Serious security vulnerabilities in (supposedly) secure USB flash drives

By /

Last month, we posted here about the FIPS 140 cryptographic standard.  Now SySS, a security company in Germany, has managed to prove that FIPS 140-2 certified products can be cracked. 

SySS discovered security vulnerabilities in the integrated software that authorizes decryption for USB drives sold by several different vendors that can allow unauthorized persons to access the data on such drives that are encrypted with 256 bit AES.

The National Institute of Standards (NIST) is currently investigating the situation.

http://www.securityfocus.com/brief/1058

DEBRA LITTLEJOHN SHINDER
MVP (Enterprise Security)
“MS SECURITY”
[email protected]

About The Author

Debra Littlejohn Shinder is a technology and security analyst and author specializing in identity, security and cybercrime, utilizing her past experience as a police officer and police academy/criminal justice instructor. She has written numerous books and articles for web and print publications and has been awarded the Microsoft MVP designation for fourteen years in a row.

Read Next

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top