Main Area and Open Discussion > General Software Discussion
Is Whole Disk Encryption Just Wishful Thinking?
40hz:
A little while ago, there was quite a bit of discussion in the TrueCrypt 6.0 thread on the issue of encrypted drives. I've always been a big promoter of encrypted file systems. I never thought they were completely bulletproof (since nothing ever is) but I just read an article over at ghacks that has got me wondering if they're really worth the trouble at all:
Software to defeat Disk Encryption released
www.ghacks.net/2008/07/20/software-to-defeat-disk-encryption-released
Looks like some researchers over at Princeton U have a workable crack for several disk encryption techniques. They have published their study (available for download), along with the tools they used to pull it off.
Here's the abstract from the Princeton website: http://citp.princeton.edu/memory
Abstract
Contrary to popular assumption, DRAMs used in most modern computers retain their contents for seconds to minutes after power is lost, even at operating temperatures and even if removed from a motherboard. Although DRAMs become less reliable when they are not refreshed, they are not immediately erased, and their contents persist sufficiently for malicious (or forensic) acquisition of usable full-system memory images. We show that this phenomenon limits the ability of an operating system to protect cryptographic key material from an attacker with physical access. We use cold reboots to mount attacks on popular disk encryption systems — BitLocker, FileVault, dm-crypt, and TrueCrypt — using no special devices or materials. We experimentally characterize the extent and predictability of memory remanence and report that remanence times can be increased dramatically with simple techniques. We offer new algorithms for finding cryptographic keys in memory images and for correcting errors caused by bit decay. Though we discuss several strategies for partially mitigating these risks, we know of no simple remedy that would eliminate them.
--- End quote ---
Very interesting. And very sobering! Can't wait to try this one out at home...
f0dder:
It's nasty stuff.
Also, if (serious) law enforcement is coming after you, they have ways to move your computer without turning it off - basically attaching an UPS on the go, doing some wire cutting etc.
fenixproductions:
I am little disappointed. I've saw this thread and expected something new to read about. Old history but good finding after all.
* fenixproductions read about it few months ago...
4wd:
It's nasty stuff.
Also, if (serious) law enforcement is coming after you, they have ways to move your computer without turning it off - basically attaching an UPS on the go, doing some wire cutting etc.
-f0dder (July 20, 2008, 05:19 PM)
--- End quote ---
That's why one of my HDs is actually a disguised thermite charge.....the moment anyone tries to access using the magic word, ('dir'), it ignites and slags the whole computer :Thmbsup:
cranioscopical:
It's nasty stuff.
Also, if (serious) law enforcement is coming after you, they have ways to move your computer without turning it off - basically attaching an UPS on the go, doing some wire cutting etc.
-f0dder (July 20, 2008, 05:19 PM)
--- End quote ---
That's why one of my HDs is actually a disguised thermite charge.....the moment anyone tries to access using the magic word, ('dir'), it ignites and slags the whole computer :Thmbsup:
-4wd (July 20, 2008, 08:26 PM)
--- End quote ---
You haven't been into my main machine have you? At the moment I have two duff hard drives and a malfunctioning power supply :(
Navigation
[0] Message Index
[#] Next page
Go to full version