Home | Blog | Software | Reviews and Features | Forum | Help | Donate | About us
topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • December 04, 2016, 06:22:39 AM
  • Proudly celebrating 10 years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: Is Whole Disk Encryption Just Wishful Thinking?  (Read 11452 times)

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,768
    • View Profile
    • Donate to Member
Is Whole Disk Encryption Just Wishful Thinking?
« on: July 20, 2008, 04:32:15 PM »
A little while ago, there was quite a bit of discussion in the TrueCrypt 6.0 thread on the issue of encrypted drives. I've always been a big promoter of encrypted file systems. I never thought they were completely bulletproof (since nothing ever is) but I just read an article over at ghacks that has got me wondering if they're really worth the trouble at all:

Software to defeat Disk Encryption released
www.ghacks.net/2008/07/20/software-to-defeat-disk-encryption-released

Looks like some researchers over at Princeton U have a workable crack for several disk encryption techniques. They have published their study (available for download), along with the tools they used to pull it off.

Here's the abstract from the Princeton website: http://citp.princeton.edu/memory

Quote
Abstract

Contrary to popular assumption, DRAMs used in most modern computers retain their contents for seconds to minutes after power is lost, even at operating temperatures and even if removed from a motherboard. Although DRAMs become less reliable when they are not refreshed, they are not immediately erased, and their contents persist sufficiently for malicious (or forensic) acquisition of usable full-system memory images. We show that this phenomenon limits the ability of an operating system to protect cryptographic key material from an attacker with physical access. We use cold reboots to mount attacks on popular disk encryption systems — BitLocker, FileVault, dm-crypt, and TrueCrypt — using no special devices or materials. We experimentally characterize the extent and predictability of memory remanence and report that remanence times can be increased dramatically with simple techniques. We offer new algorithms for finding cryptographic keys in memory images and for correcting errors caused by bit decay. Though we discuss several strategies for partially mitigating these risks, we know of no simple remedy that would eliminate them.

Very interesting. And very sobering! Can't wait to try this one out at home...

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,029
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: Is Whole Disk Encryption Just Wishful Thinking?
« Reply #1 on: July 20, 2008, 05:19:21 PM »
It's nasty stuff.

Also, if (serious) law enforcement is coming after you, they have ways to move your computer without turning it off - basically attaching an UPS on the go, doing some wire cutting etc.
- carpe noctem

fenixproductions

  • Honorary Member
  • Joined in 2006
  • **
  • Posts: 1,184
    • View Profile
    • Donate to Member
Re: Is Whole Disk Encryption Just Wishful Thinking?
« Reply #2 on: July 20, 2008, 07:00:00 PM »
I am little disappointed. I've saw this thread and expected something new to read about. Old history but good finding after all.
* fenixproductions read about it few months ago...

4wd

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 4,473
    • View Profile
    • Donate to Member
Re: Is Whole Disk Encryption Just Wishful Thinking?
« Reply #3 on: July 20, 2008, 08:26:40 PM »
It's nasty stuff.

Also, if (serious) law enforcement is coming after you, they have ways to move your computer without turning it off - basically attaching an UPS on the go, doing some wire cutting etc.

That's why one of my HDs is actually a disguised thermite charge.....the moment anyone tries to access using the magic word, ('dir'), it ignites and slags the whole computer  :Thmbsup:

cranioscopical

  • Friend of the Site
  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 4,367
    • View Profile
    • Donate to Member
Re: Is Whole Disk Encryption Just Wishful Thinking?
« Reply #4 on: July 20, 2008, 10:47:14 PM »
It's nasty stuff.

Also, if (serious) law enforcement is coming after you, they have ways to move your computer without turning it off - basically attaching an UPS on the go, doing some wire cutting etc.

That's why one of my HDs is actually a disguised thermite charge.....the moment anyone tries to access using the magic word, ('dir'), it ignites and slags the whole computer  :Thmbsup:

You haven't been into my main machine have you?  At the moment I have two duff hard drives and a malfunctioning power supply  :(


MrCrispy

  • Participant
  • Joined in 2006
  • *
  • Posts: 331
    • View Profile
    • Donate to Member
Re: Is Whole Disk Encryption Just Wishful Thinking?
« Reply #5 on: July 22, 2008, 07:27:03 PM »
Just another reminder that no technology is foolproof, secure or reliable enough.

J-Mac

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 2,913
    • View Profile
    • Donate to Member
Re: Is Whole Disk Encryption Just Wishful Thinking?
« Reply #6 on: July 27, 2008, 01:20:09 PM »
It's nasty stuff.

Also, if (serious) law enforcement is coming after you, they have ways to move your computer without turning it off - basically attaching an UPS on the go, doing some wire cutting etc.

Ha!  I would just let one of my granddaughters play with it for a minute or two before these LE specialists got their hands on it.  Believe me...  they will never be able to recover anything again from that drive!   ;D

Jim

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,768
    • View Profile
    • Donate to Member
Re: Is Whole Disk Encryption Just Wishful Thinking?
« Reply #7 on: July 28, 2008, 10:19:24 AM »
It's nasty stuff.

Also, if (serious) law enforcement is coming after you, they have ways to move your computer without turning it off - basically attaching an UPS on the go, doing some wire cutting etc.

Depending on where you live it might not even get that fancy.

----------------------------------------------------------
DEFINE PROCESS: its_a_whole_new_world

BEGIN

{IF} (DATE)=>(2000.09.11) {AND}
{IF} (living_in_USA)=(TRUE) {AND}
{IF} ((serious_law_enforcement_action) | (YOU))
 
    {THEN} DriveEncryption | NULL {AND}
               (YOU)=((SCREWED)*(BIGTIME))

END.
STOP.

----------------------------------------------------------

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,029
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: Is Whole Disk Encryption Just Wishful Thinking?
« Reply #8 on: July 28, 2008, 10:31:36 AM »
These days, that could unfortunately be distilled to...
{IF} (living_on_earth)=(TRUE)
   (YOU)=((SCREWED)*(BIGTIME))
- carpe noctem

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,768
    • View Profile
    • Donate to Member
Re: Is Whole Disk Encryption Just Wishful Thinking?
« Reply #9 on: July 28, 2008, 12:33:17 PM »
These days, that could unfortunately be distilled to...
{IF} (living_on_earth)=(TRUE)
   (YOU)=((SCREWED)*(BIGTIME))

My hat is off. Optimization was never my strong suit after I stopped writing in assembler. (Please don't ask how long ago that was!) ;D

Shades

  • Member
  • Joined in 2006
  • **
  • Posts: 2,096
    • View Profile
    • Donate to Member
Re: Is Whole Disk Encryption Just Wishful Thinking?
« Reply #10 on: July 28, 2008, 09:45:21 PM »
I was thinking of the following:
{IF} (human)=(TRUE)
   (YOU)=((SCREWED)*(BIGTIME)*(TAXES))

But the best optimization:
{IF} (living_on_earth)=(42

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,768
    • View Profile
    • Donate to Member
Re: Is Whole Disk Encryption Just Wishful Thinking?
« Reply #11 on: July 28, 2008, 09:49:03 PM »
But the best optimization:
{IF} (living_on_earth)=(42

But only if 42=FNORD  8)

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,029
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: Is Whole Disk Encryption Just Wishful Thinking?
« Reply #12 on: July 28, 2008, 10:08:33 PM »
FJORD, baby, FJORD. Slartibartfast and all.
- carpe noctem

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,768
    • View Profile
    • Donate to Member
Re: Is Whole Disk Encryption Just Wishful Thinking?
« Reply #13 on: July 29, 2008, 08:48:20 AM »
But the best optimization:
{IF} (living_on_earth)=(42

But only if 42=FNORD  8)

Sorry. Forgot to include the reference:

http://en.wikipedia.org/wiki/Fnord

KALLISTI! All Hail Eris!

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,768
    • View Profile
    • Donate to Member
Re: Is Whole Disk Encryption Just Wishful Thinking?
« Reply #14 on: August 02, 2008, 12:00:26 AM »
Game over (for now).

Quote
Travelers' Laptops May Be Detained At Border
No Suspicion Required Under DHS Policies


By Ellen Nakashima
Washington Post Staff Writer
Friday, August 1, 2008; Page A01

Federal agents may take a traveler's laptop or other electronic device to an off-site location for an unspecified period of time without any suspicion of wrongdoing, as part of border search policies the Department of Homeland Security recently disclosed.

Also, officials may share copies of the laptop's contents with other agencies and private entities for language translation, data decryption or other reasons, according to the policies, dated July 16 and issued by two DHS agencies, U.S. Customs and Border Protection and U.S. Immigration and Customs Enforcement.

Full article at: http://www.washingto...8/08/01/laptops.html

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,029
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: Is Whole Disk Encryption Just Wishful Thinking?
« Reply #15 on: August 02, 2008, 02:27:30 AM »
 :o :o :o
- carpe noctem

Deozaan

  • Charter Member
  • Joined in 2006
  • ***
  • Points: 1
  • Posts: 7,713
    • View Profile
    • The Blog of Deozaan
    • Read more about this member.
    • Donate to Member
Re: Is Whole Disk Encryption Just Wishful Thinking?
« Reply #16 on: August 02, 2008, 07:41:18 AM »
Game over (for now).

Quote
Travelers' Laptops May Be Detained At Border
No Suspicion Required Under DHS Policies


Not just laptops! But even the trash from your pocket!

The policies cover "any device capable of storing information in digital or analog form," including hard drives, flash drives, cell phones, iPods, pagers, beepers, and video and audio tapes. They also cover "all papers and other written documentation," including books, pamphlets and "written materials commonly referred to as 'pocket trash' or 'pocket litter.' "

So basically anything.


urlwolf

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 1,797
    • View Profile
    • Donate to Member
Re: Is Whole Disk Encryption Just Wishful Thinking?
« Reply #17 on: August 02, 2008, 01:52:07 PM »
Game over (for now).

Quote
Travelers' Laptops May Be Detained At Border
No Suspicion Required Under DHS Policies


By Ellen Nakashima
Washington Post Staff Writer
Friday, August 1, 2008; Page A01

Federal agents may take a traveler's laptop or other electronic device to an off-site location for an unspecified period of time without any suspicion of wrongdoing, as part of border search policies the Department of Homeland Security recently disclosed.

Also, officials may share copies of the laptop's contents with other agencies and private entities for language translation, data decryption or other reasons, according to the policies, dated July 16 and issued by two DHS agencies, U.S. Customs and Border Protection and U.S. Immigration and Customs Enforcement.

Full article at: http://www.washingto...8/08/01/laptops.html

So, if you are a company and have some secret sauce (algorithms, data) on your laptop, you may be screwed.

Either leave any sensitive data on a server before traveling into the US (hard!), or don't travel at all.

This is getting ridiculous. Stallman and his 'right to read' essay, but a lot worse.

CWuestefeld

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 1,001
    • View Profile
    • Donate to Member
Re: Is Whole Disk Encryption Just Wishful Thinking?
« Reply #18 on: August 02, 2008, 05:18:07 PM »
Further comment on the topic by security expert Bruce Schneier http://www.schneier....us_government_p.html:
Quote
U.S. Government Policy for Seizing Laptops at Borders

Amazing. The U.S. government has published its policy: they can take your laptop anywhere they want, for as long as they want, and share the information with anyone they want:

Quote
    Federal agents may take a traveler's laptop or other electronic device to an off-site location for an unspecified period of time without any suspicion of wrongdoing, as part of border search policies the Department of Homeland Security recently disclosed. Also, officials may share copies of the laptop's contents with other agencies and private entities for language translation, data decryption, or other reasons, according to the policies, dated July 16 and issued by two DHS agencies, US Customs and Border Protection and US Immigration and Customs Enforcement.

    [...]

    DHS officials said that the newly disclosed policies — which apply to anyone entering the country, including US citizens — are reasonable and necessary to prevent terrorism.

    [...]

    The policies cover 'any device capable of storing information in digital or analog form,' including hard drives, flash drives, cell phones, iPods, pagers, beepers, and video and audio tapes. They also cover 'all papers and other written documentation,' including books, pamphlets and 'written materials commonly referred to as "pocket trash..."

Spoiler: political content
Spoiler
In related news, Sen. Sam Brownback voted for the legislation allowing this, but condemns the Chinese for doing exactly the same thing http://www.cato-at-l...s-and-sen-brownback/:
Quote
Sam Brownback is outraged that the Chinese government would spy on foreigners on its soil without a warrant. When it was pointed out to him that the United States government is now authorized to conduct warrantless spying in the United States, he had this to say: [read the article]


Edit: end quote tag was in the wrong place.
« Last Edit: August 02, 2008, 05:27:45 PM by CWuestefeld »

Armando

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 2,727
    • View Profile
    • Donate to Member
Re: Is Whole Disk Encryption Just Wishful Thinking?
« Reply #19 on: August 02, 2008, 08:54:18 PM »
Thanks CWuestefeld. Good link.

Another link on the page is giving some good advices -- in my opinion.

http://www.schneier.com/essay-217.html


I wonder what's the true proportion of people experiencing laptop "confiscation".

J-Mac

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 2,913
    • View Profile
    • Donate to Member
Re: Is Whole Disk Encryption Just Wishful Thinking?
« Reply #20 on: August 02, 2008, 11:59:20 PM »
I wonder what's the true proportion of people experiencing laptop "confiscation".

IMO, if it is only one person,  it is far too many.

Jim

Armando

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 2,727
    • View Profile
    • Donate to Member
Re: Is Whole Disk Encryption Just Wishful Thinking?
« Reply #21 on: August 03, 2008, 01:23:01 AM »
I agree. A, ahem...weird, disgusting policy... Its main goal is probably only to cause fear and legitimate other more severe infringement to privacy, and human rights in general. Usually, the people suffering the most from these practices aren't the true criminal. I mean... what criminal is going to carry a laptop (or a cellphone, a PDA, pocket trash ...) with critical data, knowing that it could be confiscated? :huh: