Discover Privacy News
Is your secure USB flash drive really secure?
What has happened though is that it appears many vendors didn't think through how they let people use the encryption in the first place. When you use a new encrypted USB drive for the first time, the drive already has a default device password. When the device's software asks for you to enter a password, it places its device password on your computer to authorize your drive and your password. Once on the computer, SySS discovered that you could watch the password authorization process.
That was bad enough. With it, a patient cracker could tease out what the device password was. What was worse was that the company discovered that companies were using the same device password on all their drives. Whoops.
The link for this article located at IT World is no longer available.