Talk:IronKey

Cleanup
Looking for someone to validate this article and let me know if there's anything needing cleaning up before I move it into the live namespace. Thanks! — EndarethTalk–Edits 01:51, 4 August 2009 (UTC)
 * You should use the Articles for Creation process, if you want to have the article looked over. ∙  AJCham  ᵀᴬᴸᴷ  02:08, 4 August 2009 (UTC)
 * From looking at Articles for Creation, it seems my best option is to move the page live, then list it on Articles for creation/recent, correct? — EndarethTalk–Edits 02:24, 4 August 2009 (UTC)
 * Sorry I was mistaken - AfC is only for unregistered users. Having had a look over the article, my main concern would be that it comes across as an advertisement, rather than an encyclopaedic article.  Also a number of the references are primary sources.  The article is at risk of being proposed for deletion, or even speedily deleted if it is launched before these issues are resolved.
 * I should ask, are you in any way personally affiliated with IronKey or with David Jevans? If so you should also read the guidelines at WP:COI before proceeding. ∙  AJCham   ᵀᴬᴸᴷ  02:48, 4 August 2009 (UTC)
 * That was my primary concern--whether it came across as advertising. I'm not personally affiliated with IronKey, just a long term user of their hardware (and voice on their forums), and thought they were worth an article on here. I'm happy to remove most of the primary sources if that would be better. I've also tried to contact them to get referencing documentation/articles for some of their certification claims, but no luck so far, so I'll probably trim those a bit. — EndarethTalk–Edits 02:54, 4 August 2009 (UTC)
 * You could also try WP:EA to get the opinions of other editors; that's where I ought to have directed you before, rather than AfC. ∙  AJCham  ᵀᴬᴸᴷ  02:59, 4 August 2009 (UTC)
 * Thanks, putting in a request there now. — EndarethTalk–Edits 05:46, 4 August 2009 (UTC)
 * It looks a lot better now, probably could do with a few tweaks to the prose, you could ask for help at the Guild of copy-editors.

Competing products
I've removed most of the bulletpoints listed below, as they are little more than an ad for IronKey/an attempt at slagging off the (open source!) competition, were in the wrong place, and duplicate a bunch of text already present in the article. Comments below each one:


 * Most flash drive are far less robust, making them vulnerable to physical damage.
 * This is misleading (e.g. Sandisk Cruzer offer a "Titanium" product, as do a number of other manufacturers) - and more users don't need this; most decent USB drives are reasonably rugged anyway.
 * I've run over flash drives in a car, and while some over the higher end brand names (including Sandisk) are tough, most of the cheaper ones (which this was intended to be about) are still pretty weak.
 * Well, if you're going to drive over them?!!! (IIRC, this was actually one of the key points for Sandisk Cruzer. Bit extreme and exactly realistic, but it does show them as rugged, I guess...)
 * Destruct testing is important for high end devices such as the IronKey or Sandisk Cruzer.


 * Nearly all other drives are vulnerable to RAM freezing attacks or physical dismantling.
 * RAM freezing attacks for software systems can be eliminated by using very basic security precautions. Physical dismantling is completely irrelevant as all data stored on a software-based is encrypted! It may well be relevant to IronKey and other hardware solutions, but not software ones.
 * Good point, it really is more hardware that is at risk of dismantling.


 * There is no ability to store additional certificates securely in an authentication module on the drive.
 * Not relevant/not true. Security tokens (e.g. Aladdin eToken) can be used for this, and certificates can always be encrypted on a standard USB drive. Further, there are USB drives which combine the functionality of these two. This comment just makes the section look like a ad for IronKey
 * I'm trying to refute the claim by 70.226.192.15 that a cheapo flash drive with a free disk encryption software installed on it is the same as an IK. I agree with you that there are other devices around (such as the eToken) quite able to do these things.


 * There is no central management option.
 * That depends on the software
 * Perhaps, I must admit I'm only aware of a couple of examples of good free full disk encryption software. It's possible there is something which includes a web based server component that lets you control and deploy features and detonate devices.


 * One of the key features of the IronKey is its self destruct, this would be completely missing.
 * The article actually states that this is limited to dismantling the drive - which as mentioned above is only relevant wrt hardware USB drives.

Nuwewsco (talk) 23:35, 21 January 2010 (UTC)
 * These points were really added in simply as a response to edit by 70.226.192.15 claiming free software encryption as comparable. This wasn't intended to slag off open source in any way, purely to point out that adding something like TrueCrypt on top of a cheap flash drive doesn't result in a device comparable to an IronKey. In fact I actually use TrueCrypt on top of an IronKey to further increase security. What TC does, it does incredibly well, and debatably better than IK, however IK does many things beyond the purview of TC. In retrospect I should probably have put this info here myself for discussion purposes and just reverted the edit. I have no problem leaving these notes off the page (I agree they tend to come across as advertising), I'd prefer to basically revert the bulk back to just after my initial edit to 70.226.192.15's edit.— EndarethTalk–Edits 00:04, 22 January 2010 (UTC)
 * Software like FreeOTFE and TrueCrypt are compariable. I don't think anyone's claiming they're identical to IronKey, but the fact is that for the overwhelming majority of practical applications... Certainly anyone considering buying a IronKey would be well advised to look at both hardware and software alternatives - the dramatic price increase represented the IronKey, compared with the (relativly few) advantages of a hardware solution is something a lot of users would find very significant when determining whether or not it's worth it. Nuwewsco (talk) 09:05, 22 January 2010 (UTC)
 * The hardware and various extra features are what makes the IronKey different to a purely software solution. For most casual users, I agree, a simple software solution is all they need, though not really the point. If you're after a higher end solution (as companies/governments/etc are more likely to) with all that entails, there are less options. Even the Basic model is still slightly superior to a software solution (though still comparable). The Personal and Enterprise (and now IronClad) have sufficiently more features that push it past being realistically comparable to a simple software drive encryption on basic flash drive solution. The initial claim that simply installing free disk encryption software on a cheap flash drive gives you something equivalent to an IronKey is simply not true. It's a cheap option for someone who doesn't want/need the extra security and features of an IronKey. It's like claiming that adding a car engine to your bicycle gives you something comparable to a Harley (alright, not a great analogy). This isn't trying to be marketing information for IK, simply removing an incorrect claim. — EndarethTalk–Edits 03:54, 23 January 2010 (UTC)

Comparison to software full disk encryption
As there seems to be some debate on this issue, I wanted to try and get consensus on what should or shouldn't be in this article in regard to software full disk encryption on a standard drive. To start with, it can obviously be argued that use of free/cheap full disk encryption software on any flash drive results in an encrypted flash drive, which, at its core, is functionally equivalent to an IronKey Basic model (or the equivalent basic model of most other commercial encrypted flash drives). I'm not going to get into comparison between hardware and software based encryption, as we're talking functionality here. The key point here is that it is only the Basic version of the IronKey which is being compared to in this case. In the same way that there are brief comments next to the other similar products (SanDisk Cruzer, Kingston DataTraveler, etc), mentioning ways in which they differ, I believe that it's worthwhile mentioning (in brief) the differences between a software-on-any-drive solution and an IronKey drive also. Adding extra software to such a drive can bring it closer in functionality to the standard (Personal) IronKey, but the same can also be said for any of the other similar products, and doesn't really merit inclusion. (There's probably also scope for a full article comparing hardware based encrypted flash drives, similar to the Comparison of disk encryption software article, but that's going off topic.) I suspect I'm having difficulty quite getting my point across, but I'm happy to discuss this further here to try and get the article as factually accurate as possible. Thanks! — EndarethTalk–Edits 02:27, 27 January 2010 (UTC)

Other product's FIPS 140-2 Level 3 validation
I see the change I made on December 26th last year, that IronKey S200 is not the only USB drive certified for FIPS 140-2 Level 3, has been reverted. Looking at the article's history, its seems that the rollback has something to do with some Kingston USB drive. But the reason for that revision was because Lexar JumpDrive SAFE S3000 had also passed FIPS 140-2 Level 3 validation according to the following page, ironically the same reference used to support the fact that IronKey S200 and D200 are the only ones certified : (It is strange though that the name for the apparently same product found at Lexar's website is Lexar JumpDrive® SAFE S3000 FIPS and not the one without "FIPS", which on the other hand is not FIPS 140-2 validated.) Lexar even advertise the product as the world first (Smart-Card based) FIPS 140-2 Level 3 validated flash drive, which might or might not be true considering the validation date. In any case, I think this product was somehow overlooked and ask for other's conformation on that. —Preceding unsigned comment added by 122.36.15.41 (talk) 03:07, 24 February 2010 (UTC)

Hardware
It seems to me that this (... NSA wear level erase of the flash....) begs for a hyperlink or a footnote defining the term. I attempted to find a definition, but I was not successful. DessertRat (talk) 22:43, 19 May 2010 (UTC)