Keith C. Perry on 27 Jun 2015 13:49:22 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] USB-attached, hardware-encrypted card reader ... why vaporware?


Brent pretty much nailed my comments about hardware encryption.  I've used Iron Key USB hardware encryption and awhile back HP had a USB device with a keypad on it.  I don't trust small hardware to be be durable (the HP).  Iron Key's system, though robust, cross platform with KMS, isn't worth the money when LUKS give me this out the box which the encryption cipher I want.

Granted that only covers Linux and android but since its also possible to do a straight AES-256 container, I'm not sure why that can't be read by programs on OS-X or Windows.  As long as the software is not creating its own header, an AES-256 container is an AES-256  Seems like they should be plenty of programs that just do that- a quick search leads me to believe there are but I have not way to test the OS-X stuff.

The Ciphershed software looks interesting.


~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
Keith C. Perry, MS E.E.
Owner, DAO Technologies LLC
(O) +1.215.525.4165 x2033
(M) +1.215.432.5167
www.daotechnologies.com


From: "brent saner" <brent.saner@gmail.com>
To: bergman@merctech.com, "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>
Sent: Saturday, June 27, 2015 4:23:23 PM
Subject: Re: [PLUG] USB-attached,        hardware-encrypted card reader ... why vaporware?

personally, i don't trust hardware encryption- it doesn't allow for tweaking or transparency, and due to the limited hardware onboard they tend to be fairly limited.

however, in the wake of truecrypt's journey into abandonware, there IS the cross-platform CipherShed,
https://ciphershed.org

give it a shot. i prefer LUKS via cryptsetup personally, but i don't have anything that necessitates cross-platform compatibility (and if it does, i just boot a liveCD that supports cryptsetup/luks).

i talk a bit about other volume-storage encryptions in the podcast episode i did here: https://sysadministrivia.com/notes/Season_0:Episode_5


On Sat, Jun 27, 2015, 15:51  <bergman@merctech.com> wrote:
I've got lots of SD cards floating aroung. They're convenient, portable,
cheap, and now have a useful capacity. However, they've got no intrinsic
security.  Filesystem encryption through software isn't portable across
operating systems, and often requires privileges to install the required
software.

I'd like a USB-attached SD card reader that does hardware encryption.

Yes, there are hardware-encrypted, USB-attached flash drives[1], but
they are quite expensive and have fixed-capacity.

There's been a failed crowd-funded attempt at creating this
device[2].

There's a company the purports to make exactly what I'm seeking[3], but
the product doesn't seem to be available for retail sale if exists at all
(no response from the company, no resellers, no recent updates, etc).

Does anyone know of a source for this kind of device, or have
speculation as to why it doesn't exist?

Thanks,

Mark

[1] http://www.apricorn.com/products/hardware-encrypted-drives/aegis-secure-key-3-0.html
[2] http://www.cryptx2.com
[3] http://hiddn.no/cocrypt
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug