Author Topic: Disk encryption makes you safe? - think again! (Read 3783 times)

f0dder · « **on:** February 21, 2008, 07:35 PM »

I've always wondered how long RAM keeps it contents after you shut down your machine, ever since a bug in my code (back in the DOS days) had me write a pointer to a memory location, rather than the memory contents. I was amazed how I had "compressed" a textmode screen of 80*25*2 bytes of data into just 4 bytes, and that I could restore the data after a reboot...

So, how does this apply to disk encryption? Check this out.

Today eight colleagues and I are releasing a significant new research result. We show that disk encryption, the standard approach to protecting sensitive data on laptops, can be defeated by relatively simple methods. We demonstrate our methods by using them to defeat three popular disk encryption products: BitLocker, which comes with Windows Vista; FileVault, which comes with MacOS X; and dm-crypt, which is used with Linux.

I got this link from slashdot, and one of the comments led to another pretty scary thing: the hotplug. Your desktop machine can be easily be moved from your home in power-on state, if they really need it that way - for instance, to extract crypto keys from your ram.

Carol Haynes · « **Reply #1 on:** February 21, 2008, 07:41 PM »

There is a registry setting that wipes RAM when you power off as part of the power off sequence. Whether anything can then read between the lines (like wiped hard discs) is another matter though.

f0dder · « **Reply #2 on:** February 21, 2008, 07:49 PM »

There is a registry setting that wipes RAM when you power off as part of the power off sequence. Whether anything can then read between the lines (like wiped hard discs) is another matter though.
-Carol Haynes (February 21, 2008, 07:41 PM)

Oh? I only know about the one that clears out your paging file. Would be a nice enough thing to enable, but...

#1 - won't save you if you use sleep/standby (laptops as well as desktops)
#2 - if the feds come knocking down your door, you might very well not have time to pull your power plugs, let alone shutting down properly

Carol Haynes · « **Reply #3 on:** February 22, 2008, 04:00 AM »

Actually come to think of it pagefil is probably what I am thinking of (mea culpa).

if the feds come knocking down your door, you might very well not have time to pull your power plugs, let alone shutting down properly

If the feds come knocking at my door (in the UK) I will be more than a little surprised - though in this day and age I suppose nothing is impossible!

f0dder · « **Reply #4 on:** February 22, 2008, 05:19 AM »

Actually come to think of it pagefil is probably what I am thinking of (mea culpa).

if the feds come knocking down your door, you might very well not have time to pull your power plugs, let alone shutting down properly

If the feds come knocking at my door (in the UK) I will be more than a little surprised - though in this day and age I suppose nothing is impossible!
-Carol Haynes (February 22, 2008, 04:00 AM)

Hehe, same here, I used "feds" as a catch-all.

But considering how much pressure the US of A can lay on other countries... DVD-Jon had Norwegian police all over his place because of pressure from the media interest groups in USA, even though he had done nothing illegal according to Norwegian law.

Author Topic: Disk encryption makes you safe? - think again! (Read 3783 times)

f0dder

Disk encryption makes you safe? - think again!

Carol Haynes

Re: Disk encryption makes you safe? - think again!

f0dder

Re: Disk encryption makes you safe? - think again!

Carol Haynes

Re: Disk encryption makes you safe? - think again!

f0dder

Re: Disk encryption makes you safe? - think again!