Confirm Action

Are you sure you wish to do this?

Confirm Cancel
Member Login

Posted: 4/8/2009 7:33:31 PM EDT
Saw this the other day and wondered what your thoughts were.
Iron Key

Not sure if it is worth the $, but does seem like an easy, 'all in one' way to put important dox on an encrypted media.
Link Posted: 4/8/2009 7:36:59 PM EDT

IMHO, any old flashdrive plus Truecrypt is a better option.
Link Posted: 4/8/2009 9:11:38 PM EDT
Originally Posted By KS_Physicist:

IMHO, any old flashdrive plus Truecrypt is a better option.

+1... I think the idea behind the ironkey is good, but I wouldn't trust one unless I wrote the firmware myself.
Link Posted: 4/8/2009 10:31:19 PM EDT

i agree with the replies above –– a number of generic, inexpensive USB sticks with an encrypted container made using Truecrypt beats having a single expensive proprietary USB stick.  





here is my encrypted directory structure:

- pics of my truck and wifes car.
- scan of vehicle registrations for above.
- scan of vehicle insurance for above.
- pdf repair manual for my truck.

- binaries of applications, e.g. Acrobat, Truecrypt, EchoLink, Firefox Portable, PortaPutty, etc

- prior year tax return
- scan of bank account statement.
- scan of employer paystub.
- scan of employer 401K account.
- scan of Fidelity brokerage account statement.
- scan of one each credit card statements.

- scan of any transaction records proving i'm the lawful owner.
- pics of weapons for insurance purposes.
- name, address, & number of a couple of FFL's.
- PDF versions of teardown/cleaning manuals.

- PDF manuals for my Etrex and Magellan RM800.
- latest application to download new firmware to gps's in case of corruption.

- scan of amateur radio license.
- scan of RACES/ARES cards.
- pics of rigs for insurance purposes.
- field expedient antenna construction articles.
- PDF user manuals for VX170, IC24AT, IC703+, V8000, FT8800, etc
- FRS/GMRS/MURS frequencies.
- various frequency reference guides for local police/fire/govt.

- scan of deed.
- scans of mortgage paperwork.
- scans of any township docs (tax assessment, etc).

- scan of homeowner's insurance policy.
- pictures of items which have non-trivial replacement costs (e.g., wife's engagement ring).
- scans of appraisals for any items which have non-trivial replacement costs.
- scan of life insurance policy
- scan of will

- East coast, state, and county maps in PDF format.
- above, annotated with PDF postnotes regarding "places of interest".

- PDF of FM4-25.11, basic military first aid.
- PDF for proper application of a tourniquet in the field.
- various other first aid reference manuals.

- scan of household address book, includes all family/friends/etc.
- PDF of number directory at work.
- text file with contents of cellphone memory.

- scans of my and my wife's passports.

- family pictures.
- parents / siblings pictures.

- SHTF planning documents
- PDF survival guides, desert/blizzard/shelter building/etc
- 14 part PDF survival document from WHO
> 1 - Cleaning and disinfecting wells.pdf
> 2 - Cleaning and disinfecting boreholes.pdf
> 3 - Cleaning and disinfecting water storage tanks.pdf
> 4 - Rehabilitating small-scale water distributions systems.pdf
> 5 - Emergency treatment of drinking water.pdf
> 6 - Rehabilitating water treatment works.pdf
> 7 - Solid waste management in emergencies.pdf
> 8 - Disposal of dead bodies.pdf
> 9 - Minimum water quantity.pdf
> 10 - Essential hygiene messages.pdf
> 11 - How to measure chlorine residual.pdf
> 12 - Delivering safe water.pdf
> 13 - Emergency sanitation - planning.pdf
> 14 - Emergency sanitation - technical.pdf

- scans (front and back) of everything in my wallet, incl credit cards, DL, social security card, employer ID, healthcare cards, etc. note that it's important to scan the back as there is always useful info there –– for example, generally the "report lost/stolen card" contact number for your credit card company is on the back.


anyway, that's what i have on my 1GB USB key. my Truecrypt file is 400MB big, and i keep a copy of that same file on my home PC, my wife's laptop, my work computer, and obviously on my USB key on my person. once a year i snail-mail a burned CD to my parents out in PA, and tell them to put it in with their important papers.

forgot to say that you should dupe everything for your wife/SO/GF

Originally Posted By Foxxz:
Secure it with

+ 1,048,576.

the HUGE ADVANTAGE with using TrueCrypt over a "hardware encrypted USB drive" is that you can store, copy, transmit, duplicate, etc etc your TrueCrypt vault (= a file) as many times as you want, in as many places as you want, on as many types of media as you want.

in other words, you fell into the water, your USB key is ruined?

no problem, your TrueCrypt vault is also on your PC's hard drive at home, on your PC at work, on another USB flash drive in your BOB, on another USB flash drive in your BOV center console, on a CD at your parents house in a drawer, on a CD in a safe deposit box in a bank, on a networked server fileshare on the other side of the world, etc etc etc.

2 is 1, 1 is none.
having one HW-encrypted store of your stuff is a single point of failure.


ETA, from a prior post

Originally Posted By Forest:
FYI is there any advantage to the thumb drive over a couple of CD's?

the USB drive is easily updatable as new info is found/old info is changed. the USB key is easier to hang around your neck, or stuff in your BOB/pack. but keep reading...

Originally Posted By Forest:
Can you set a password for the thumb drive?

don't encrypt the entire USB key. instead, see my link above for TrueCrypt software (open source, free, very good). use it to make an encrypted container, and that's where your docs will go into.

the main reason you don't want to encrypt the entire key is that in order to decrypt the key on some random computer you found, you would first need to install the decryption software. which you would get from where? so there is a chicken-vs-egg problem.

hence, make a container within the USB key; encrypt that. OUTSIDE THE CONTAINER, place the truecrypt installer application AND use the "Make Traveller" function from within truecrypt. the latter will add all the necessary bits to the USB key to unencrypt the container without having to actully install truecrypt on the PC. and, having the actual installer application is just backup.

don't make the container larger than about 600-650MB. why not? keep reading...

Originally Posted By Forest:
Is it EMP proof?

no one knows. so, in true ARFCOM fashion, "get both". make a CD copy once every 6 months or so, and perhaps keep a second USB key in an RF proof box somewhere with the rest of your electronic SHTF stuff. nevertheless, if there is an EMP strong enough to take out your USB key, it probably means you have huge problems forthcoming!

as noted way way way above, i periodically make a copy of my USB key onto a CD, and send it off to my parents in another state (aka cheap offsite storage). this is why you should not make the encrypted container larger than 600-650MB –– otherwise it will not fit onto a CD.

Link Posted: 4/10/2009 8:14:34 AM EDT
Link Posted: 4/10/2009 8:31:30 AM EDT


Best post ever!

Link Posted: 4/10/2009 8:42:39 AM EDT
[Last Edit: 4/10/2009 8:48:12 AM EDT by Templar223]
Originally Posted By KS_Physicist:

IMHO, any old flashdrive plus Truecrypt is a better option.

Ironkey is expensive + a one-shot deal.  A True Crypt file handles like any other file and can be readily copied/duplicated onto multiple platforms.

I just updated my True Crypt "Secure" directory yesterday and copied it, along with the program and about a half-gig of "prep" books, guides and other reference material onto four drives.  It's also on all of my laptops and other places, completely secure.

See Listening to Katrina by Shane Steinkamp for more info on what to include on your personal data "life" preserver.


Update, you say?

Yes.  Update the "Password" document that lists all passwords.  Photos of new guns & stuff.  Scans of receipts of larger stuff purchased since I originally did this last year about this time.  Scans of new mortgage and HELOC (I refi'd both in the last couple months).  Scan of home appraisal, deeds, etc. as they are new.  New training certificates, etc.
Link Posted: 4/10/2009 11:42:01 AM EDT
[Last Edit: 4/10/2009 11:46:19 AM EDT by pyro6988]
I have 4 of them.

I have been using one now for over 2 years.  I absolutely love them.  

One of the weak points of other flash drive is actually removing the memory chip to get to the data.  Iron key pen drive is a stainless steel and everything is epoxied in place.  This had two benefits. First it makes the drive more durable.  Also, the chip will be destroyed if anyone tries to get to it.  

Other encryption programs don't protect against a brute force attack.  Having software try all the different password combinations.  The iron key will destructive after 10 consecutive wrong password attempts.

The iron key drive also comes with a couple of cool programs.  There is a password manager which remembers your user name and passwords for websites.  You just got the login screen and the window pops asking if you want to enter your user name and password.  You click ok and it fills everything in.  Takes about 1 second. Since you don't have to remember your passwords you can make extremely complex mixed case, special character, alpha numeric, etc.  There is also a handy password random password generator.  You specify how many characters and if you want to use special characters.

If your tinfoil hat is really tight, there is a button which bounces your web traffic through different servers around the world so websites can't see where you are posting from.

Yes, they are expensive but well worth it in my opinion.


Link Posted: 4/10/2009 2:54:25 PM EDT
[Last Edit: 4/10/2009 2:57:04 PM EDT by ar-jedi]
Originally Posted By pyro6988:
Other encryption programs don't protect against a brute force attack.  


the keyspace using even AES-128 is so large that this is a non-issue.  
nevertheless, truecrypt uses AES-256 as the default encryption cipher.

The design and strength of all key lengths of the AES algorithm (i.e., 128, 192 and 256) are sufficient to protect classified information up to the SECRET level. TOP SECRET information will require use of either the 192 or 256 key lengths.


The Advanced Encryption Standard (AES) specifies a FIPS-approved cryptographic algorithm (Rijndael, designed by Joan Daemen and Vincent Rijmen, published in 1998) that may be used by US federal departments and agencies to cryptographically protect sensitive information [3]. TrueCrypt uses AES with 14 rounds and a 256-bit key (i.e., AES-256, published in 2001) operating in XTS mode (see the section Modes of Operation).

In June 2003, after the NSA (US National Security Agency) conducted a review and analysis of AES, the U.S. CNSS (Committee on National Security Systems) announced in [1] that the design and strength of AES-256 (and AES-192) are sufficient to protect classified information up to the Top Secret level. This is applicable to all U.S. Government Departments or Agencies that are considering the acquisition or use of products incorporating the Advanced Encryption Standard (AES) to satisfy Information Assurance requirements associated with the protection of national security systems and/or national security information [1].

btw, the ironkey uses AES-128...

Hardware Encryption

Data: AES Cipher-Block Chained mode
Encryption Keys: 128 Hardware DRNG


besides, truecrypt permits a novel "hidden volume" feature which allows you to open the outer volume under duress without exposing the contents of the hidden volume, or even revealing that it exists.


Link Posted: 4/10/2009 3:16:16 PM EDT

I have and continue to use True Crypt.  

Both have their uses.  

I feel that Iron key is much more useful, and simpler.

I would also like to add it is quite possible to use an Ironkey Drive with True crypt.
Link Posted: 4/10/2009 4:32:59 PM EDT
Originally Posted By pyro6988:
I would also like to add it is quite possible to use an Ironkey Drive with True crypt.

if the plans for the Death Star had been protected using both an Ironkey and Truecrypt, the Galactic Empire would probably still be around as the Rebel Alliance would have not been able to find the 2m wide thermal exhaust port...  but i digress.


Link Posted: 4/10/2009 4:43:42 PM EDT
[Last Edit: 4/10/2009 4:45:37 PM EDT by ready-aim-fire]
Originally Posted By ar-jedi:
Originally Posted By pyro6988:
I would also like to add it is quite possible to use an Ironkey Drive with True crypt.

if the plans for the Death Star had been protected using both an Ironkey and Truecrypt, the Galactic Empire would probably still be around as the Rebel Alliance would have not been able to find the 2m wide thermal exhaust port...  but i digress.


The force is strong with you, ar-jedi!

Good post and info - now I just need to scan all those documents . . .
Link Posted: 4/10/2009 4:50:46 PM EDT
taggin from phone to try an understand later with a bigger screen

Posted Via AR15.Com Mobile
Link Posted: 4/10/2009 7:22:02 PM EDT
Yeah, thanks all for the input. I have been putting off doing this project, and now am re-energized to get moving on my secured data storage.

Link Posted: 4/10/2009 7:46:51 PM EDT
Originally Posted By ready-aim-fire:

Good post and info - now I just need to scan all those documents . . .


Truecrypt really threw me for a loop when I started reading about the hidden volume feature...'just in case you are being tortured, this can be used to preserve your information'.
Top Top