Explore the vulnerabilities discovered in the DataVault encryption software used by major storage device manufacturers in this conference talk. Delve into the analysis process that revealed serious flaws in the "military-grade" encryption claims, including a weak key derivation function, constant salt usage, and malleable data encryption. Learn about the reverse engineering techniques employed, the practical implications of these vulnerabilities, and the development of a John the Ripper plugin for brute-forcing the encryption. Gain insights into the coordinated disclosure process with multiple vendors and the subsequent improvements made to address these security issues.