You are here

Bypass U3 security - reboot

11 posts / 0 new
Last post
4wdturbo
Offline
Last seen: 16 years 7 months ago
Joined: 2007-08-20 05:16
Bypass U3 security - reboot

If I boot up my computer with my SanDisk U3 cruzer already connected to the computer, it will not prompt me for my password. What it will do however, is give me full access to all my files stored on the device!

Response from SanDisk - "We do not recommend connecting the Cruzer before you boot your computer."

Great! So if my U3 USB card ever ends up in someone elses hands, I'm supposed to hope that they follow SanDisk's recommendation, and my files will remain secure???

Has anyone else come across this problem?

Simeon
Simeon's picture
Offline
Last seen: 9 years 5 months ago
DeveloperTranslator
Joined: 2006-09-25 15:15
No

But its cool to know Wink
“I can live with doubt and uncertainty and not knowing. I think it is much more interesting to live not knowing than to have answers that might be wrong.” - Richard P. Feynman

"What about Love?" - "Overrated. Biochemically no different than eating large quantities of chocolate." - Al Pacino in The Devils Advocate

wsm23
Offline
Last seen: 12 years 1 month ago
Joined: 2006-01-09 22:05
U3 Security

Is kind of an oxymoron.

Good warning for all of those out there. Just like you should not lose your wallet or purse. Your flash drive can contain just as sensitive info.

--
Life is about the journey not the destination!

My site * My Blog

The Kazoo Spartan

Life is about the journey not the destination!

The Kazoo Spartan

Tim Clark
Tim Clark's picture
Offline
Last seen: 12 years 11 months ago
Joined: 2006-06-18 13:55
Previous State?

What was the state of the drive at reboot.

When you give the password and unlock the drive if you reboot you should still be able to access the drive.

If you eject the drive and remove it the situation you describe does not occur, at least not with my Sandisk.

Based on my testing you can't just put it in a new machine and boot and get access (unless the drive is NOT password protected).

I have heard this "theory" before and in every case the person has rebooted the machine after the drive had already been unlocked on that machine.

Take drive to different machine, shut down machine, plug-in drive, start machine, no access with out password when password is set.

Tim
(\__/)(='.'=)(}>

Things have got to get better, they can't get worse, or can they?

wsm23
Offline
Last seen: 12 years 1 month ago
Joined: 2006-01-09 22:05
I have heard...

...it is still not 100% foolproof. No encryption and there is another way to bypass it. I don't know what that way is and I don't know if we want to publish it here either.

--
Life is about the journey not the destination!

My site * My Blog

The Kazoo Spartan

Life is about the journey not the destination!

The Kazoo Spartan

Tim Clark
Tim Clark's picture
Offline
Last seen: 12 years 11 months ago
Joined: 2006-06-18 13:55
Reboot

I'm just addressing the reboot question.
If this were true, which I believe it is not, it would be a true concern.

I have yet to have anyone prove that they can yet to the data portion of the drive with out the password, that they can crack the password, or that the data is recoverable on the latest version of the Sandisk U3 platform after a reset.

And even if they could they would be more techie than the guy whose gonna find my drive on the street.

p.s. I know John said he was able to do a reset on an early BB/Geek squad drive and then undelete the data. I have not heard anyone claim to have done it on the newer drives

Tim
(\__/)(='.'=)(}>

Things have got to get better, they can't get worse, or can they?

wsm23
Offline
Last seen: 12 years 1 month ago
Joined: 2006-01-09 22:05
U3 InSecurity

From: http://en.wikipedia.org/wiki/U3#_note-10
"Data Security-
Most U3 drives on the market feature a security lock within the U3 Launchpad. This loads the CD partition first and can be user-configured to require a password to be entered; otherwise the data partition will not load. The drive is supposed to seal itself after a certain number of invalid password entries, requiring a reformat. Since the data partition is not encrypted, the user's data may not actually be secure, as the U3 CD-ROM partition can easily be used to store any program."

I used a U3 drive for a year and like you do not know of very many people who would take the time and effort to crack a U3 drive. This site services thousand of people. I think John said PortableApps.com downloads were in the millions now. I am just saying that no one in the Software Security industry that I know of thinks that U3 is a secure platform to store unencrypted data.

Also: read https://portableapps.com/node/4098#comment-18646
and: https://portableapps.com/node/6558

--
Life is about the journey not the destination!

My site * My Blog

The Kazoo Spartan

Life is about the journey not the destination!

The Kazoo Spartan

4wdturbo
Offline
Last seen: 16 years 7 months ago
Joined: 2007-08-20 05:16
After doing more testing, it

After doing more testing, it seems to only be a problem when the computer is rebooted while the U3 is connected. Even if you 'Eject' the device using the Launchpad, and then reboot, all the files can be accessed using Windows Explorer.
I can only see this being a problem if a system administrator reboots your machine while you are away from it. Then your files are open for viewing.
However, if the USB card is stolen and booted up on a different machine, the files are still protected.

rab040ma
Offline
Last seen: 4 months 3 weeks ago
Joined: 2007-08-27 13:35
encrypted

I think I'd prefer to rely on Toucan or Truecrypt...

MC

rjreid
Offline
Last seen: 16 years 6 months ago
Joined: 2006-12-31 13:31
Toucan and Truecrypt

aren't even in the same hemisphere as far as capabilities. I tried Toucan and uninstalled it.

RMB Fixed
Offline
Last seen: 14 years 2 months ago
Joined: 2006-10-24 10:30
hmm..

Are you absolutely 100% certain that the drive was in fact ejected ?
If "yes" then that is a serious bug ..

Log in or register to post comments