IronKey

From The Black OP Security Wiki

  Main Page >> Tutorial Directory >> IronKey

THIS PAGE IS NOT ABOUT MAKING YOUR OWN IRONKEY BUT RATHER DESCRIPTING THE COMMERCIAL ONE IronKey is a secure, portable flash drive that can be used to keep all your files encrypted. It has several hardware based security features which make it much more secure than a regular flash-drive with truecrypt installed. Read more about these security techniques on the ironkey website or the Wikipedia Page

Contents 1 Where should I buy the IronKey 1.1 What type should I buy 2 Controversies 2.1 onboard firefox v latest version 2.2 Tor v. Secure Sessions. 2.3 TorButton v. FoxyProxy 3 Configuring Your IronKey 3.1 TrueCrypt 3.2 ToR 3.3 Web Browsing 3.3.1 Installing FF Portable & securely configuring it 3.3.2 Security Plug-ins 3.3.3 Installing TorButton 3.4 GPG 3.5 Instant Messaging 3.5.1 Installing PidginPortable 3.5.2 OTR Encryption Plug-in 3.5.3 Running IMs through SSL & ToR 3.5.3.1 ToR 3.5.3.2 SSL

Where should I buy the IronKey

The IronKey is available for purchase from the ironkey website but it is advisable to purchase it via more anonymous methods such as a friends eBay account.

What type should I buy

There are three types of IronKey.

IronKey Basic ; ; This is the bare-bone version of IronKey. It has none of the extra applications or secure sessions.

IronKey Personal; This is simply the IronKey Basic with added features such as password manager and secure-sessions. However, both the personal and basic versions are identical in price so I suggest this is the one you purchase.

IronKey Business; This is for businesses only and require a bulk purchase. This is not the version we want.

In summary; IronKey Basic is the one we need, but IronKey Personal is the same price so you'd be as well getting that.

Controversies

onboard firefox v latest version

IronKey uses an old version of firefox for their onboard version. It is best to download the latest version of firefox from the link provided below. This ensures that your ff is protected against old exploits or hacks.

Tor v. Secure Sessions.

SecureSessions is a private onion network run on IK servers. This is more secure than regular ToR when defending against hackers, phishers, etc. But is less secure against government agencies. Also it is impossible to access hidden services (.onion domains) while using SecureSessions.

TorButton v. FoxyProxy

Configuring Your IronKey

TrueCrypt

Make sure you do this part of the tutorial first - This will ensure that all your files are encrypted again inside a hidden volume.

All you need to do is download Truecrypt from here; http://www.truecrypt.org/downloads

and then follow the instructions here https://afoyi.net/wiki/index.php/TrueCrypt#Encrypted_Hidden_File_Containers_.2F_devices

It is easy to adapt for use with the IronKey. Just download truecrypt to the unlocked IK "secure files" folder. Extract and make sure you create the hidden volume within the unlocked IK.

ToR

Download PortableTor from here (http://portabletor.sourceforge.net/) and install it on your IronKey

Web Browsing

Installing FF Portable & securely configuring it

Download portable FireFox here; http://portableapps.com/apps/internet/firefox_portable

Install to your IK directory (Browse to 'My Computer' -> 'IronKey Secure Files' and select it. The path should read [drive letter]:\FirefoxPortable)

disable Java (Tools -> Options -> Content -> untick "Enable Java")
disable Flash (Tools -> Add-Ons -> Plugins -> find flash and hit "disable")

Security Plug-ins

It's advisable to also install the following plug-ins

NoScript (http://noscript.net/)
CookieSafe (https://addons.mozilla.org/en-US/firefox/addon/2497)
RefControl (hxxps://addons.mozilla.org/en-US/firefox/addon/953)

However, if these plug-ins cause problems you can allow specific sites you trust.

Installing TorButton

TorButton is available here; https://addons.mozilla.org/en-US/firefox/addon/2275

GPG

Instant Messaging

Installing PidginPortable

http://sourceforge.net/projects/portableapps/files/Pidgin-OTR%20Portable/

Navigate to the latest version, download it and install it in the ironkey folder.

OTR Encryption Plug-in

The download above comes bundled with OTR encryption, to enable it you may need to enable it. To do this go to Tools -> Plug-ins and Check the box that is labeled "Off-the-record Encryption"

Running IMs through SSL & ToR

ToR

To set it to run through ToR go to

  Tools -> Prefrences -> "Network" 

tab and down the bottom change

  "Proxy Type" to SOCKS5 set the host to 127.0.0.1 port 9050.

SSL

To enable SSL so that your pw can't be sniffed go to

 Accounts -> Manage Accounts 

and select your AIM account hit

 "Modify" go to "Advanced"
and change the port to 443. 

also tick the box that says 'use proxy server for file transfers.'

[note; this only works with AIM - [MSN uses SSL by default] .