Kingston Admits To Secure USB Drive Flaw

Memory giant Kingston Technology has admitted that some of its supposedly secure USB sticks can in fact be hacked, and it has asked customers to return the devices for an update.

Kingston has posted a warning on its drive information page and warned that a “skilled person with the proper tools and physical access to the drives may be able to gain unauthorised access to data contained on the following Kingston Secure USB drives.”

The affected models include the DataTraveler BlackBox; DataTraveler Secure – Privacy Edition; and DataTraveler Elite – Privacy Edition.

According to Jim Selby, Kingston’s manager of European product marketing, the flaw lies in how the drives process passwords.

“The encryption itself is sound, but there is a small loophole regarding the processing of the password,” Selby told ZDNet UK. “Someone who is skilled enough, with the right tools, could exploit the weakness.”

According to Selby, Kingston was alerted to the flaw by a German penetration testing company called SySS, after it had written some software that uncovered the workings of the password authentication process, despite these drives utilising 256-bit AES encryption.

UK users are advised to contact Kingston on 01932 738950 to get their drives updated.

Kingston is a well established player in the memory field and offers a range of secure USB flash drives for the consumer, enterprise, and government sectors. Back in July it launched the biggest little flash drive in the world with 256GB of storage in a 71mm USB memory stick, the Data Traveler 300.

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

3 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

3 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

3 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

4 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

4 days ago