a1pha said:
IRONKEY is just a USB stick with strong hardware encryption and a fancy metal case. Personally, I think IRONKEY is way overpriced. If it were me, I'd get the
Imation Defender. It also has 256 hardware encryption - but does not require software on the OS. It uses the on-board fingerprint scanner.
But here's the thing: Questions regarding security always must be framed by the question "SECURE FROM WHOM?"
For me, I'm most interested in being secure from LEGAL/JUDICIAL/POLICE HASSLE. Any judge can easily compel you to place your finger on a device to secure your print; it's much harder to force you to divulge a password.
Regarding passwords, how's this for an idea: Store your password (very complex and long--one you couldn't possibly remember) in a steel box with a simple timer/fuse set to light a small quantity of magnesium powder or similar if you haven't reset the timer in X period (probably a few days). No harm is caused by the small fire in the box, except the small piece of paper that holds your password is completely obliterated by a small but hot magnesium fire.
THEN, when you've been arrested, etc., and a few days later come in front of a judge (after your thumb drive has been forensically examined and found to be encrypted to the point where it's not feasible to try to break the encryption) who demands that you provide the password on penalty of PERMANENT INCARCERATION for contempt of court, you can announce your steel box system and state perfectly honestly that 1) You simply DO NOT KNOW your password, and have no way to retrieve it, and 2) You are not in any way in contempt of a judicial order, since the password was destroyed BEFORE the judge had requested it!
***Nor could you be charged with "obstruction of justice" for having "planned" to thwart the judge. Your reason for creating such a setup was "in case you died unexpectedly, you didn't want anyone to have access to your private thoughts and ideas, etc."
A somewhat less involved plan would be a service (hey, let's start one!) which STORES such passwords for you online, and which will PERMANENTLY ERASE the password under the conditions you specify (such as not resetting every few days). This wouldn't be a problem for me because it would only be for a thumb drive I used for SPECIAL internet work...so I could retrieve the password from the regular OS and browser, in order to open the thumb drive for my private browser work.
EDIT: And, of course, you could always have a "burnt box" ALREADY MADE, and in fact be using a password you know and keep in your head, but USE the burnt box story in order to CLAIM you don't know your password. Of course that's slightly risky, because it probably COULD be proved--if they wanted to go to the trouble--that the fire in the box in fact hadn't occurred within the last day or two.
