Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×
Security

Submission + - Secure USB sticks cracked (heise-online.co.uk) 1

juct writes: "Manufacturers of USB sticks and cards with fingerprint readers promise us that their data safes can only be opened with the right fingerprint. In their tests, heise Security found that it is easy to bypass the authentication and get access to the protected data. This works by sending a single USB command — Command Descriptor Block — that changed the accessible partition. They found the vulnerability in the MyFlash FP1 from A-Data (USB-ID 1307:1169) and the 1GB Secure Card (USB-ID 7009:1765) sold by 9pay. The JetFlash 210 and 220 fingerprint sticks from Transcend use the chips in question and also provide access to the protected partition after transmission of a single USB command. The UT176 made by CySecure could also suffer from the same flaw, though they have not tested it yet."

Slashdot Top Deals

A university faculty is 500 egotists with a common parking problem.

Working...