my 2 cents
@ Pheet - the website says its FIPS 197 so it must have been certified to meet the fully published AES standard?
Whatever the standard, im sure given the horsepower, time and will, anything can be cracked. Surely an easier way to gain a password from a Bank or Government employee if you REALLY want the data is much simpler - should such people want access to your data bad enough, a threat of violence will do it.
Id rather Government departments, Banks, Corporates NOT stick CD's stuffed with data in the post or leave an unencrypted sticks / pda's / mobile phone's on a train for thieves to get my data, account details etc.. Surely enforcing seamless data encryption is a good thing?
I think some comments may be missing the point of this device as I see it - I dont see it as cheap, single user encryption device - of which there are loads to choose from - although not everyone is techie enough to understand what is good, bad, good value, false sense of security etc..
For the techies there are always other options - including the best one - not storing your data on removable devices anyways.
safe stick is useful to us because we can deploy and manage hundred of sticks from a single web console and KNOW they are all encrypted. Integration with backend AD accounts etc. means we can give sticks to employees, with a fixed password policy - and importantly they can be disabled / wiped / reset / de-activated if lost. Also surely stopping malware spread has to be a good thing for everyone?
We also use the stick to provide 2-factor authentication - it saves us a large fortune not having to deploy / replace additional hardware tokens.