Is your data really protected by USB device passwords?

Introduction ...

Just under three years ago, @Stake found that the password protection on one vendor's secure products was solely at the software level [1][2].

Capacities have drastically increased, and improved process technologies should have allowed for improved security functionality since then.

On this page, I'll present examples and demonstration programs that once again illustrate that security cannot be added in as a marketing afterthought.

AcomData HybridDrive enclosures

AcomData claims "strong SHA-256 password encryption"[3] for their line of external enclosures. Despite impossible security claims[4], their current consumer product line lacks hardware encryption. A tamper-evident sticker is the sole protection against removing the drive from the enclosure.[5]

Two other factors further demolish this device's security:

Dmiunlck demonstrates this weakness -- it opens up the protected portions of the drive without needing the password.

dmiunlock1.zip

Vista Compatibility: This program must run as administrator. Further, Vista will not recognize the new drive without a rescan. After running the program, follow the sequence: win-R -> diskmgmt.msc Actions->Rescan Disks

This program is also believed to work on Toshiba external hard drives, such as the Toshiba PX1269E, primarily sold in Europe.


PNY Secure Attache flash drive

While PNY claims that "encrypted data will not be recoverable"[6] due to 256-bit AES encryption, this does not appear to be the case with the current software revision.

SmartLoginVE.exe version 1.2.1.0, included on the flash drive, writes the actual password into the same area used for the password hint. This sector does not appear to be used by the flash controller and the reason for this behavior is unknown.

pnypwd demonstrates this problem -- it displays the password hint area, which usually includes the plaintext password for the "secure" portion.

pnypwd1.zip

Vista Compatibility: This program shouldn't need any special privileges to run under Windows Vista.


Verbatim Store'n'Go Flash Drives

Verbatim has provided a fix - download the vsafe update from http://www.verbatim.com/downloads.cfm


Contact information: usbtinker(at)gmail.com

References

  1. ^ Lexar JumpDrive Password Scheme Cracked
  2. ^ The Doghouse: Lexar JumpDrives
  3. ^ AcomData Combo Hard Drives
  4. ^ Users manual, pg 59 "If you permanently forget your password you will not be able to access the HD partition ... and any data .. will effectively be lost".
  5. ^ AcomData E5 HybridDrive External Hard Drive Disassembly
  6. ^ PNY Secure Attache page