[EMAIL PROTECTED] wrote:
The below USB drive manufacture claims FIPS 140-2
certification. Encryption is now required for USB
thumb drives used on DoD computer. This one is
being used by the Military.
http://www.kanguru.com/kanguruusbflash.html
See:
On 12 Sep 2007 20:18:22 -0700, Aram Perez wrote:
I don't about you, but when I hear terms like (please pardon my
cynicism):
with military grade AES encryption - Hum, I'll have
to ask NIST
about that.
AES can be permitted for use in classified environments. See
Damien Miller writes:
It protects against the common threat model of lost/stolen USB keys.
Remember, crypto without a threat model is like cookies without
milk.
--
--my blog is athttp://blog.russnelson.com | People have strong opinions
Crynwr sells support for free software | PGPok |
Dave Korn writes:
So by your exacting standards, PGP, gpg, openssh, in fact basically
_everything_ is snake oil.
No. In fact Aram is saying nothing of interest. Cryptography without
a threat model is like motherhood without apple pie. Can't say that
enough times. More generally,
Hagai Bar-El wrote:
Hi,
On 12/09/07 08:56, Aram Perez wrote:
The IronKey appears to provide decent security while it is NOT plugged
into a PC. But as soon as you plug it in and you have to enter a
password to unlock it, the security level quickly drops. This would be
the case even if they
On 13 September 2007 04:18, Aram Perez wrote:
to circumvent keylogging spyware - More on this later...
The first time you plug it in, you initialize it with a password -
Oh, wait until I disable my keylogging spyware.
You enter that password to unlock your secure files -
Damien Miller wrote:
It protects against the common threat model of lost/stolen USB keys. Why is
this snake oil? Your criticism seems akin to calling a physical lock insecure
because it doesn't protect you from burglars once you have unlocked it.
Many many years ago an office that a startup I
I looked at the Ironkey website and, although there is obviously a little
marketing-speak, my snake-oil and BS detectors do not go off. Some of the
criticisms by Aram Perez appear to be somewhat unjustified.
Perez states:
Protected by a password that is entered on whatever PC you plug the
On 13 Sep 2007 13:45:42 -, John Levine [EMAIL PROTECTED] wrote:
I always understood snake oil crypto to refer to products that were of
no value to anyone, e.g., products that claim to have secret
unbreakable encryption, million bit keys, or one time pads produced
by PRNGs.
hear hear!
I
Hi,
On 13/09/07 15:14, Ian G wrote:
Hagai Bar-El wrote:
Hi,
On 12/09/07 08:56, Aram Perez wrote:
The IronKey appears to provide decent security while it is NOT plugged
into a PC. But as soon as you plug it in and you have to enter a
password to unlock it, the security level quickly drops.
Hi Folks,
My last comment on this. I've stated my own personal opinion and
anyone is free to disagree.
On Sep 13, 2007, at 9:33 AM, Ali, Saqib wrote:
On 13 Sep 2007 13:45:42 -, John Levine [EMAIL PROTECTED] wrote:
I always understood snake oil crypto to refer to products that
were of
The below USB drive manufacture claims FIPS 140-2
certification. Encryption is now required for USB
thumb drives used on DoD computer. This one is
being used by the Military.
http://www.kanguru.com/kanguruusbflash.html
Thomas
On 9/13/07, Ali, Saqib [EMAIL PROTECTED] wrote:
On 13 Sep 2007
I'm a beta-tester for it, and while I can understand a small twitch
when they talk about miltary and beyond military levels of
security, it is very cool.
It has hardware encryption and will erase itself if there are too
many password failures. I consider that an issue, personally, but it
Hi Jon,
On Sep 11, 2007, at 5:35 PM, Jon Callas wrote:
I'm a beta-tester for it, and while I can understand a small twitch
when they talk about miltary and beyond military levels of
security, it is very cool.
It has hardware encryption and will erase itself if there are too
many
Hi,
On 12/09/07 08:56, Aram Perez wrote:
The IronKey appears to provide decent security while it is NOT plugged
into a PC. But as soon as you plug it in and you have to enter a
password to unlock it, the security level quickly drops. This would be
the case even if they supported Mac OS or
The world's most secure USB Flash Drive: https://www.ironkey.com/demo.
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
On 9/11/07, Aram Perez [EMAIL PROTECTED] wrote:
The world's most secure USB Flash Drive: https://www.ironkey.com/demo.
you didn't explain why it is a Snake Oil Candidate..
-
The Cryptography Mailing List
Unsubscribe by
| The world's most secure USB Flash Drive: https://www.ironkey.com/demo.
What makes you call it snake oil? At least the URL you point to says
very reasonable things: It uses AES, not some home-brew encryption; the
keys are stored internally; the case is physically protected, and has
some kind of
18 matches
Mail list logo