[Crew] Ironkey

Cal Leeming cal at foxwhisper.co.uk
Tue Nov 4 12:07:52 GMT 2008


Oh nice,

I didn't realise that it had a built in power cell, I was almost 
positive that I read it required USB power in order to do this, but I 
guess I must have misread!

Yeah, flooding a solid state in epoxy along with a small battery would 
be real nice. Although, I'm not too sure if overheating would be an 
issue? If it's not an issue, then could this also be done with RAM too? 
I.e. to prevent freeze attacks if the physical machine is comprimised 
with the keys still in memory..

Any suggestions? I don't feel like screwing up motherboard after 
motherboard, and other bits, by soaking in epoxy just to try it out :P



Cal.

crew-request at brum2600.net wrote:
> Send Crew mailing list submissions to
> 	crew at brum2600.net
>
> To subscribe or unsubscribe via the World Wide Web, visit
> 	http://mail.brum2600.net/mailman/listinfo/crew_brum2600.net
> or, via email, send a message with subject or body 'help' to
> 	crew-request at brum2600.net
>
> You can reach the person managing the list at
> 	crew-owner at brum2600.net
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Crew digest..."
>
>
> Today's Topics:
>
>    1. Re: Ironkey (Cal Leeming)
>    2. Re: Ironkey (Mark Gilbert)
>    3. Re: Ironkey (Ade)
>    4. Re: Ironkey (Christopher Woods)
>    5. Re: Ironkey (Stephen Parkes)
>    6. Re: Ironkey (Ade)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Mon, 03 Nov 2008 14:49:04 +0000
> From: Cal Leeming <cal at foxwhisper.co.uk>
> Subject: Re: [Crew] Ironkey
> To: crew at brum2600.net
> Message-ID: <490F0F60.7050302 at foxwhisper.co.uk>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>
> One nice thing about this, is that unless you want to grind through 
> every single layer, it's real difficult to get open.. Apparently, if you 
> attempt to open it, the silicon will rip apart. Though I haven't tried 
> yet.. It's probably possible to grind through as I say, but it'd be a 
> pain.. Tbh, I'd like to see one designed which has a 'self destruct' 
> mechanism.. nothing fancy like james bond heh, but something which just 
> detected the number of times the password has been queried, and then 
> serged the flash in the event of getting it wrong ten times, WITHOUT the 
> need of USB power.. Tbh, I still think the best method is to remember 
> the epic 64 character long password in your head and have aes4096, but 
> hey, who am I to judge :D
>
> Foxx
>
> crew-request at brum2600.net wrote:
>   
>> Send Crew mailing list submissions to
>> 	crew at brum2600.net
>>
>> To subscribe or unsubscribe via the World Wide Web, visit
>> 	http://mail.brum2600.net/mailman/listinfo/crew_brum2600.net
>> or, via email, send a message with subject or body 'help' to
>> 	crew-request at brum2600.net
>>
>> You can reach the person managing the list at
>> 	crew-owner at brum2600.net
>>
>> When replying, please edit your Subject line so it is more specific
>> than "Re: Contents of Crew digest..."
>>
>>
>> Today's Topics:
>>
>>    1. Re: Ironkey (Chris Staite)
>>    2. Re: Ironkey (Ade)
>>
>>
>> ----------------------------------------------------------------------
>>
>> Message: 1
>> Date: Sun, 2 Nov 2008 12:12:18 +0000
>> From: Chris Staite <chris at yourdreamnet.co.uk>
>> Subject: Re: [Crew] Ironkey
>> To: Brum2600 Collective Conciousness <crew at brum2600.net>
>> Message-ID: <1110EF35-C226-4195-A22F-FE101AC34727 at yourdreamnet.co.uk>
>> Content-Type: text/plain;	charset=us-ascii;	format=flowed;	delsp=yes
>>
>> No Linux support. No sale.
>>
>> Thanks, Chris
>>
>> On 2 Nov 2008, at 11:30, "Richard Rothwell" <richard at caliban.org.uk>  
>> wrote:
>>
>>   
>>     
>>> Hi,
>>>
>>> This is the Ironkey secure USB device that was mentioned last night...
>>>
>>> https://www.ironkey.com/secure-flash-drive4b?gclid=CPvu38yt1pYCFQ6R1QodSQ-L3A
>>>
>>> They are a bit expensive to be playing with unfortunately!
>>>
>>> http://www.dabs.com/productview.aspx?quicklinx=4ZZMNX
>>>
>>> Personally, I suspect the security stuff is mainly snake oil.  This is
>>> one of the data sheets they offer...
>>>
>>> https://learn.ironkey.com/docs/datasheets/IronKey-Personal-data-sheet.pdf
>>>
>>> Any thoughts?
>>>
>>> R
>>>
>>> _______________________________________________
>>> Crew mailing list
>>> Crew at brum2600.net
>>> http://mail.brum2600.net/mailman/listinfo/crew_brum2600.net
>>>     
>>>       
>>
>> ------------------------------
>>
>> Message: 2
>> Date: Mon, 3 Nov 2008 09:22:31 +0000
>> From: Ade <adrian.bradshaw at gmail.com>
>> Subject: Re: [Crew] Ironkey
>> To: "Brum2600 Collective Conciousness" <crew at brum2600.net>
>> Message-ID:
>> 	<f31f1eb60811030122i70700ddaleaad5f5b5b807546 at mail.gmail.com>
>> Content-Type: text/plain; charset=ISO-8859-1
>>
>> 2008/11/2 Chris Staite <chris at yourdreamnet.co.uk>:
>>   
>>     
>>> No Linux support. No sale.
>>>
>>> Thanks, Chris
>>>
>>>     
>>>       
>> when I spoke to them at Infosec this year they said there was now
>> linux support - might be worth checking
>>
>> Ade
>>
>>
>>
>> ------------------------------
>>
>> _______________________________________________
>> Crew mailing list
>> Crew at brum2600.net
>> http://mail.brum2600.net/mailman/listinfo/crew_brum2600.net
>>
>>
>> End of Crew Digest, Vol 33, Issue 2
>> ***********************************
>>
>>   
>>     
>
>
>
>
> ------------------------------
>
> Message: 2
> Date: Mon, 03 Nov 2008 14:56:20 +0000
> From: Mark Gilbert <mark.gilbert at psiphy.com>
> Subject: Re: [Crew] Ironkey
> To: Brum 2600 Maillist <crew at brum2600.net>
> Message-ID: <C534C194.3C91%mark.gilbert at psiphy.com>
> Content-Type: text/plain;	charset="US-ASCII"
>
>
> I got mine a few months ago (shame it could only be initialised on a windows
> platform.)
>
> I was saw somewhere that even fMRI investigation can't interrogate the
> memory state. I'd like to check to see if that is the case. (or even if
> GCHQ/NSA really ever got fMRI circuit analysis working at all.)
>
>
>
> On 3/11/08 14:49, "Cal Leeming" <cal at foxwhisper.co.uk> wrote:
>
>   
>> One nice thing about this, is that unless you want to grind through
>> every single layer, it's real difficult to get open.. Apparently, if you
>> attempt to open it, the silicon will rip apart. Though I haven't tried
>> yet.. It's probably possible to grind through as I say, but it'd be a
>> pain.. Tbh, I'd like to see one designed which has a 'self destruct'
>> mechanism.. nothing fancy like james bond heh, but something which just
>> detected the number of times the password has been queried, and then
>> serged the flash in the event of getting it wrong ten times, WITHOUT the
>> need of USB power.. Tbh, I still think the best method is to remember
>> the epic 64 character long password in your head and have aes4096, but
>> hey, who am I to judge :D
>>
>> Foxx
>>
>> crew-request at brum2600.net wrote:
>>     
>>> Send Crew mailing list submissions to
>>> crew at brum2600.net
>>>
>>> To subscribe or unsubscribe via the World Wide Web, visit
>>> http://mail.brum2600.net/mailman/listinfo/crew_brum2600.net
>>> or, via email, send a message with subject or body 'help' to
>>> crew-request at brum2600.net
>>>
>>> You can reach the person managing the list at
>>> crew-owner at brum2600.net
>>>
>>> When replying, please edit your Subject line so it is more specific
>>> than "Re: Contents of Crew digest..."
>>>
>>>
>>> Today's Topics:
>>>
>>>    1. Re: Ironkey (Chris Staite)
>>>    2. Re: Ironkey (Ade)
>>>
>>>
>>> ----------------------------------------------------------------------
>>>
>>> Message: 1
>>> Date: Sun, 2 Nov 2008 12:12:18 +0000
>>> From: Chris Staite <chris at yourdreamnet.co.uk>
>>> Subject: Re: [Crew] Ironkey
>>> To: Brum2600 Collective Conciousness <crew at brum2600.net>
>>> Message-ID: <1110EF35-C226-4195-A22F-FE101AC34727 at yourdreamnet.co.uk>
>>> Content-Type: text/plain; charset=us-ascii; format=flowed; delsp=yes
>>>
>>> No Linux support. No sale.
>>>
>>> Thanks, Chris
>>>
>>> On 2 Nov 2008, at 11:30, "Richard Rothwell" <richard at caliban.org.uk>
>>> wrote:
>>>
>>>   
>>>       
>>>> Hi,
>>>>
>>>> This is the Ironkey secure USB device that was mentioned last night...
>>>>
>>>>
>>>>         
> https://www.ironkey.com/secure-flash-drive4b?gclid=CPvu38yt1pYCFQ6R1QodSQ-L3>>>
> A
>   
>>>> They are a bit expensive to be playing with unfortunately!
>>>>
>>>> http://www.dabs.com/productview.aspx?quicklinx=4ZZMNX
>>>>
>>>> Personally, I suspect the security stuff is mainly snake oil.  This is
>>>> one of the data sheets they offer...
>>>>
>>>> https://learn.ironkey.com/docs/datasheets/IronKey-Personal-data-sheet.pdf
>>>>
>>>> Any thoughts?
>>>>
>>>> R
>>>>
>>>> _______________________________________________
>>>> Crew mailing list
>>>> Crew at brum2600.net
>>>> http://mail.brum2600.net/mailman/listinfo/crew_brum2600.net
>>>>     
>>>>         
>>>
>>> ------------------------------
>>>
>>> Message: 2
>>> Date: Mon, 3 Nov 2008 09:22:31 +0000
>>> From: Ade <adrian.bradshaw at gmail.com>
>>> Subject: Re: [Crew] Ironkey
>>> To: "Brum2600 Collective Conciousness" <crew at brum2600.net>
>>> Message-ID:
>>> <f31f1eb60811030122i70700ddaleaad5f5b5b807546 at mail.gmail.com>
>>> Content-Type: text/plain; charset=ISO-8859-1
>>>
>>> 2008/11/2 Chris Staite <chris at yourdreamnet.co.uk>:
>>>   
>>>       
>>>> No Linux support. No sale.
>>>>
>>>> Thanks, Chris
>>>>
>>>>     
>>>>         
>>> when I spoke to them at Infosec this year they said there was now
>>> linux support - might be worth checking
>>>
>>> Ade
>>>
>>>
>>>
>>> ------------------------------
>>>
>>> _______________________________________________
>>> Crew mailing list
>>> Crew at brum2600.net
>>> http://mail.brum2600.net/mailman/listinfo/crew_brum2600.net
>>>
>>>
>>> End of Crew Digest, Vol 33, Issue 2
>>> ***********************************
>>>
>>>   
>>>       
>> _______________________________________________
>> Crew mailing list
>> Crew at brum2600.net
>> http://mail.brum2600.net/mailman/listinfo/crew_brum2600.net
>>     
>
>
>
>
>
> ------------------------------
>
> Message: 3
> Date: Mon, 3 Nov 2008 15:35:20 +0000
> From: Ade <adrian.bradshaw at gmail.com>
> Subject: Re: [Crew] Ironkey
> To: "Brum2600 Collective Conciousness" <crew at brum2600.net>
> Message-ID:
> 	<f31f1eb60811030735qfa7dea8ldc19e5d09839d222 at mail.gmail.com>
> Content-Type: text/plain; charset=ISO-8859-1
>
> 2008/11/3 Cal Leeming <cal at foxwhisper.co.uk>:
> <snip>
>   
>> probably possible to grind through as I say, but it'd be a pain.. Tbh, I'd
>> like to see one designed which has a 'self destruct' mechanism.. nothing
>> fancy like james bond heh, but something which just detected the number of
>> times the password has been queried, and then serged the flash in the event
>>     
> </snip>
>
> It already does exactly that - FAQ 25
> https://learn.ironkey.com/faqs/25#disp
>
> Does it really self-destruct?
>
> IronKey's patent-pending "flash-trash" methodology incorporates an
> exhaustive hardware erase of all flash and Cryptochip memory. This is
> not a simple clearing of file allocation tables, but a secure
> overwriting of data. This is done in hardware rather than via a
> software application for the ultimate protection. You, personally,
> should not be physically harmed when this happens.
>
>
>
> ------------------------------
>
> Message: 4
> Date: Mon, 3 Nov 2008 16:22:08 -0000
> From: "Christopher Woods" <christof at infinitus.co.uk>
> Subject: Re: [Crew] Ironkey
> To: "'Brum2600 Collective Conciousness'" <crew at brum2600.net>
> Message-ID: <4902AFC078E74826BF95BEEC3B4269E4 at mofolaptop>
> Content-Type: text/plain;	charset="us-ascii"
>
>   
>> It already does exactly that - FAQ 25
>> https://learn.ironkey.com/faqs/25#disp
>>
>> Does it really self-destruct?
>>
>> IronKey's patent-pending "flash-trash" methodology 
>> incorporates an exhaustive hardware erase of all flash and 
>> Cryptochip memory. This is not a simple clearing of file 
>> allocation tables, but a secure overwriting of data. This is 
>> done in hardware rather than via a software application for 
>> the ultimate protection. You, personally, should not be 
>> physically harmed when this happens.
>>     
>
>
> I hope someone has already printed off the marketing PDF and sent a copy to
> Atos Origin's HQ?
>
>
>
>
> ------------------------------
>
> Message: 5
> Date: Mon, 3 Nov 2008 19:09:03 +0000
> From: "Stephen Parkes" <sparkes at westmids.biz>
> Subject: Re: [Crew] Ironkey
> To: "Brum2600 Collective Conciousness" <crew at brum2600.net>
> Message-ID:
> 	<428c6c120811031109o546e076akebee55f601f3426 at mail.gmail.com>
> Content-Type: text/plain; charset=UTF-8
>
> On Mon, Nov 3, 2008 at 3:35 PM, Ade <adrian.bradshaw at gmail.com> wrote:
>
>   
>> Does it really self-destruct?
>>
>>     
>
> Ah do Ade long time no see.
>
> My old boss used to develop arcade machines and fruit machines back in
> the early days of arcades and they used to to embed the processor and
> an eprom in epoxy wrapped in wires with a battery and he considered it
> almost impossible for the pirates to get into the packaging to read
> the eprom without triggering the self destruct.
>
> He was a pretty clever bloke and one of the first cases involving the
> illegal copying of software was when a company couldn't decode his
> encryption enough to remove his copyright messages in the code.  The
> mad thing is the majority of the code was copied from a japanese
> arcade ROM and all he did was change a few things and encrypt it so it
> wasn't really his to begin with.
>
> One of the ones we found in the office was marked copyright 1981 and
> it self destructed after all that time when we (my boss and me he
> would have wanted my left nut if I'd attempted it on my own) attempted
> to read it electronically so he could show me the self modifying code
> so we grinded it open so he could show me the electronics instead.
>
> Shame he was a complete cunt or I'd have still been there it was fun
> working with a proper old school hacker.
>
> sparkes
>
>
>
>   





More information about the Crew mailing list