- 7-Zip Portable
- AbiWord Portable
- Audacity Portable
- ClamWin Portable
- Command Prompt Portable
- FileZilla Portable
- GIMP Portable
- KeePass Portable
- Miranda IM Portable
- Mines-Perfect Portable
- Mozilla Firefox, Portable Edition
- Mozilla Sunbird, Portable Edition
- Mozilla Thunderbird, Portable Edition
- Notepad++ Portable
- Nvu Portable & KompoZer Portable
- On-Screen Keyboard Portable
- OpenOffice.org Portable
- Pidgin Portable
- PokerTH Portable
- PuTTY Portable
- Sudoku Portable
- Sumatra PDF Portable
- Virtual Magnifying Glass Portable
- VLC Media Player Portable
- winMd5Sum Portable
- More apps...
Bypass U3 security - rebootSubmitted by 4wdturbo on August 20, 2007 - 5:03am.
If I boot up my computer with my SanDisk U3 cruzer already connected to the computer, it will not prompt me for my password. What it will do however, is give me full access to all my files stored on the device! Response from SanDisk - "We do not recommend connecting the Cruzer before you boot your computer." Great! So if my U3 USB card ever ends up in someone elses hands, I'm supposed to hope that they follow SanDisk's recommendation, and my files will remain secure??? Has anyone else come across this problem? ( categories: )
|
No
Simeon - August 22, 2007 - 11:01amBut its cool to know
“I can live with doubt and uncertainty and not knowing. I think it is much more interesting to live not knowing than to have answers that might be wrong.” - Richard P. Feynman
"I was just out walking my rat and I seem to have lost my way" - James Bond in Diamonds Are Forever
U3 Security
wsm23 (Homepage) - August 22, 2007 - 11:04amIs kind of an oxymoron.
Good warning for all of those out there. Just like you should not lose your wallet or purse. Your flash drive can contain just as sensitive info.
--
Life is about the journey not the destination!
My site * My Blog
The Kazoo Spartan
Life is about the journey not the destination!
The Kazoo Spartan
Previous State?
What was the state of the drive at reboot.
When you give the password and unlock the drive if you reboot you should still be able to access the drive.
If you eject the drive and remove it the situation you describe does not occur, at least not with my Sandisk.
Based on my testing you can't just put it in a new machine and boot and get access (unless the drive is NOT password protected).
I have heard this "theory" before and in every case the person has rebooted the machine after the drive had already been unlocked on that machine.
Take drive to different machine, shut down machine, plug-in drive, start machine, no access with out password when password is set.
Tim
(\__/)(='.'=)(}><{)(")_(")
"The Wheels of John grind slowly, yet they grind exceedingly small"
I have heard...
wsm23 (Homepage) - August 22, 2007 - 12:46pm...it is still not 100% foolproof. No encryption and there is another way to bypass it. I don't know what that way is and I don't know if we want to publish it here either.
--
Life is about the journey not the destination!
My site * My Blog
The Kazoo Spartan
Life is about the journey not the destination!
The Kazoo Spartan
Reboot
I'm just addressing the reboot question.
If this were true, which I believe it is not, it would be a true concern.
I have yet to have anyone prove that they can yet to the data portion of the drive with out the password, that they can crack the password, or that the data is recoverable on the latest version of the Sandisk U3 platform after a reset.
And even if they could they would be more techie than the guy whose gonna find my drive on the street.
p.s. I know John said he was able to do a reset on an early BB/Geek squad drive and then undelete the data. I have not heard anyone claim to have done it on the newer drives
Tim
(\__/)(='.'=)(}><{)(")_(")
"The Wheels of John grind slowly, yet they grind exceedingly small"
U3 InSecurity
wsm23 (Homepage) - August 22, 2007 - 1:50pmFrom: http://en.wikipedia.org/wiki/U3#_note-10
"Data Security-
Most U3 drives on the market feature a security lock within the U3 Launchpad. This loads the CD partition first and can be user-configured to require a password to be entered; otherwise the data partition will not load. The drive is supposed to seal itself after a certain number of invalid password entries, requiring a reformat. Since the data partition is not encrypted, the user's data may not actually be secure, as the U3 CD-ROM partition can easily be used to store any program."
I used a U3 drive for a year and like you do not know of very many people who would take the time and effort to crack a U3 drive. This site services thousand of people. I think John said PortableApps.com downloads were in the millions now. I am just saying that no one in the Software Security industry that I know of thinks that U3 is a secure platform to store unencrypted data.
Also: read http://portableapps.com/node/4098#comment-18646
and: http://portableapps.com/node/6558
--
Life is about the journey not the destination!
My site * My Blog
The Kazoo Spartan
Life is about the journey not the destination!
The Kazoo Spartan
After doing more testing, it
4wdturbo - August 27, 2007 - 10:58pmAfter doing more testing, it seems to only be a problem when the computer is rebooted while the U3 is connected. Even if you 'Eject' the device using the Launchpad, and then reboot, all the files can be accessed using Windows Explorer.
I can only see this being a problem if a system administrator reboots your machine while you are away from it. Then your files are open for viewing.
However, if the USB card is stolen and booted up on a different machine, the files are still protected.
encrypted
rab040ma - September 21, 2007 - 8:10pmI think I'd prefer to rely on Toucan or Truecrypt...
MC
Another ingredient for a happy marriage: in a family argument, if it turns out you are right -- apologize at once! (The Notebooks of Lazarus Long)
GPG key: 0565D971 | see you on IRC channel: #portableapps on irc.freenode.net
Toucan and Truecrypt
rjreid - September 29, 2007 - 1:53pmaren't even in the same hemisphere as far as capabilities. I tried Toucan and uninstalled it.
hmm..
RMB Fixed - September 22, 2007 - 7:52amAre you absolutely 100% certain that the drive was in fact ejected ?
If "yes" then that is a serious bug ..