Skip navigation
Menu
Security

iKey 1000 Allows Administrative and Data Access

 
iKey 1000 Allows Administrative and Data Access
Reported July 20, 2000 by @Stake

VERSIONS EFFECTED
Rainbow Technologies iKey 1000

DESCRIPTION

By physically accessing the iKey 1000 hardware device, its tamper-proof mechanisms can be bypassed thereby providing access to the Master Key (MKEY), normally used for administrator level access. With a standard device programmer the MKEY can be reset to a known value where the iKey could then be used to gain unauthorized access to data.

VENDOR RESPONSE

Rainbow Technologies responded promptly with a press release where the companies cheif technology officer stated, "Rainbow has made a corporate commitment to achieve FIPS 140-1 physical security validation on certain models of iKey this year and are committed to the Common Criteria security evaluation process." Rainbow also offers the iKey 2000, a physically secure token for B2B, enterprise security and other sophisticated PKI applications.

Users are urged to protect against unauthorized physical access to their hardware-based security devices in an effort to prevent such tampering.  

CREDIT
Discovered by @Stake
Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
DevSecOps concept
90% of Java Services in Production Have Vulnerability Risk, DevSecOps Report Finds
Apr 20, 2024
Businesswoman challenges concept and gender obstacles
Women in Cybersecurity Face Barriers to Hiring, Advancement
Apr 15, 2024
person typing on keyboard with icons for certificates
Top IT Certifications for a Career in Finance
Apr 12, 2024
employee working on a laptop with AI
Why AI Coding Assistants May Be Greatest Cybersecurity Threat Facing Your Business
Mar 26, 2024