Serious security vulnerabilities in (supposedly) secure USB flash drives

Last month, we posted here about the FIPS 140 cryptographic standard.  Now SySS, a security company in Germany, has managed to prove that FIPS 140-2 certified products can be cracked. 

SySS discovered security vulnerabilities in the integrated software that authorizes decryption for USB drives sold by several different vendors that can allow unauthorized persons to access the data on such drives that are encrypted with 256 bit AES.

The National Institute of Standards (NIST) is currently investigating the situation.

http://www.securityfocus.com/brief/1058

DEBRA LITTLEJOHN SHINDER
MVP (Enterprise Security)
“MS SECURITY”
[email protected]

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top