Lexar JumpDrive Password Scheme Cracked
There is a method of accessing the private zone on the JumpDrive Secure device without knowing the password beforehand. The password can be observed in memory or read directly from the device, without evidence of tampering.
Source: atstakeThe password is located on the JumpDrive device. It can be read directly from the device without any authentication. It is stored in an XOR encrypted form and can be read directly from the device
without any authentication. It is also possible to attach a debugger to the Safe Guard software and read the password from memory. The Safe Guard software takes care of the decryption and the password can be seen in plain text within memory when the software does a compare between the stored password and the supplied password.
0