Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > NZ Computing > Cracking disk encryption

Reply
Thread Tools

Cracking disk encryption

 
 
Lawrence D'Oliveiro
Guest
Posts: n/a
 
      02-22-2008
Interesting new research <http://www.freedom-to-tinker.com/?p=1257> finds an
unsuspected weak spot in disk-encryption software.
 
Reply With Quote
 
 
 
 
peterwn
Guest
Posts: n/a
 
      02-22-2008
On Feb 22, 1:12 pm, Lawrence D'Oliveiro <l...@geek-
central.gen.new_zealand> wrote:
> Interesting new research <http://www.freedom-to-tinker.com/?p=1257> finds an
> unsuspected weak spot in disk-encryption software.


This would in practice require someone who is able to pounce on a
laptop that has not been switched for too long and who has appropriate
software on a 'pen' etc. If the user has password protected the BIOS
and prevented booting from other than the HD, then the villan would
need to rip out the DRAM card(s) and then plonk them into another
compatible computer. This is where freezing may be useful.

A OS writer could include a shutdown routine that purges memory just
prior to finally shutting down.
 
Reply With Quote
 
 
 
 
Murray Symon
Guest
Posts: n/a
 
      02-22-2008
peterwn wrote:

> On Feb 22, 1:12 pm, Lawrence D'Oliveiro <l...@geek-
> central.gen.new_zealand> wrote:
>> Interesting new research <http://www.freedom-to-tinker.com/?p=1257> finds
>> an unsuspected weak spot in disk-encryption software.

>
> This would in practice require someone who is able to pounce on a
> laptop that has not been switched for too long and who has appropriate
> software on a 'pen' etc. If the user has password protected the BIOS
> and prevented booting from other than the HD, then the villan would
> need to rip out the DRAM card(s) and then plonk them into another
> compatible computer. This is where freezing may be useful.
>
> A OS writer could include a shutdown routine that purges memory just
> prior to finally shutting down.


Not if you pull the plug out, or cut the wires.
 
Reply With Quote
 
peterwn
Guest
Posts: n/a
 
      02-22-2008
On Feb 22, 9:23 pm, Murray Symon
<(E-Mail Removed)> wrote:

>
> > A OS writer could include a shutdown routine that purges memory just
> > prior to finally shutting down.

>
> Not if you pull the plug out, or cut the wires.


Not relevant for a laptop - if a villan can grab a switched on laptop
then the villan has all the time in the world to recover RAM data. If
it is logged in and a password is not needed to for the screensaver,
then the villan can merely unload the user's data even if the disk is
encrypted.

If a desktop, cutting the lead may cause the Coroner to express some
surprise as peoples' stupidity (oops, coroners are not allowed to make
that sort of comment - it upsets rellies too much).
 
Reply With Quote
 
shane
Guest
Posts: n/a
 
      02-22-2008
peterwn did scribble:

> On Feb 22, 9:23 pm, Murray Symon
> <(E-Mail Removed)> wrote:
>
>>
>> > A OS writer could include a shutdown routine that purges memory just
>> > prior to finally shutting down.

>>
>> Not if you pull the plug out, or cut the wires.

>
> Not relevant for a laptop - if a villan can grab a switched on laptop
> then the villan has all the time in the world to recover RAM data. If
> it is logged in and a password is not needed to for the screensaver,
> then the villan can merely unload the user's data even if the disk is
> encrypted.
>


That assumes the villain gets or has the right power adapter before the battery
runs out.

> If a desktop, cutting the lead may cause the Coroner to express some
> surprise as peoples' stupidity (oops, coroners are not allowed to make
> that sort of comment - it upsets rellies too much).


Or, the power could be cut at the switchboard.
--
Hardware n: Parts of the computer you can kick
 
Reply With Quote
 
Murray Symon
Guest
Posts: n/a
 
      02-22-2008
peterwn wrote:

> On Feb 22, 9:23 pm, Murray Symon
> <(E-Mail Removed)> wrote:
>
>>
>> > A OS writer could include a shutdown routine that purges memory just
>> > prior to finally shutting down.

>>
>> Not if you pull the plug out, or cut the wires.

>
> Not relevant for a laptop - if a villan can grab a switched on laptop
> then the villan has all the time in the world to recover RAM data. If
> it is logged in and a password is not needed to for the screensaver,
> then the villan can merely unload the user's data even if the disk is
> encrypted.


> If a desktop, cutting the lead may cause the Coroner to express some
> surprise as peoples' stupidity (oops, coroners are not allowed to make
> that sort of comment - it upsets rellies too much).


I had the DC power supply leads in mind.

There is plenty of discussion on this at Bruce Schneier's blog.
Including yanking the RAM modules out while the PC is still running,
and then swapping them to another machine.
It goes to show that many assumptions (e.g. volatility of DRAM) can
be overturned, and that there is always a countermeasure for every
measure that can be added.

The principle involved here is the one concerning possession of the
physical device.

Murray.

 
Reply With Quote
 
Lawrence D'Oliveiro
Guest
Posts: n/a
 
      02-22-2008
In article
<(E-Mail Removed)>,
peterwn did write:

> On Feb 22, 9:23 pm, Murray Symon
> <(E-Mail Removed)> wrote:
>>
>>> A OS writer could include a shutdown routine that purges memory just
>>> prior to finally shutting down.

>>
>> Not if you pull the plug out, or cut the wires.

>
> Not relevant for a laptop - if a villan can grab a switched on laptop
> then the villan has all the time in the world to recover RAM data.


This <http://www.schneier.com/blog/archives/2008/02/hotplug_1.html> could
also be useful.
 
Reply With Quote
 
peterwn
Guest
Posts: n/a
 
      02-22-2008
On Feb 23, 10:02 am, Murray Symon
<(E-Mail Removed)> wrote:

>
> The principle involved here is the one concerning possession of the
> physical device.
>


The issue is one similar to lock picking. Most locks in general use
are vulnerable to picking and a skilled locksmith can open them in a
few minutes. Cylinder locks are also vulnerable to 'bumping'.
Nevertheless most people find them satisfafactory for day to day
security. If you are very concerned with your lock being picked a
locksmih can sell you a high security barrel with restricted keys for
perhaps $50 to $100 - Bilock and Medeco probably being the best.

Since most laptops are stolen in a 'cold' state disk encryption will
ensure they stay secure. Hence disk encryption will serve its purpose
in 99% of cases. A means of wiping DRAM on shutdown will help in some
of the remaining cases, but after that the user must take
responsibility to ensure it is shut down before leaving it in a car
etc. What precautions a user takes (or is required to take by an
employer) depends on the sensitivity of the information. A
compromised laptop could cost a firm millions or a political party an
election (National might have won the 2005 election if Don Brash's E-
mail system had not been compromised).
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Re: Brute Force Cracking Failed, No Vulnerable Blocks, DVD Decrypter Martino DVD Video 8 02-01-2006 10:09 PM
Cracking DES with C++ is faster than Java? Julie C++ 140 06-06-2004 05:03 AM
Re: Help needed on a bibliography of cracking LaDDL Computer Security 1 04-30-2004 06:41 PM
Re: Help needed on a bibliography of cracking Marek Luch Computer Security 0 04-30-2004 06:41 PM
Cracking Up AK Computer Support 11 11-11-2003 06:21 PM



Advertisments