14 March 2008 @ 10:38Fingerprint protected USB sticks not all that secure
Numerous fingerprint “protected” USB sticks on the market purport to allow access to a protected portion of the flash memory only when the proper fingerprint is detected. It turns out that bypassing this “protection” is fairly simple.
All you need to do is use the PLscsi tool to send a single USB command – Command Descriptor Block – to the stick for access to the public partition to be replaced by access to the protected one.
(via heise security)