Secure from the ground up
In terms of its design and construction, IronKey definitely lives up to its name: It's jacketed in a metal case with waterproof gaskets with its components encased internally in an epoxy resin. Its manufacturers claim that IronKey can survive the sort of abuse that would destroy most other USB drives of its kind -- dropping, throwing, drowning and so on. All data on the drive is encrypted using AES CBC-mode encryption, with all of the encryption and decryption taking place in the hardware itself.
There's no external software disc used to set up the IronKey. When you plug IronKey into a computer, it mounts two new volumes: a Windows- or Mac-compatible CD-ROM volume with the IronKey software on it and the encrypted volume itself. Double-click on the CD-ROM volume and the IronKey software will launch, either to configure a new IronKey or to mount the encrypted volume.
If the IronKey hasn't been configured yet, you can then choose a password and format the volume (the format process takes a couple of minutes). The IronKey will normally prompt you for your password to access the secure file volume. You have 10 tries to submit the correct password. If you run out of tries, the IronKey self-destructs.
When you first initialize the IronKey, you can set a name for the device and choose a password, which can be changed later and backed up to IronKey's own secure servers for later recovery if you need it.
Passwords can also be securely backed up to IronKey's my.ironkey.com service and recovered from there over a secure connection, and the IronKey password can be changed without wiping and reformatting the volume. When you want to disconnect IronKey, select Lock Drive in the IronKey application, wait for the app to quit and then just unplug the drive.
(Incidentally, once the drive self-destructs, it cannot be reformatted or reused. The manufacturers do have an environmentally-responsible recycling plan, though, so you can return it to them for disposal.)
Plug in and go
The secure files stored on the IronKey appear as a conventionally attached drive, and one can perform all the usual file operations with that drive. My demo unit came with 1 GB of storage, which actually came out to 887 MB of usable space (with some space used by the IronKey software itself). The volume is formatted as FAT32 by default, probably for the sake of compatibility with other operating systems. I clocked the average read speed for the volume at 13 MB/sec (as opposed to about 43 MB/sec for my main system drive), so while it's not nearly as fast as a good hard drive, it's still well-suited for everyday use. The IronKey press people make a point of mentioning that it uses SLC NAND Flash memory for the sake of speed. Also, you can create an encrypted backup of the contents of the secure drive and store it anywhere. It can't be restored and decrypted without the IronKey.
The IronKey has a mechanism for bundling applications directly on the drive, too. Right now, the only program that ships on the device seems to be Mozilla Firefox, but it's a customized install of Firefox, designed to allow the user to surf with anonymity and privacy. A user can optionally route Firefox traffic through IronKey Inc.'s dedicated network of The Onion Router (TOR) servers, which allow anonymous user network traffic by rerouting it through a randomly-chosen proxy. IronKey Inc. runs a dedicated TOR server network. As a result, while using TOR is still slower than regular browsing, it's also faster than the public mesh of anonymous (and untrusted) TOR servers.
You can change preferences from the IronKey Control Panel, a software tool that runs directly from a read-only portion of the device.
An IronKey password manager function lets you securely store and use passwords for Web sites -- as well as a password generator (it employs IronKey randomization hardware to create highly-secure passwords). Note that the password manager is tightly integrated with the custom install of Firefox on the IronKey, so you can't use it with just any old copy of Firefox. (Internet Explorer integration is also available.) Other goodies built into the drive include a Lost and Found label that shows up on the IronKey password screen. It, too, is stored cryptographically and cannot be tampered `with -- and the drive can fetch software updates from the IronKey site across a secured (SSL) connection. Loose ends?
The IronKey's design is deeply impressive, but there are a few things -- side effects of the way it's implemented, you could say -- that might constitute a security hazard for the uninitiated. For instance, if you have an existing Firefox user profile under the current login, the secure version of Firefox (running from the IronKey) seems to use some data from that user profile, such as stored form data, although not from passwords.
Also, under Microsoft Windows Vista, an IronKey mounted in regular-user mode will not be visible to any processes that are running in elevated mode, and vice versa. (This is not a bug in the IronKey or its software; it is a side effect of the security segregation that Vista creates between programs running in different user spaces and trust levels.)
One other thing. IronKey doesn't seem to have a feature I have admired in the open-source cryptography product TrueCrypt. It is the ability to partition a volume into a standard and hidden volume, which would allow you to conceal another volume within the secure files section of the drive. That way, if you are forced to reveal the volume key, you could do so without compromising all of the information on the drive. Finally, IronKey won't protect you against any existing threats that might compromise information -- for instance, a keylogger present on the system. But these are not fatal omissions. In fact, from what I can tell, IronKey Inc. already does far more to guarantee strong security for your data than most other existing products, and I look forward to seeing what else this company has in the works.
About the author: Serdar Yegulalp is editor of the Windows Power Users Newsletter. Check it out for the latest advice and musings on the world of Windows network administrators -- and please share your thoughts as well!
This was first published in October 2007