Kingston admits "secure" USB drives are flawed
By Barry Collins
Posted on 4 Jan 2010 at 09:18
Kingston is urging customers to return their supposedly "secure" USB drives after discovering that they're not quite as watertight as the company claimed.
A post on Kingston's website claims that "a skilled person with the proper tools and physical access to the drives may be able to gain unauthorised access to data" on three of the company's models. They are the DataTraveler BlackBox, DataTraveler Secure – Privacy Edition, and DataTraveler Elite – Privacy Edition.
Kingston doesn't detail how the drives can be compromised, but the problem is serious enough for the company to request that customers return their drives for a "factory update".
The flaw is particularly embarrassing, given that Kingston claims the Data Traveler Secure drive is "the first USB Flash drive that secures 100% of data on-the-fly via 256-bit hardware-based AES encryption", and that the drive is "specifically designed to meet enterprise-level security and compliance requirements".
The drive requires users to enter a strong password with a minimum of six characters before granting access to the data, automatically wiping the data if a wrong password is entered ten times.
Kingston's website provides details on how to return your drives - UK-based owners should call the company on 01932 738950.
Is your business a social business? For helpful info and tips visit our hub.
- Hour of Code: five steps to learn how to code
- Sony Xperia Z2 Tablet review: first look
- Sony Xperia Z2 review: first look
- Samsung Galaxy Gear 2 review: first look
- Nokia XL review: first look
- Samsung Galaxy S5 review: first look
- Nokia X review: first look
- Censorship by copyright: Myles Powers and abuse of DMCA takedowns
- Turn an old smartphone into an in-car entertainment system
- Apple's OSes set to surpass Windows
- The key to choosing a secure password
- Please stop reposting fake Facebook messages
- Is Facebook safe for business?
- Don't rely on Chrome's password vault
- Facebook Graph Search: don't panic
- Gmail drafts and Pastebin: could they evade the email snoops?
- Applying for a job at GCHQ? Here's your plain-text password
- Google two-step verification: a must for business email
- Yes, I write down my passwords
- How to deal with a ransomware attack