A new approach to securing USB flash drives

Corsair recently came out with a product that takes an entirely new approach to securing flash drives.

USB Flash drives are great. Securing them, however, is not so great. They are easily lost and the more you use one, the more likely it will contain files you consider sensitive. Corsair recently came out with a product that takes an entirely new approach to securing flash drives.

Seeing as this is a Defensive Computing blog, it goes without saying that my personal flash drives are secure. I use a free, open-source program called TrueCrypt. There are however, three problems with this approach:

  1. The hassle of installing TrueCrypt and learning how to use it. There is a portable version of it, which I use, but TrueCrypt is a large program with many features (the manual is more than 100 pages) and may be just too much for some people.
  2. TrueCrypt only works if you are logged on to Windows as an administrative class user.
  3. There is no Mac version (there is a Linux version).

My first approach to security was worse. I bought secure flash drives, models that came with their own security software preinstalled. The secure models cost more than their insecure siblings and the software from each vendor worked differently. At least TrueCrypt gave me a personal standard.

The new Corsair Flash Padlock replaces software with buttons. The side of the device has five buttons with numbers on them, and you press the buttons to chose a password initially and then to enter it later.

I have not used a Flash Padlock, but Scot Finnie wrote a review just a few days ago in his aptly named newsletter, Scot's Newsletter. There can be a huge gap between a good idea and good product. According to Scot, the Flash Padlock is a good product.

For one thing, it's designed to be locked and unlocked without any involvement from a computer. And there are lights that clearly indicate whether it is locked or not. Perhaps most importantly, Scot says "The user interface for the Flash Padlock is very well thought out." If you ever carry sensitive files on a flash drive, read Scot's review.

On the other hand, if you can live with the restrictions of TrueCrypt, then see this getting started cheat sheet that Gina Trapani did in June of last year. Geek to Live: Encrypt your data

If we could only settle on a name for these thingies.


Update: October 3, 2007. Scot wrote a follow-up to his review of the Corsair Flash Padlock drive which notes that the case can be unscrewed to provide access to the un-encrypted flash ram, which sort of defeats the high security. In addition he notes that the encryption software on the Lexar JumpDrive supports Macs despite the fact that the documentation doesn't say so. Finally, he mentions the IronKey flash drive which is very secure and very expensive.

About the author

    Michael Horowitz wrote his first computer program in 1973 and has been a computer nerd ever since. He spent more than 20 years working in an IBM mainframe (MVS) environment. He has worked in the research and development group of a large Wall Street financial company, and has been a technical writer for a mainframe software company.

    He teaches a large range of self-developed classes, the underlying theme being Defensive Computing. Michael is an independent computer consultant, working with small businesses and the self-employed. He can be heard weekly on The Personal Computer Show on WBAI.

    Disclosure.

     

    Join the discussion

    Conversation powered by Livefyre

    Show Comments Hide Comments
    Latest Galleries from CNET
    15 crazy old phones from a Korean museum (pictures)
    10 gloriously geeky highlights from 2014 (pictures)
    2015.5 Volvo XC60: updated tech, understated design
    Busted! CNET readers show us their broken devices (pictures)
    Take a closer look at the BlackBerry Classic (pictures)