Hoofdcategorieën

[RSS] Index » english review » Secustick gives false sense of security » Concluding remarks

Secustick gives false sense of security

Door Redactie Tweakers.net, donderdag 12 april 2007 08:59, views: 197.140

Concluding remarks

Classified? It should be clear that the stick's security is quite useless: a simple program can be used to fool the Secustick into sending its unlock command without knowing the password. Besides, the password.exe application can be adapted so that it accepts arbitrary passwords. Should such a program be released into the public domain, anyone who can use a search engine can read the stick's contents without any trouble. Moreover, it looks as if there isn't really much to the so-called 'self destruction' feature, which, according to the data sheet, causes the flash memory [to be] burned. However, as far as we have been able to determine, there isn't any extra hardware on the chip - such as a dc-dc-converter - that could physically destroy the memory by targeting it with more voltage than it can handle.

Secustick importer Walter Preij has responded with surprise to our findings. 'The manufacturer assured me that the system is completely secure', he said. The French supplier told us that their system is not intended to be the ultimate protection. 'Every security system can be cracked. We always tell our customers that they should test the Secustick to see if it lives up to their expectations. Our customers are happy with the level of protection that our product offers. Normally, the amount of security is sufficient, not everyone has the technical expertise that you have', said a spokesperson, ignoring the options that those with malicious intent might have at their disposal, or the possibility that a cracked version of the software is put on the web. According to the company's CEO, there is an improved version of the stick in the pipeline, which should be ready within two months. For really big secrets, the company also has another line of products 'with even better security'.

Our advice should be clear: anyone with 130 euros to spare for a shiny metal USB stick with a necklace is free to go out and spend it on the Secustick, but those who want to carry their data around safely are better off searching for a more advanced model, or to use a regular stick in combination with a program such as TrueCrypt.

Tweakers.net would like to thank Sprite_tm for his extensive technical contributions to this article.

* Plug this story

Back to home

Inhoudsopgave

  1. The Secustick
  2. First impressions
  3. Self-destruction
  4. The software
  1. The Secustick exposed
  2. Concluding remarks
  3. Comments (2)

Categorieën

Tags

Reacties

Flat modeFlat mode Sorteer aflopendSorteer aflopend Moderatie FAQModfaq
Niveaufilter: -1 Ongewenst: 2 reacties zichtbaar20 Off-topic / Irrelevant: 2 reacties zichtbaar2+1 On-topic: 0 reacties zichtbaar0+2 Informatief: 0 reacties zichtbaar0+3 Must-read: 0 reacties zichtbaar0

Door Bigs, vrijdag 13 april 2007 22:01

Score: 0
Woei.. kijken of de T.net servers /.-bestendig zijn (neem aan van wel)

Op dit item kan niet meer gereageerd worden.

VNU Media logo Powered by True

© 1998 - 2009 Tweakers.net - Alle rechten voorbehouden - Uw Privacy - Algemene Voorwaarden

Uitgever van: