I have been in the market for a new USB drive for a while, so when I stumbled across an ad for the IronKey devices I was intrigued. These guys have on-board crypto chips that store your files AES encrypted so that they can only be recovered after entering a password. They also have some other tamper proofing features and are supposed to “self destruct” if there are too many invalid password attempts or if someone tries to physically mess with the device. They have the words “military grade” stamped all over their website which has traditionally been a red flag for me when evaluating products with cryptography, but I looked around on the Internet a bit and read over some comments on the IronKey I saw on Bruce Schneier’s blog (scroll down) and the group appears to at least have the background to know what they’re doing.
So I picked one up. It was kind of a hassle for me to initialize because of the way my laptop is configured but I managed to work around that. Now that it is configured it seems to work fine on whatever Windows computer I have put it in. It is a little more work because you have to enter your password before getting access to your files, but that is a small price to pay for “data at rest” security. So far so good…
I’m still trying to decide how much I want to play around probing the security of the device. If it really does turn itself off then I suppose (a) hooray the security works and (b) I would have to go buy another one. For now I will probably keep that to a minimum and hope that I am at least a little better off than folks using normal, unencrypted USB keys.
dan _at_ denimgroup.com