Secret Agent Envy
We recently introduced an innovative accessory that expands portable storage while enhancing data security for ThinkPad fans. My team really enjoys designing these kind of accessories. It gives them a chance to imagine how to connect ThinkPad design DNA to a product that often is highly unique and allows us to enhance the ThinkPad user experience. We have done designs for ThinkPad external keyboards, travel mice, and carry cases in the past. Yes they are black with a small red accent, but we strive to give them all a innovative twist that drives desire.
The design challenge for the ThinkPad USB Portable Secure Hard Drive, I prefer to call it “the vault,” was to create an object that linked to the ThinkPad design essence but also embodied the appropriate design solution for such a critical product. We wanted it to look simple, solid, and of course ultra secure. I think we achieved that goal. One review I read recently remarked that using it “will make you look, feel more important than you are” and that it would be handy for you always on-the-go, James Bond types. Sure Bond wants one, but so do I. I can close my eyes and imagine pulling this one out of the glovebox of my Aston Martin (If only I had one) in order to thwart yet another sinister plot to take over the world. ThinkPad is so “on-brand” for this mission.
Even a design so seemingly simple as this one requires a great deal of analysis, concept generation, modeling, refinement and of course design thinking to create. The initial studies focused on developing a simple and pure form that featured a deliberate and nearly militaristic keypad design. We also wanted to create a way to store and hide the USB cable when not in use, in order to preserve the simplicity of execution. I feel a bit like “Q” when I write this stuff. Sketches and rough study models were created to study the form as well as keypad layout and key shapes. Here are a few of the “unclassified” models and sketches from the lab that led to the final design.
The final design is a pure rectangular form with a no-frills, asymmetrically placed keypad. Spots of color reinforce the significance of the code entry and cancel keys. The keys themselves are slightly recessed to protect them from accidental use and are slightly domed. They pay tribute to my old Braun calculator designed by Dieter Rams. We offer both 160GB and 320GB models that use 128-bit encryption to ensure your data can’t be unscrambled by the enemy. The drives can store up to 10 separate user ID’s with 10 different security keys. The entire device neatly stores in a neoprene slipcase that reminds me of 007’s wetsuit. Remember the time he wore one to keep his perfectly pressed tuxedo dry in Goldfinger? Up until now encrypting and decrypting your data was never quite so full of intrigue.
David Hill
Lenovo Meet the Modder Dean Liou
Lenovo Meet the modder- Chris Blarsky Dairy 2
Lenovo Meet the modder- Chris Blarsky Dairy 1
Lenovo H320 desktop
November 25th, 2008 7:02 pm
Hmm, I believe if it would have been one of the 007 gadgets, it would have be camouflaged as an external number block, or at least would also offer that functionality too.
Other than that I like it’s quite simply design, which somehow reminds me to some former time Braun and Wega controls!
November 25th, 2008 10:32 pm
the sketches and prototypes from this project are quite revealing. the right design choice was made in the end, including the decision to forgo the typical fingerprint reader in favor of a simple keypad.
does it make any sounds? does the keypad illuminate or just the LED below the ‘0′ key? does it require software on the machine tethered or is it completely self-reliant? do each of the 10 users get their own secure partitions or are everyone given bulk access?
whether i would feel like the proverbial “james bond” while using it has yet to be seen. as long as my client’s files stay secure while traveling then i’ll certainly feel like i’m doing my job — secret or not.
November 26th, 2008 3:14 am
Totally awesome! I love this kind of professional/industrial look which ThinkPad is all about! I’d order one in a heartbeat if a 7200RPM drive was in there. (7k300 please.. they’ve been out long enough)
November 26th, 2008 8:26 am
Other interesting details I’d like to know about come to mind:
1. Is the HD inside the unit APS-protected?
2. How sturdy is this thing against drops, etc?
3. Where is the FIPS certification, or better yet, the independent review white-paper from Cryptography Research Inc. ?
Lenovo better make it extremely clear to its consumers about just how strong against an attacker this thing really is. It could easily become a PR nightmare otherwise, and that WOULD tarnish the ThinkPad name for good in many circles.
November 26th, 2008 10:50 am
Are there some more specific information available on the encryption algorithm, how exactly it is used, etc.? If you use few digits long key (I don’t expect anybody to use more than 10digits PINs), it doesn’t really give you too large key space. I’m wondering if this is really meant to be used for storing sensitive information or to give only some low level protection against amateurs?
November 26th, 2008 12:17 pm
I see the cut off corner guy tried to sneak in a prototype – good job for not picking it and going with a nice boxy design, the only shame is it doesn’t appear to have the soft touch coating which i like and it might have been a nice touch to put the mobile phone type letters on the keys so people could remember a word rather than a number.
All said though, I want one of these for sure.
November 26th, 2008 5:38 pm
Why not make it an external keypad as well? Yes it’ll need more and bigger keys, yes it wont be as cool and bond looking but heck, it’ll be useful.
November 26th, 2008 9:47 pm
Is there a fingerprint authentication function?
November 27th, 2008 9:39 am
Snife, the case is coated with rubberized paint similar to the X300. Interesting idea about adding the letters to the keys for those who use words. Thanks for the feedback.
November 27th, 2008 12:29 pm
david, any chance you know the answers to my questions above?
if not, i just received shipment notification this morning so i’ll find out soon enough.
thanks and happy thanksgiving!
November 27th, 2008 3:20 pm
Did you consider making the non-numeric keys not just colour-coded but a different and larger shape? Like the lobby button in an elevator, presumably these are the ones you will use more and need to quickly distinguish from the numeric keys. Sure, putting them in the same visual look and the same physical layout as the number keys looks good – but is more ergonomic and practical than making them distinct and physically distinctive? Did you do colour-blindness testing/low-light testing to make sure that I can’t accidentally press ‘lock’ when I wanted to press 7?
November 27th, 2008 4:34 pm
I agree with Mary, the ‘lock’ and ‘unlock’ buttons should be a different shape to prevent them being pressed automatically.
November 30th, 2008 1:42 am
The moment I saw the first picture, I thought this is some kind of nostalgic post, about IBM gadget from early 90s era. It looks so old and low-tech.
The loose-looking keys and the very obvious line separating top cover and base casing give me the impression that they are manufactured by a cheap manufacturer from 3rd-world country using low-precision tools. The swelling green indicator light looks so old. Most gadgets, including recent Thinkpad products, have flat looking indicator light. And how do I know if I have entered correct amount of digits?
The encryption feature maybe cool but I am sorry to say that I am dissapointed with the design. No offense, mate.
November 30th, 2008 7:34 am
@Indera:
Nah, the design is pure ThinkPad goodness. Looks spiffy, gadgety, professional and cool at the same time.
And it doesn’t make you look like an annoying punk which goes for appearance over quality. It speaks of “seriousness”, which is important for the market it was made for.
Whether there is actually a proper secure design for data retention inside the box, or just yet another bottle of snake oil, I don’t know. There is no independent review of the design *and* of the implementation, which is of paramount importance if you do take data security seriously.
December 1st, 2008 3:20 am
I totally dig that design, it’s really cool. Of course, it might look “old”, but I’d prefer the term “classic” or, maybe better, “timeless”.
And why should anyone care if the LED is flat or rounded, btw?
I’d expect from the looks that it’s just as sturdy as my ThinkPad, so I’d really trust that thing. Of course I can’t know, since I didn’t hold it in my hands yet, but I don’t think it’s got a “cheap 3rd-world country” look.
December 1st, 2008 2:22 pm
the 320GB secure HDD i ordered last week showed up this afternoon. looks like i can answer some of my own questions…
- the keypad does not light up, making it difficult to impossible to use in low/no light
- each user code entered is granted bulk access to the drive rather than individual partitions (which begs the question why 10 user passwords would ever be necessary)
- the drive is completely self-reliant and no separate software is provided (which is good since it’s more secure this way)
- it doesn’t make any audible sounds indicating status (although this isn’t necessarily a negative)
some points on the design:
- the fit and finish are much better than shown in the photos. it’s solidly built, doesn’t seem cheap, and the soft touch coating is a nice touch.
- the information decal on the base of mine is crooked. i can’t stand when decals aren’t applied straight, especially in a recessed area made specifically for the decal.
- changing codes is tedious and requires reading the manual. to me, reading a manual is synonymous with an unintuitive interface. if i need to change a code while on the road, i may or may not have time to hunt through the PDF to figure out how.
- the drive can be reset with a specific set of actions. this is both a plus and negative since the data is secure from being read but not secure from being completely erased. there are times when this could be necessary though. i’m starting to like this idea.
- since the keypad doesn’t light up, the “james bond” appeal drops a few notches since users cannot use this drive in low to no light. while it’s likely rare to install this HDD in complete darkness, it’s bad to assume that no one will ever find themselves in such a situation.
- the drive includes a separate USB power cable to use with the drive. the user guide recommends using it “for reliability” but doesn’t say that it’s mandatory. knowing a definitive answer to this would be more ideal since it means having to pack yet another annoying USB cable. this is pictured above and on lenovo.com as being self-sufficient, making the cable a complete surprise.
- the green LED isn’t the same color of green as used on thinkpads. it’s a minor point but one which should have been considered.
conclusion:
i like the security features. the password interface is cumbersome but it is what it is. it’s well-built and audibly quiet so no complaints there. having to use the included USB power cable is annoying. the non-illuminated keypad will likely prove to be annoying.
initially, i do like the drive. it’s too soon for me to decide one way or the other though. some of the shortcomings mentioned above might prove to be deal-breakers later on but i plan to give it a fair shot.
December 1st, 2008 3:48 pm
found technical specs from EMEA portal: http://www-01.ibm.com/common/s.....anguage=en
December 1st, 2008 5:28 pm
Hello I’m the product marketing manager for this product at Lenovo. Glad to see there is so much interest in this product. I’ll try and answer some of the comments I’ve read so far…..
The keyboard does not illuminate, but the number 5 key has a raised line on it for the visually impaired or for keypad usage in low light conditions.
In addition to the attached USB cable, an extension USB cable is included for the distance that may be needed for attachment to desktop towers or USB hubs. Also, a supplemental USB cable is included for those configurations where attaching to one USB port does not provide enough power for normal operation. A 5400 rpm hard drive was chosen as the engine instead of the speedier 7200 rpm hard drive to conserve power and make it much more likely that 1 USB port would provide enough power to operate the drive.
Each user ID has access to the entire USB hard drive capacity. There are no separate drive partitions.
There is no software needed for installation on the drive or the attached system making this drive completely self-reliant.
The hard drive inside the USB casing is shock mounted and has passed our vigorous drop tests. Also, the keypad and rubberized soft paint is very high quality.
The need for the FIPS 140-2 certification is still being assessed.
December 2nd, 2008 12:27 am
don – thank you for your reply.
what you said about the power cable got me thinking. i tested the drive using an ultranav keyboard (which is USB 1.1 and a long distance from my thinkstation) and discovered that the indicator light will illuminate but the drive will not spin up. so, it seems that the power cable is only necessary for older systems. that’s very good news.
also, it’s good to know that the drive has vibration/shock dampening.
after using the drive for a few hours, changing passwords a few times, mounting/unmounting the drive, and so on, i’m starting to like it more and more — even without an illuminated keypad.
December 4th, 2008 1:49 am
all you wanna-be cyber ninjas should be glad it doesnt light up
the number pad doesnt do wonders for its encryption. if your passphrase has less entropy than the key it protects, thats whats going to get attacked. If your not familiar with entropy, look here http://www.diceware.com/
in this case you would need at least 40 digits. have fun remembering it. While the keypad might limit the number of attempts the attacker can make, a competent attacker will dissasemble the device and brute force it.
December 4th, 2008 2:01 am
clarification: This drive is not as good at hiding your data as they claim, unless you have a really good memmory and dont mind typing in a 40+ digit key.
On the plus side a cold boot attack or fw scan will not give away the drives key and will only reveal whats cached in ram.
To those who asked for a fingerprint reader, they generally have far less entropy and are better used for access control (for example to a building, or to unlock a screensaver) than hiding data.
It could make sense to insist on a key when powering up the drive and using a fingerprint to unlock it, meaning an attacker would have to get at the drive while its plugged in and carefully tamper with the reader without cutting its power. its a security / convenience trade off.
December 6th, 2008 2:05 am
pixelfairy – you forgot about one other factor: brute-force attacking the owner. not only would you have to hack the drive but you’d first have to get it out of the owner’s possession. and, that’s one factor that i’m personally not worried about.
December 23rd, 2008 1:04 pm
These no longer seem to be available on the Lenovo site. Any word as to future availability?
January 14th, 2009 8:15 pm
Now if only this could also double as a Numpad, *then* it would be a supercool gadget…
January 20th, 2009 10:17 pm
Voldenuit,
that is exactly what I wanted to say! If it could just be used as a numpad! And it should have normal ThinkPad keys that would get covered by shell part of its case for example
April 5th, 2009 3:25 am
Using such a hdd will definitely save my data in safety
June 5th, 2009 10:41 pm
[...] drive is this one from Lenovo, profiled on the Lenovo design blog here: LINK. Gadgets, [...]
July 4th, 2009 1:00 am
[...] The drive is this one from Lenovo, profiled on the Lenovo design blog here: LINK. [...]
September 11th, 2009 6:11 am
[...] [Apricorn Aegis Padlock] & [Lenovo Blogs: Design Matters] SHARETHIS.addEntry({ title: "ThinkPad USB Secure Hard Drive = Aegis Padlock", url: [...]
December 8th, 2009 2:14 pm
[...] this product and consider this a great honor for my design team and Lenovo. You can read a detailed blog I wrote previously about the design of the hardfile here. Congratulations to everyone [...]
December 8th, 2009 4:24 pm
Congrats to you and your team on the IF award!
December 11th, 2009 11:17 am
Don,
As observation about your response to the comments about the lack of keyboard illumination
“The keyboard does not illuminate, but the number 5 key has a raised line on it for the visually impaired or for keypad usage in low light conditions.”
I for one would not find the pip on the 5 key helpful, as I have never learned to use a keypad by touch. I suspect that is true for an awful lot of people.