You've probably come across, seen or even own a USB thumb drive/flash drive which contains an encrypted partition. Some of these flash drives have the ability to "destroy" the data or otherwise make it inaccessible after "x" amount of failed authentication attempts.
I do not own any USB thumb drives with this ability but I had in my possession recently a
Kingston Data Traveler Secure which claimed the drive would need to be reformatted after three failed login attempts. This is to prevent brute-force attacks and password guessing.
So how did I get around this?
By write protecting the USB drive (see attachments and end of post). After three failed login attempts the password prompt still gave an error that the drive was inaccessible and needed to be reformatted but simply unplugging and plugging the USB drive back in reset the counter and allowed more password attempts. I'm guessing it does all of its work in RAM and then once the 3 attempts are up it flips a single bit on the flash drive marking the partition inaccessible or maybe it actually writes over the partition. I don't know, I didn't test that as the drive was not mine and it was write protected the entire time. I may end up purchasing one of these flash drives for myself just to see how badly the encryption software can be manipulated.
The attachments are simple .reg files which modify the registry. Open the attachments in notepad to see exactly what is going on. There is a registry key which enables and disables write protect for USB devices on Windows XP which these .reg files manipulate. I believe the key exists on Vista as well.
Now obviously I can't say this works for all USB thumb drives as I've only tested this on a Kingston Data Traveler Secure. However, I bet this will work for any secure USB thumb drive that executes the "destruction" routine from on top of Windows because then it will have to abide by the write protect rule in registry. Since it is write protected, the software running from the thumb drive in RAM cannot actually write to the drive to destroy the data.
