FIPS-Certified USB Drives Have Security Flaws
Models from SanDisk, Verbatim and Kingston
By Jean Jacques Maleval | January 25, 2010 at 2:47 pmTo read this article from Federal Computing Week, click on:
FIPS-certified USB drives have security flaws
The recently reported discovery of a vulnerability in supposedly secure USB flash drives has prompted a review of the certification process for cryptographic modules under the Federal Information Processing Standards. The flaw could potentially allow unauthorized access to encrypted data. Affected FIPS certified devices include the SanDisk Cruzer Enterprise FIPS Editions CZ32 and CZ46 in 1G, 2G, 4G and 8G; and the Verbatim Corporate Secure FIPS Edition in 1G, 2G, 4G and 8G. A number of other USB drive models from SanDisk, Verbatim and Kingston not certified under FIPS also are affected by the vulnerabilities.