27 March 2010
Comments: 0
Author: R. Scott Clark
27 March 2010, Comments: 0

The Padlock does a fine job of securing sensitive data for individuals and small businesses alike when extras such as remote management and automated destruction aren’t necessary. 

R. Scott Clark

Initial Thoughts

The Padlock 2 takes a big leap forward from its boxy predecessor, combining the funky PIN keypad with the, err… funky styling and durability of the Flash Voyager line of USB flash drives. The rubber housing is largely unchanged from the original Flash Voyagers – it’s flexible, water and scratch resistant, bouncy, and especially attracted to lints and oils.

The only two exterior changes from the Flash Voyager worth noting are the obvious inclusion of buttons for unlocking the drive, and the substitution of rubber LED indicators for ones made of hard plastic. These indicators are somewhat recessed so they should still be protected from scratches when dropped onto most surfaces, but they’d probably be the first to go if I were to repeat the SUV crush test. Interestingly enough, the keypad buttons are actually formed from the same rubber mold as the drive body, so you presumably needn’t worry about liquid seeping in through the cracks there. I’ll further examine the drive’s water resistance later on in this review.

As is typical with Corsair flash drives, the Padlock secure flash drive ships with a small complement of extras, including an 18″ USB extension cable and a high quality lanyard emblazoned with the Corsair logo. A quickstart guide is also included that goes over simple basics of setting a password and unlocking the drive, though I encourage readers to take a look at the complete PDF manual hosted on Corsair’s website since it goes over advanced features such as disabling the PIN lock or how to set a master unlock code.

Security

The Flash Padlock 2 secure flash drive’s most notable improvement over the Padlock 1 is its use of 256-bit AES hardware encryption. You see, in early 2008 it was revealed that Corsair’s original padlock was susceptible to unauthorized access by anyone who had physical access to the drive and a soldering iron. By connecting a resistor from the battery to one of the contact points on the main circuit board, the drive would instantly present itself as unlocked.

Sure, the original Padlock’s security might have passed as a deterrent to anyone unskilled in electronics in the same way that the cylinder lock on your front door is a deterrent to anyone unfamiliar with lockpicking and bump keys, but this lax security is simply not up to par if you’re protecting anything more than a high school diary. If you need to secure company data, finances, or other sensitive personal information, the bottom line is that you must use strong encryption.

As is now common with secure drives, Corsair utilizes hardware-based encryption to boost transfer speeds and reduce the burden on the CPU. Where Corsair differs from the competition is the use of a hardware unlocking mechanism instead of a software utility that runs on the host computer. This immediately solves the issue of the drive being incompatible with Mac, Linux, or any embedded operating systems, while simultaneously allowing the drive to be used in corporate environments that have strict policies regarding use of software on the network. As an added benefit, the drive is now impervious to malicious keylogging attacks.

The Padlock’s security isn’t without flaws, however, as it features no automated self-destruct sequence after multiple incorrect PIN attempts and lacks FIPS 140-2 validation for government and enterprise use. The ability to remotely disable the secure flash drive is also lacking, though this would likely be incompatible with the cross-platform design if it were implemented. That being said, the Padlock 2 is still protected against brute force attacks thanks to a two-minute cool-down period after five invalid attempts, plus the PIN codes are variable from four to ten digits in length. In other words, the infamous 3,129 keypress hack for Ford vehicles with 5-digit combination locks isn’t going to work here.

Using the Flash Padlock 2 is relatively simple, provided you take five minutes to read through the full documentation online and understand what each of the LED states means and page through how to navigate from function to function. You won’t need to worry about remembering to lock the drive either, since that’s taken care of the moment you unplug it from the USB port.

System administrators and parents that feel the need to set a master PIN in case the primary user forgets their PIN can do so. By using the master PIN, the primary PIN is reset with all the stored data left intact on the drive. But if you happen to forget the primary PIN and didn’t set a master PIN, of if the master PIN was also forgotten, all is lost! The Padlock 2 secure flash drive would need to be reset via a special 9-1-1 code that clears the encryption keys, rendering all data unrecoverable and the drive left in an unformatted state.

Also, in case you were wondering what happens if the internal battery is fully discharged, the answer is the drive is still operable; you just have to plug the Padlock into a computer first before it can be unlocked. Leaving the flash drive plugged in for an hour should fully recharge the battery.

Performance

The overhead required to utilize 256-bit encryption can take its toll on transfer speeds for any storage device. While transfers can be sped up by using hardware encryption instead of a software-based solution such as TrueCrypt, ultimately the speed is dependent on the speed of the crypto chip, the implementation of the flash memory controller, and the speed of the flash memory itself. This is why we’re able to see some drives with hardware encryption reach read and write speeds of 24MB/s and 10MB/s respectively, whereas others have trouble reaching even a paltry 5MB/s for large writes. In the case of the Padlock 2 there isn’t any marketing data for expected transfer speeds, so naturally we’re left to assume it’s somewhere on the low to middle end of the spectrum.

Testing for the Flash Padlock 2 was performed on a home-built system with an Intel Core 2 Duo E8400 running at 3.8GHz with 4GB of DDR3 memory clocked at 1410MHz. The secure flash drive was directly connected to the P45 motherboard and its ICH10R controller, with nothing else connected other than a keyboard and mouse in order to limit the number of USB interrupt requests.

The first test I threw at the Flash Padlock 2 is the SiSoftware Sandra 2010′s removable storage benchmark, ran three times to ensure consistency in the numbers. As you can see above, the drive was able to hit read speeds up to 17MB/s for files 2MB or greater in size, a bit below the average for flash drives without encryption but certainly not what I’d consider to be slow, either.

Write speeds were able to reach a fair 8.53MB/s, not too far from the 10MB/s rated speed of Kingston’s Data Traveler Vault – Privacy edition which also offers 256-bit AES hardware encryption, but a distant mark off from IronKey’s rated 17MB/s write speeds. Still, this isn’t too shabby when you consider that the Kingston and IronKey 8GB offerings cost a fair $50 to $100 more than what the Padlock is selling for depending on where you shop.

What hurts the Padlock the most in this benchmark are write speeds for smaller files, coughing up only 2.7MB/s for the 2MB files test – nearly three times slower than a standard drive. For simple office documents this won’t pose an issue, but expect to wait a few extra minutes if you’re copying a large folder’s worth of PowerPoint presentations or MP3s.

For my real-world test I did just that, using Microsoft Robocopy to move 7.1GB worth of defragmented MP3 files from my internal 7,200 RPM hard drive to the secure flash drive and back. This collection was mostly comprised of files around 6MB in size, but it also contained a decent number of trance mixes around 20MB and plenty of JPEG and system files less than 15KB in size. In other words, a hodgepodge of file sizes that should give a fair indication of the drive’s combined EPA mileage transfer speed.

Surprisingly the write speed was a healthy 6.5MB/s, not too distant from the drive’s maximum write speed and much better than I was expecting after seeing the low 2.7MB/s in Sandra’s 2MB synthetic benchmark. Even so, it took almost 20 minutes to fill the drive to 93% capacity, so while you probably won’t be stuck waiting for individual file transfers to the drive, expect to take a coffee break or three if you’re looking move a large amount of data. Again taking into account that the Flash Padlock 2 is roughly 1/3rd of the faster competition’s prices, I think I could stand to wait a few minutes extra.

Durability Testing

When I reviewed Corsair’s first Flash Voyager GT drive back in 2007, I put the drive through a series of absurd tests in order to demonstrate just how much abuse the rubber-mounted drive could take. While I did find that the Flash Voyager was more than resistant to being laundered and subjected to kinetic shock from great heights, unfortunately the drive was not long for this world, its life prematurely ended after having been run over four times by a 3,500-pound Honda SUV. Could the Padlock 2 secure flash drive then be as durable as the traditional Flash Voyager series, knowing full well that the loss of a single key button could permanently render my encrypted storage unrecoverable? Let’s find out.

For the first round of durability testing I decided to once again start with the only mishap that you’re likely to encounter, the classic laundry day disaster. Placing the drive in a bluejeans pocket with the USB cap on, I treated it to a “regular cold/cold” cycle in the wash followed by a round through the drier on “automatic regular / more dry” settings.

Not surprisingly the drive appeared unscathed from its cleansing journey, albeit with a light oily residue covering the metal USB connector. All three LED lights were functional and I could enter my PIN using all 6 buttons without issue. Curiously enough the drive seemed to have built up a small amount of moisture inside the housing with tiny droplets of water visible behind the activity LED. The rubber seals around the buttons were still intact, so where exactly did the water come from?

Being naive I chalked this up to a minor setback since the drive could still be unlocked using the simple PIN 1-3-5-7-9 and accessed by my computer without issue, but over the course of an hour that began to change as the “key” button became unreliable. Though I could still hear an audible click, the button required extra pressure and patience before it would register. By the next morning the water droplets had disappeared completely, but unfortunately the key button was now completely dead and no amount of pressure or verbal abuse would unlock the drive even though the red LED would still light if the drive was plugged into a computer.

Gah! It’s only been one durability test and yet I’ve already managed to kill the Flash Padlock 2! Could my precious files be saved?! Considering the possibility that there there might have been a small bit of moisture left behind underneath the key button, I decided to take the drive through a second spin in the drier in my pants pocket for another 25 minutes on regular heat, this time without the USB cap on. In hindsight I probably should have remembered the preachings of the Consumer Product Safety Commission and not subjected the drive’s internal battery to excessive temperatures, but alas it’s too late for common sense now. In any case after the second drier cycle was completed, my drive was still intact but inaccessible.

As a last ditch attempt to rescue the data locked within the Padlock 2 secure flash drive’s rubber cell walls, I decided it was time to operate with my trusty pocket knife. I discovered that underneath the rubber shell is a second enclosure made of hard plastic, and while that much wasn’t a surprise, the lack of extra watertight protection around the drive’s LED lights was, as were the open vents around the keypad buttons. Well then, that explains the moisture I’d encountered, but what about the buttons?!

Still anxious to get to the drive’s core and rescue my data, I cracked open the second casing and fiddled again with the buttons to quickly discover the cause of the problem. For some odd reason the key button would only activate if pressed anywhere but the direct center, not coincidentally where the plastic overbutton was designed to make contact. Hurray! I could now unlock the drive and access my data, all of it intact! Since I’ve already compromised the drive’s casing, this would conclude my durability testing. Lesson learned: the Padlock 2 secure flash drive is probably better suited for sudden impact over water resistance, so next time I’ll perform that bit of testing first!

On one last note, to my great satisfaction I saw that all of the Padlock 2′s components were covered with an epoxy resin of some kind, discouraging me from tinkering with the individual components like what happened when the Padlock 1′s naked two-PCB design was hacked. Hurray for hardened security!

Recap

While the original Flash Padlock was an abject failure, Corsair’s latest attempt at providing a secure flash drive resulted in a much more solid offering. Hardened against prying prying eyes, tampering, kinetic shock and general tomfoolery, the Padlock 2 covers all the essentials of of data security. Better still, the keypad design is built from the ground up to be cross-platform with no unlocking software required and will even work with embedded platforms. Reasonably priced at $60 with moderate transfer speeds considering the 256-bit AES encryption overhead, Corsair’s Flash Padlock 2 secure flash drive is hands-down your best option for transporting sensitive data that’s not government classified.

  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •