Corsair PadLock 2 - flash drive with the ability to instantly destroy data
Greetings to all Habrovchan! My name is Victor Mrich. I am one of the developers of the PC-3000 Flash software-hardware complex, which is designed to recover data from drives running on NAND memory. Today I would like to share with all my impressions about working with usb drive Corsair PadLock 2.
Corsair PadLock 2 - the second drive in a series of flash drives with a combination lock. To access data, you must enter a specific number combination using the keys on the drive body. The first in this series was the Corsair Padlock. The first pancake is always about the first version of PadLock. The drive was hacked in no time at all. Developers and designers would not be so offended if top-class professionals had a hand in this hacking, and it would take a lot of specific knowledge to crack. But everything turned out to be much simpler. First, under the plastic case of the drive there were two boards, one of which was a regular USB flash drive and a bundle: interface - controller - memory chips , the other - a battery and a board with elements responsible for processing the entered pin code. The hacking of this “super-protected” flash drive looked like this:
')
Just one resistor - and you have full access to all data without a password. Mistakes are made without exception. The developers recognized serious design flaws and promised to fix everything the next time ... And after some time, the release of the Corsair PadLock 2 flash drive was announced.
Corsair PadLock 2 is available in three capacities: 8, 16, 32 GB. Outwardly, they are no different.
USB2.0 connection interface
On the front side there are 3 indicators and 6 buttons. Rubberized body, rubber pleasant to the touch. Feelings are comparable to touches with Soft-touch plastic. The drive uses AES 256 encryption.
We got a storage device with a capacity of 8 GB. This drive was purchased in 2013, its cost was 990 rubles (123.75 rubles for 1 GB). Now these PadLock 2 are almost not sold. They can be found only in small stores and purchased without accounting documents.
The program Crystal Disk Mark (version 3.0.3), we obtained the following results. Drive tested in USB 2.0 port
With such figures in our time you will not surprise anyone, but most likely you will upset or laugh. But the manufacturer does not promise us super-speeds. The peculiarity of this flash drive in another ...
The delivery package contains very poor documentation that tells how to install a user pin code and how to use this USB flash drive, how to unlock it before connecting to a computer.
For normal use of the data in this mini-manual is enough, full instructions are available on the Corsair website.
Two types of passwords can be set on the device: User pin and Master Pin. These passwords can be set using special buttons located on the drive body. Buttons only 6: five with numbers and one - managing. Each of the five buttons shows two numbers. The first unpleasant feature is that the controller doesn’t handle double pressing, or pressing with a delay on the buttons. If it is simpler to say, the numbers are not 10, but only 5. Password 1205 will be equivalent, for example, 1314. A trifle, but not pleasant.
User pin protects user data, the master pin serves to reset the User pin in cases where this User pin is unknown. The password may consist of 4-10 digits. We have thoroughly tested all the declared modes of operation of the drive, and during this work we had the first difficulties.
Documented unlock method using Master pin does not work.
We tried several times and this sequence does not work. It just doesn't work. The data is not lost, but we could only verify this after entering the user pin. In real life, with such an error, you can either say goodbye to the data, or do combinatorics and select the necessary User pin. The developers took care of possible attempts to hack the drive by selecting passwords.
The blocking sequence described in the instruction works. In the “normal use” mode, data access is indeed blocked for a specified time, and after 20 unsuccessful attempts, the data is changed.
This information could upset many, but there is such an item in this documentation:
It gives hope to engineers and people just interested in hacking this flash drive. A little later we will tell whether hope is in vain or not.
There is one function that personally pleased me. Namely:
If you have a memory leaky, and you do not store important information on a flash drive, it will be useful to you. It will also be useful for people who do not want to be able to spoil the data quickly and without the help of a computer. We checked: the data does change beyond recognition in a split second.
Most likely, after the entered combination, we receive the encrypted data in its pure form or the data passed through another encryption key.
After conducting all sorts of actions with this drive, we traditionally dismantled it.
Under the rubber case was hidden plastic. It is worth noting that it was attached very badly, and it was easy to get it. On the gray tracks of glue residue around the USB connector, you can understand that you have regretted the glue, and there is a risk of losing the “stuffing” after a while.
The plastic case is also made of a very thin material, which easily yielded to the opening.
This time the developers decided to use one board. In addition, immediately striking battery, which rests on a double-sided adhesive tape.
Separating it, on the board we see three distinct elements:
A memory chip, a microcontroller that processes button presses and a flash controller.
The entire board is covered by the compound. But for us, and this is not a problem, when heated to 200-250 degrees, it turns into a loose substance, and it can be cleaned off the main elements.
So, the drive is installed:
The next logical step we have taken is to dismantle our own power source from the flash drive.
The drive operates in the "battery sat" mode. We have entered user pin and got access to the data without any problems. Also tried the hacking mode for strength. It is clear that when the battery was disconnected and the USB stick was disconnected from the computer, the failed attempt counter was reset, and it was possible to use the USB stick again in normal mode.
The second version of PadLock from Corsair turned out better than its predecessor. At the very least, there was no widespread access to information that it was hacked. The developers of the drive took into account the mistakes of the past and did a very good thing. Yes, not everything works perfectly, but progress is evident.
Personally, for myself, I chose this flash drive for the reason that it is possible to erase data at any time without connecting to a computer.
We are waiting for information about the release of new flash drives with combination locks from Corsair and other manufacturers. The developers of the company "ASE" will continue to study drives with encryption. By the way, our hardware and software works with encrypted hard drives.
That's all. And remember, Lost forever still can be found ...
Bug work
Corsair PadLock 2 - the second drive in a series of flash drives with a combination lock. To access data, you must enter a specific number combination using the keys on the drive body. The first in this series was the Corsair Padlock. The first pancake is always about the first version of PadLock. The drive was hacked in no time at all. Developers and designers would not be so offended if top-class professionals had a hand in this hacking, and it would take a lot of specific knowledge to crack. But everything turned out to be much simpler. First, under the plastic case of the drive there were two boards, one of which was a regular USB flash drive and a bundle: interface - controller - memory chips , the other - a battery and a board with elements responsible for processing the entered pin code. The hacking of this “super-protected” flash drive looked like this:
')
Just one resistor - and you have full access to all data without a password. Mistakes are made without exception. The developers recognized serious design flaws and promised to fix everything the next time ... And after some time, the release of the Corsair PadLock 2 flash drive was announced.
general information
Corsair PadLock 2 is available in three capacities: 8, 16, 32 GB. Outwardly, they are no different.
USB2.0 connection interface
On the front side there are 3 indicators and 6 buttons. Rubberized body, rubber pleasant to the touch. Feelings are comparable to touches with Soft-touch plastic. The drive uses AES 256 encryption.
We got a storage device with a capacity of 8 GB. This drive was purchased in 2013, its cost was 990 rubles (123.75 rubles for 1 GB). Now these PadLock 2 are almost not sold. They can be found only in small stores and purchased without accounting documents.
Work speed
The program Crystal Disk Mark (version 3.0.3), we obtained the following results. Drive tested in USB 2.0 port
With such figures in our time you will not surprise anyone, but most likely you will upset or laugh. But the manufacturer does not promise us super-speeds. The peculiarity of this flash drive in another ...
Enter your pin code
The delivery package contains very poor documentation that tells how to install a user pin code and how to use this USB flash drive, how to unlock it before connecting to a computer.
For normal use of the data in this mini-manual is enough, full instructions are available on the Corsair website.
Two types of passwords can be set on the device: User pin and Master Pin. These passwords can be set using special buttons located on the drive body. Buttons only 6: five with numbers and one - managing. Each of the five buttons shows two numbers. The first unpleasant feature is that the controller doesn’t handle double pressing, or pressing with a delay on the buttons. If it is simpler to say, the numbers are not 10, but only 5. Password 1205 will be equivalent, for example, 1314. A trifle, but not pleasant.
User pin protects user data, the master pin serves to reset the User pin in cases where this User pin is unknown. The password may consist of 4-10 digits. We have thoroughly tested all the declared modes of operation of the drive, and during this work we had the first difficulties.
Documented unlock method using Master pin does not work.
We tried several times and this sequence does not work. It just doesn't work. The data is not lost, but we could only verify this after entering the user pin. In real life, with such an error, you can either say goodbye to the data, or do combinatorics and select the necessary User pin. The developers took care of possible attempts to hack the drive by selecting passwords.
The blocking sequence described in the instruction works. In the “normal use” mode, data access is indeed blocked for a specified time, and after 20 unsuccessful attempts, the data is changed.
This information could upset many, but there is such an item in this documentation:
It gives hope to engineers and people just interested in hacking this flash drive. A little later we will tell whether hope is in vain or not.
There is one function that personally pleased me. Namely:
If you have a memory leaky, and you do not store important information on a flash drive, it will be useful to you. It will also be useful for people who do not want to be able to spoil the data quickly and without the help of a computer. We checked: the data does change beyond recognition in a split second.
It was
It became
Most likely, after the entered combination, we receive the encrypted data in its pure form or the data passed through another encryption key.
Of what, what is it made of
After conducting all sorts of actions with this drive, we traditionally dismantled it.
Under the rubber case was hidden plastic. It is worth noting that it was attached very badly, and it was easy to get it. On the gray tracks of glue residue around the USB connector, you can understand that you have regretted the glue, and there is a risk of losing the “stuffing” after a while.
The plastic case is also made of a very thin material, which easily yielded to the opening.
This time the developers decided to use one board. In addition, immediately striking battery, which rests on a double-sided adhesive tape.
Separating it, on the board we see three distinct elements:
A memory chip, a microcontroller that processes button presses and a flash controller.
The entire board is covered by the compound. But for us, and this is not a problem, when heated to 200-250 degrees, it turns into a loose substance, and it can be cleaned off the main elements.
So, the drive is installed:
- Flash controller: INITIO INIC 1861L
- Controller processing buttons: PIC16F688
- Memory IC : Micron 29F64G08CBAAA
The next logical step we have taken is to dismantle our own power source from the flash drive.
The drive operates in the "battery sat" mode. We have entered user pin and got access to the data without any problems. Also tried the hacking mode for strength. It is clear that when the battery was disconnected and the USB stick was disconnected from the computer, the failed attempt counter was reset, and it was possible to use the USB stick again in normal mode.
Results
The second version of PadLock from Corsair turned out better than its predecessor. At the very least, there was no widespread access to information that it was hacked. The developers of the drive took into account the mistakes of the past and did a very good thing. Yes, not everything works perfectly, but progress is evident.
Personally, for myself, I chose this flash drive for the reason that it is possible to erase data at any time without connecting to a computer.
We are waiting for information about the release of new flash drives with combination locks from Corsair and other manufacturers. The developers of the company "ASE" will continue to study drives with encryption. By the way, our hardware and software works with encrypted hard drives.
That's all. And remember, Lost forever still can be found ...
Source: https://habr.com/ru/post/256287/
All Articles