Besides the convenience of storing digital data, keep in mind that nearly every commonly available USB device available actualizes or emphasizes storage capacity, read/write transmission speeds --
not well designed security. Few USB drives offer more than data encryption or password protection. Yet one of the most important aspects of memory sticks is that they are secure. However not too many people know or understand that the common definition of what many manufacturers consider a secure device is a function of the cost of the product in the sense of how much of the device they can sell --
not how well the device defends the privacy of the individual consumer. Therefore most devices allow the consumer to create passwords and/or allow for data to be encrypted. However nearly every device is capable of being disassembled such that the data on them are extracted even without a password. Unfortunately there are people out there with an inestimable amount of patience who will and can make such an effort. There is no way, of course, to guess, predict or identify beforehand who these people are. Worse, these thieves have been known to reconstruct the stolen device so well that the consumer/owner who originally bought it cannot identify that the data on the device was stolen/copied and the device itself rebuilt.
Note: I read a report discussing this and other procedures data thieves undergo. In this forum and thread, I intend only an introduction to this reality. If someone is interested in the article itself and related references I'll post an article similar to what I found interesting and that I researched awhile ago, within this thread or elsewhere in this Forum after someone here an expresses interest in exploring more details for themselves.
A person could try to employ a statistics game assessment to explore the risk of being the victim of such a theft of private data. Any reasonable estimation would reveal that the chance of such theft happening to any one individual is extremely small, unless one adds factors such as one's business, one's profession, one's location, etc. Regardless of how one proceeds in any analytical process stolen personal digital data usually stored on these devices is a serious threat because strategic personal and business related data can be extracted such that not only is one's identity at risk but also one's business and professional relationships, and plans as the thief analyzes whatever data resided on that stolen device. Let's not be innocent regarding the nature of such a thief or thieves, anyone or any group with such determination will also find the means to market/sell and profit from whatever information is gathered.
Considering this aspect of theft, I'm very sure that everyone is interested in avoiding being or becoming that individual whose ideas, strategies or other data which resided on the stolen device has been passed to the dark universe of cybercrime which markets such digital data. A victim of this kind of theft and violation never discovers the problem until one applies for credit, or employment and discovers that the information collected about oneself is invariably intermixed with whatever tidbits where originally stolen. Of course, by that time, the damage is so vast that undoing it may be impossible no matter how many lawyers one may have on retainer.
If one is like myself, and other's who visit here, namely an experienced IT professional who offers one's skills to various employers with a commitment to protect information regarding their data and systems, then keep in mind that the value of one's reputation remaining pristine, reliable -- together with technical savvy -- is more important today than almost any other time.
I believed it imperative to highlight for the YDL community the ramifications of these realities in which an IT pro finds himself/herself. It is clear that not everyone in the Forum is an IT pro who needs to consider the problems/challenges I'm discussing here. However, even an individual not involved in commercial or open source development should be concerned that private and commercial data float in cyberspace within criminal cybermarkets.
The first step an individual takes to battle threats to privacy and defend against potential liability (when other individual's and/or commercial entities could proceed against an individual because one should have been responsible taking professional precautions against digital theft) -- is prevention.
Instead of listing all the devices which are vulnerable because they can be deconstructed, have their data stolen and rebuilt -- it is easiest to list the one manufacturer which specifically designed and constructed their products to be impervious to the threats I described above. In the interest of full disclosure, I did technical testing of their device and I do utilize it for work I created/developed and useful technical references which requires strong defense. I've also, through my experience, become enabled how to explain and demonstrate technologies within the product for the benefit of others who wish to defend the value of their work. I want to make it clear, that I'm not selling the device, but rather merely presenting a collection of facts to interested persons in this Forum and thread which they may not have been aware of. The manufacturer whose USB devices have earned my utmost admiration is
Iron Key.
Note: Different versions of Iron Key's USB devices may or may not be available for shipping outside the U.S. In order to use the full services embedded within every Iron Key, Windows is required; the manufacturer has developed an interface so that users of x86 Linux and Mac OS X can access the data stored on their Iron Key. There is no such interface for those using YDL.
Posted: 30 Oct 2009, 12:30