On 12 Sep 2007 20:18:22 -0700, Aram Perez wrote:
I don't about you, but when I hear terms like (please pardon my
cynicism):
with military grade AES encryption - Hum, I'll have
to ask NIST
about that.
AES can be permitted for use in classified environments. See
Damien Miller writes:
It protects against the common threat model of lost/stolen USB keys.
Remember, crypto without a threat model is like cookies without
milk.
--
--my blog is athttp://blog.russnelson.com | People have strong opinions
Crynwr sells support for free software | PGPok |
Dave Korn writes:
So by your exacting standards, PGP, gpg, openssh, in fact basically
_everything_ is snake oil.
No. In fact Aram is saying nothing of interest. Cryptography without
a threat model is like motherhood without apple pie. Can't say that
enough times. More generally,
Hagai Bar-El wrote:
Hi,
On 12/09/07 08:56, Aram Perez wrote:
The IronKey appears to provide decent security while it is NOT plugged
into a PC. But as soon as you plug it in and you have to enter a
password to unlock it, the security level quickly drops. This would be
the case even if they
On 13 September 2007 04:18, Aram Perez wrote:
to circumvent keylogging spyware - More on this later...
The first time you plug it in, you initialize it with a password -
Oh, wait until I disable my keylogging spyware.
You enter that password to unlock your secure files -
Damien Miller wrote:
It protects against the common threat model of lost/stolen USB keys. Why is
this snake oil? Your criticism seems akin to calling a physical lock insecure
because it doesn't protect you from burglars once you have unlocked it.
Many many years ago an office that a startup I
I looked at the Ironkey website and, although there is obviously a little
marketing-speak, my snake-oil and BS detectors do not go off. Some of the
criticisms by Aram Perez appear to be somewhat unjustified.
Perez states:
Protected by a password that is entered on whatever PC you plug the
Hi,
On 13/09/07 15:14, Ian G wrote:
Hagai Bar-El wrote:
Hi,
On 12/09/07 08:56, Aram Perez wrote:
The IronKey appears to provide decent security while it is NOT plugged
into a PC. But as soon as you plug it in and you have to enter a
password to unlock it, the security level quickly drops.
I'm a beta-tester for it, and while I can understand a small twitch
when they talk about miltary and beyond military levels of
security, it is very cool.
It has hardware encryption and will erase itself if there are too
many password failures. I consider that an issue, personally, but it
Hi Jon,
On Sep 11, 2007, at 5:35 PM, Jon Callas wrote:
I'm a beta-tester for it, and while I can understand a small twitch
when they talk about miltary and beyond military levels of
security, it is very cool.
It has hardware encryption and will erase itself if there are too
many
Hi,
On 12/09/07 08:56, Aram Perez wrote:
The IronKey appears to provide decent security while it is NOT plugged
into a PC. But as soon as you plug it in and you have to enter a
password to unlock it, the security level quickly drops. This would be
the case even if they supported Mac OS or
On 9/11/07, Aram Perez [EMAIL PROTECTED] wrote:
The world's most secure USB Flash Drive: https://www.ironkey.com/demo.
you didn't explain why it is a Snake Oil Candidate..
-
The Cryptography Mailing List
Unsubscribe by
| The world's most secure USB Flash Drive: https://www.ironkey.com/demo.
What makes you call it snake oil? At least the URL you point to says
very reasonable things: It uses AES, not some home-brew encryption; the
keys are stored internally; the case is physically protected, and has
some kind of
13 matches
Mail list logo