Kingston admits "secure" USB drives are flawed
By Barry Collins
Posted on 4 Jan 2010 at 09:18
Kingston is urging customers to return their supposedly "secure" USB drives after discovering that they're not quite as watertight as the company claimed.
A post on Kingston's website claims that "a skilled person with the proper tools and physical access to the drives may be able to gain unauthorised access to data" on three of the company's models. They are the DataTraveler BlackBox, DataTraveler Secure – Privacy Edition, and DataTraveler Elite – Privacy Edition.
Kingston doesn't detail how the drives can be compromised, but the problem is serious enough for the company to request that customers return their drives for a "factory update".
The flaw is particularly embarrassing, given that Kingston claims the Data Traveler Secure drive is "the first USB Flash drive that secures 100% of data on-the-fly via 256-bit hardware-based AES encryption", and that the drive is "specifically designed to meet enterprise-level security and compliance requirements".
The drive requires users to enter a strong password with a minimum of six characters before granting access to the data, automatically wiping the data if a wrong password is entered ten times.
Kingston's website provides details on how to return your drives - UK-based owners should call the company on 01932 738950.
- Michael Dell: Cloud infrastructure is the roads, bridges and highways of the 21st century
- How to check your identity hasn’t been sold to the hackers
- Tim Cook: this is how much TV has changed since the 70s
- Westminster wins the .London battle
- 20 years of PC Pro: from deep pan pizza to virtualisation
- Five reasons why the Apple Watch leaves me cold
- Apple Watch, iPhone 6 and 6 Plus: Tim Cook's Apple back with a bang?
- BT Home Hub 5: how to get maximum speed
- 20 years of PC Pro: one-star reviews (including "the worst tablet we've ever seen")
- 20 years of PC Pro: our best covers
- How to write your company's IT security policy
- The key to choosing a secure password
- Please stop reposting fake Facebook messages
- Is Facebook safe for business?
- Don't rely on Chrome's password vault
- Facebook Graph Search: don't panic
- Gmail drafts and Pastebin: could they evade the email snoops?
- Applying for a job at GCHQ? Here's your plain-text password
- Google two-step verification: a must for business email
- Yes, I write down my passwords