It seems like the benefits are having the device lock/wipe itself after a set amount of attempts in case of a brute force attack and not having to run software to decrypt the drive on the device you plug it into.

I included a picture of the IronKey Keypad 200 but that’s just because it’s the first result that came up when I was looking for an example. There seem to be a few other manufacturers and models out there and they probably have different features.

I am curious what do you think of them? Do you think they are useful? Do you find it more a novelty?


It was an ExplainingComputers video titled Very Useful Small Computing Things that made me think of them.

  • NuXCOM_90Percent
    link
    fedilink
    arrow-up
    1
    ·
    9 months ago

    Didn’t use ironkey specifically but you can totally boot from an apricorn. Basically involved plugging it in, rebooting the machine, and VERY rapidly entering the unlock code before the bios finishes starting up and gets to the “so which drives are bootable?” phase.

    It was hellish but it was also corporate policy to not use any USB storage devices that did not have a keypad for encryption. And DVDs were strongly controlled by the IT department (who were about as stupid as you would expect to have signed off on a policy like that).

    • EuphoricSquirrel@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      9 months ago

      If you are lucky enough to know the admin key for the apricorn drives you can put them in lock override mode which keeps it unlocked till it completely loses power off the USB bus

    • Chefdano3@lemm.ee
      link
      fedilink
      English
      arrow-up
      1
      ·
      9 months ago

      Ah it was easy enough to get the iron key unlocked during post, as those HP servers take forever to boot, problem was the bios couldn’t recognize the USB. Whatever firmware is on it that does the security confused the system, and while it saw the drive, it didn’t know what it was and wouldn’t boot from it. In both uefi mode, and in legacy bios mode