Sandisk and Kingston provide hardware encryption but only the encryption algorithms are processed in hardware.

This is very different than hardware secured.

Hardware secured products should generate encryption keys in hardware using validated true random number generators.    The password key and counter should also protected by the hardware to prevent brute force password-guessing, patching and replay attacks.  In fact, the drive should not even mount until the password is verified in hardware. 

Verifying passwords in memory was the source of this vulnerability.

Security experts reveal, SanDisk, Kingston and Verbatim FIPS certified, hardware encrypted USB flash drives have a shared backdoor password.  You would think that they know better but that is what happens when a consumer memory companies bolt on a little security.

"SySS security experts found a rather blatant flaw that has quite obviously slipped through testers' nets. During a successful authorisation procedure the program will, irrespective of the password, always send the same character string to the drive after performing various crypto operations"

http://www.h-online.com/security/news/item/NIST-certified-USB-Flash-drives-with-hardware-encryption-cracked-895308.html

IronKey has never been hacked, not by Bruce nor anyone else and many have tried.

I think ravensmb has confused the vulnerabilities that Schneier found with DFS and TrueCrypt a year ago. Last June,  Bruce said Deniable File Systems are actually easier to hack than encryption.  IronKey’s encryption is validated at Level 3 of FIPS 140-2.

See http://www.schneier.com/paper-truecrypt-dfs.pdf  or http://blog.ironkey.com/?m=200807  for details.