I've read.

 

thats IF you decide to use theyre "private" ff browser , wich i personally never would id use the official tor browser bundle with a good vpn and for regular non sensitive browsing simply my vpn no need for any extra vpn i dont know of , its the ironkey itself that i love the encryption and mechanism that it works off of the idea

update: they do have bigger sizes up to 32gb not sure of the pricing thou xD, got some interesting stuff on the site here

http://imationmobilesecurity.com/en/products/ironkey-personal-flash-drives

 

Every time I see hardware, I think CryptoAG

https://secure.wikimedia.org/wikipedia/en/wiki/Crypto_AG


I feel better with Linux dm-crypt/LUKS and TC Hidden Volumes...but the IronKey does look cool.

PD

 

same thing i was thinking but they have nothing to do with cryptoag so no sweat there , and yeah ironkey is pretty sweet , and tc hidden volumes is the simple way to go indeed

 

http://www.h-online.com/security/ne...-with-hardware-encryption-cracked-895308.html

 

and where would there be ironkey mentioned? xD, btw interesting read, matter of fact im gona pm them asap see what they reply

update: forget the pm this is what i found


http://www.zdnet.com/blog/hardware/ironkey-our-usb-storage-is-secure/6676


keep em coming thou its things like these that make us understand more and to be really sure that our stuff is really secure not some marketing gimmick instead , peace

 

It's not the respective company that matters, it's the fact that without the entire community being able to dissect every bit of code (and hardware in this case), subversion can occur. The contract for 1 Iron Key for everyone in the government *could* be a strong motivator to allow tampering. I'll stick to TC Portable.

P

 

but you use an regular usb stick for tc portable right? and whats the merits of the portable version vs the regular one? please elaborate , thanks

p.s: dont forget to check out that link ive posted above your post

 

I agree with this. Im sure it would not hurt to use TrueCrypt along with with Iron Key. Place a TC volume on the Iron Key. Personally I would not put all my faith in hardware encryption. But If you had a TC hidden volume: http://www.truecrypt.org/hiddenvolume on the Iron Key you probably have one heck of a secure setup. I would rather rely on a TC hidden volume on a regular flash drive than rely ONLY on the hardware encryption of a Iron Key. Just my opinion though.

 

sounds good , btw ive zapped the ironkey company this concern already lets see what they gotta say to this, if they want my money they better come up with something good

p.s: not that i buy stuff without having reviewed it thorougly first so dont think ive already bought it im just talking it through thats all , so i can make a decision if its worth it or just a marketing gimmick as per usual

 

Sounds pretty much like a spook to me ..
But great that they give the users the possibility to 'place keys in escrow',
all voluntarily, on their US-located servers .
Of course I would trust a US-based company with my key !

You can not trust closed-source hardware-encryption, there is virtually no way to verify what the chip actually does .
Or doesn't do, that can be just as bad .

The only real advantage the iron-key has over a TC-volume is that it doesn't require admin-rights .
(You probably shouldn't expose sensitive data to a computer you don't have admin-rights on anyway, unless you trust the admin
or it's part of your job-instructions )
That self-destruct thing sounds cool, but it's pretty pointless if the encryption actually works .
What do you care if they get lucky and crack it in the year 7.125.367 ?

PS : The IronKey does use Single Level Cell NAND, that explains why it's relatively expensive and also the quite impressive speeds.
It should last you 8-10 times longer than cheapo MLC-based drives .

 

thanks for that helpful insight , you have a point i give you that

 

Hi Spoony,

Just to let you know, all that trouble with the implementation of hardware encryption in those flash drives was addressed and fixed. That all happened over a year ago. Kingston took the lead and had their new line of secure drives out within a few months and offered 'no questions asked' replacements for the flash drives that implemented the flawed programming. By the way, all those affected drives from the drive manufacturers used the same programming from a crypto firm that is now out of business.

 

Nice find. I agree with everything you said. The worry about this used to be something to joke about...not any more I'm afraid.

PD

 

sounds like a nice confirmation thanks , so i guess ironkey is back in the equation lol xD

 

On thing I've always hated about the IronKey was the need to "activate" the device online. Do they still do that?

The whole bit about Amit Yoran being involved sends all kinds of red flags up. Not only his past association with Homeland Security, but his own company, NetWitness, is about as anti-privacy as one can be. What could his contribution to IronKey possibly be? Makes no sense from what IronKey advertises.

NetWitness is a Reston, Virginia-based network security company that provides real-time network forensics and automated threat analysis solutions. It markets its flagship product NetWitness NextGen.​

http://www.emc.com/security/rsa-netwitness.htm
(Pay attention to the 'Achieve Pervasive Visibility' portion of the description and the 'Obtain Actionable Intelligence' portion of the link above. Red flags again. Those two portions on their site say "we're private spooks."

 

damn that dont sound all too nice at all ,the more i read the worse it gets -.-' , guess well have to wait till some open source company releases an similar product so it can be analyzed by the community on its security

 

Like another member said, if the encryption is solid (TC with great passphrase plus key file), self destruct is just a gimmick. Just get a super high quality rugged (but normal) USB Drive and use TC. You could even probably find one that allowed you to remove the 'shell' and epoxy everything inside, yourself.

PD