Privacy

31224 readers

922 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 4 years ago

MODERATORS

[email protected]

227

What are your thoughts on USB storage drives that have keypad encryption? (leminal.space)

submitted 7 months ago* (last edited 7 months ago) by [email protected] to c/[email protected]

124 comments fedilink hide all child comments

It seems like the benefits are having the device lock/wipe itself after a set amount of attempts in case of a brute force attack and not having to run software to decrypt the drive on the device you plug it into.

I included a picture of the IronKey Keypad 200 but that's just because it's the first result that came up when I was looking for an example. There seem to be a few other manufacturers and models out there and they probably have different features.

I am curious what do you think of them? Do you think they are useful? Do you find it more a novelty?

It was an ExplainingComputers video titled Very Useful Small Computing Things that made me think of them.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 29 points 7 months ago* (last edited 7 months ago) (1 children)

Hardware signing devices have lots of utility because they keep the key from ever being on the machine (which is more likely to be compomised). Think ledger or trezor for your Bitcoin. Hardware encryption devices are just really expensive and black-box ways to avoid Veracrypt.

If your encryption algorithm is secure, you have no use for automatic lock-out. If it's not, automatic lockout won't do much against an attacker with physical access to the device. Unless they are dumb enough to trigger the lockout AND the internal memory wipes itself sufficiently well AND/OR the attacker doesn't have the resources to reverse engineer the device.

[–] [email protected] 3 points 7 months ago

If your encryption algorithm is secure, you have no use for automatic lock-out.

This isn't true. You need your algorithm and your key to be secure. If the key needs to be remembered or entered often it probably can't be secure. So brute force protection becomes very important.

If it’s not, automatic lockout won’t do much against an attacker with physical access to the device.

This isn't true. Yes, with enough time and effort it is possible to extract any data from any device. But in practice physical HSMs do an excellent job at raising the cost of key extraction. I would much rather have an attacker steal my Yubikey than a USB with my GPG key lying on it.