“@stake has reported a security issue in Lexar Lexar[sic] JumpDrive Secure, which can be exploited by malicious people to gain knowledge of sensitive information.

Lexar’s JumpDrive Secure USB Flash Drive includes an application called Safe Guard, which creates two zones (a public and a private) on the flash drive. According to the vendor, data placed in the private zone are password-protected and will therefore be safe if the device is lost or stolen.

However, it is possible for a malicious person with possession of the product to gain knowledge of the password in two ways and thereby access to “secure” private partition.

1) The password is XOR “encrypted” and stored on the JumpDrive in a publicly accessible location. It is therefore trivial to decrypt and read the password without being authenticated in any way.

2) When a password in supplied, the real password will be compared to the user-supplied password. It is therefore easy to gain knowledge of the real plaintext password in memory by attaching a debugger.

SOLUTION: Don’t rely on data in the private zone being secure in any way.”