PaulDotCom mailing list archives
Kingston DataTraveler Secure Privacy vulnerability
From: lonestarr13 at gmail.com (Michael Salmon)
Date: Tue, 5 Jan 2010 22:55:01 -0500
Below is the whitepaper from the security company that discovered the flaw. I uploaded the pdf document to Google Translator to try to read it. My understanding is that basically the Kingston software, exmpsvr.exe, creates this 32 byte block of data that doesn't change even if the password is changed or the key is formatted and is used to decrypt the encrypted data. Syss wrote a program that modifies the exmpsvr.exe application at runtime and basically bypasses the password request code and jumps to the 32 byte block to start decrypting. Please correct me if I am wrong or I misunderstand, the translation is a bit difficult for me to read. WhitePaper: http://www.syss.de/fileadmin/ressources/040_veroeffentlichungen/dokumente/SySS_knackt_Kingston_USB-Stick.pdf CNET article: http://news.zdnet.co.uk/security/0,1000000189,39963327,00.htm?tag=mncol;txt Dark Reading: http://www.darkreading.com/insiderthreat/security/encryption/showArticle.jhtml?articleID=222200174 Thanks, Michael Salmon On Tue, Jan 5, 2010 at 9:51 PM, David A. Gershman < dagershman_dgt at dagertech.net> wrote:
Oh my, do tell. And please provide a link to the white paper if possible.I hope I'm not double posting, but has anyone else seen the whitepaper on the recently discovered vulnerability in FIPS certified Kingston/Sandisk/Verbatium usb keys? It seems like a very amateur vulnerability in the software.---------------------------------------- David A. Gershman gershman at dagertech.net http://dagertech.net/gershman/ "It's all about the path!" --d. gershman _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
-------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20100105/27ae132b/attachment.htm
Current thread:
- Kingston DataTraveler Secure Privacy vulnerability Michael Salmon (Jan 05)
- <Possible follow-ups>
- Kingston DataTraveler Secure Privacy vulnerability David A. Gershman (Jan 05)
- Kingston DataTraveler Secure Privacy vulnerability Michael Salmon (Jan 05)
- Kingston DataTraveler Secure Privacy vulnerability Johan Peder Møller (Jan 06)
- Kingston DataTraveler Secure Privacy vulnerability John Strand (Jan 06)
- Message not available
- Kingston DataTraveler Secure Privacy vulnerability Michael Salmon (Jan 07)
- Kingston DataTraveler Secure Privacy vulnerability Michael Salmon (Jan 05)