ALERT: Disk encryption may not be secure enough

Posted: 02-22-2008, 02:39 PM
You may have already heard about or read about this story. If so, this is
not for you.

For those people in positions where privacy can mean the life or death of a
career or even a person, listen up......

"Computer scientists have discovered a novel way to bypass the encryption
used in programs like Microsoft's BitLocker and Apple's FileVault and then
view the contents of supposedly secure files.

In a paper (PDF) published Thursday that could prompt a rethinking of how to
protect sensitive data, the researchers describe how they can extract the
contents of a computer's memory and discover the secret encryption key used
to scramble files. (I tested these claims by giving them a MacBook with
FileVault; here's a slideshow.)

"There seems to be no easy remedy for these vulnerabilities," the
researchers say. "Simple software changes are likely to be ineffective;
hardware changes are possible but will require time and expense; and today's
Trusted Computing technologies appear to be of little help because they
cannot protect keys that are already in memory. The risk seems highest for
laptops, which are often taken out in public in states that are vulnerable
to our attacks. These risks imply that disk encryption on laptops may do
less good than widely believed." "

Read the entire article at
http://www.news.com/8301-13578_3-9876060-38.html?tag=tb or view the video
straight from Princeton at http://citp.princeton.edu/memory/.

jim


ALERT: Disk encryption may not be secure enough


Responses to "ALERT: Disk encryption may not be secure enough"

Mostly Gizzards
Guest
Posts: n/a
 
Re: ALERT: Disk encryption may not be secure enough
Posted: 02-22-2008, 05:00 PM
The sky is falling!

"jim" <jim@home.net> wrote in message
news:G8Bvj.106956$L%6.17232@bignews3.bellsouth.net ...
> You may have already heard about or read about this story. If so, this is
> not for you.
>
> For those people in positions where privacy can mean the life or death of
> a career or even a person, listen up......
>
> "Computer scientists have discovered a novel way to bypass the encryption
> used in programs like Microsoft's BitLocker and Apple's FileVault and then
> view the contents of supposedly secure files.
>
> In a paper (PDF) published Thursday that could prompt a rethinking of how
> to protect sensitive data, the researchers describe how they can extract
> the contents of a computer's memory and discover the secret encryption key
> used to scramble files. (I tested these claims by giving them a MacBook
> with FileVault; here's a slideshow.)
>
> "There seems to be no easy remedy for these vulnerabilities," the
> researchers say. "Simple software changes are likely to be ineffective;
> hardware changes are possible but will require time and expense; and
> today's Trusted Computing technologies appear to be of little help because
> they cannot protect keys that are already in memory. The risk seems
> highest for laptops, which are often taken out in public in states that
> are vulnerable to our attacks. These risks imply that disk encryption on
> laptops may do less good than widely believed." "
>
> Read the entire article at
> http://www.news.com/8301-13578_3-9876060-38.html?tag=tb or view the video
> straight from Princeton at http://citp.princeton.edu/memory/.
>
> jim
>
Richard G. Harper
Guest
Posts: n/a
 
Re: ALERT: Disk encryption may not be secure enough
Posted: 02-22-2008, 09:44 PM
I always, ALWAYS carry a can of compressed air upside down in my pocket just
so I can super cool the memory chips from a PC and steal the data resident
on them. This just goes back to probably the second oldest security rule
there is - "If you don't physically secure your computer, it is no longer
your computer." The oldest, of course, being "If you let someone else run
code on your computer, it is no longer your computer."

--
Richard G. Harper [MVP Shell/User] rgharper@gmail.com
* NEW! Catch my blog ... http://msmvps.com/blogs/rgharper/
* PLEASE post all messages and replies in the newsgroups
* The Website - http://rgharper.mvps.org/


"jim" <jim@home.net> wrote in message
news:G8Bvj.106956$L%6.17232@bignews3.bellsouth.net ...
> You may have already heard about or read about this story. If so, this is
> not for you.
>
> For those people in positions where privacy can mean the life or death of
> a career or even a person, listen up......
>
> "Computer scientists have discovered a novel way to bypass the encryption
> used in programs like Microsoft's BitLocker and Apple's FileVault and then
> view the contents of supposedly secure files.
>
> In a paper (PDF) published Thursday that could prompt a rethinking of how
> to protect sensitive data, the researchers describe how they can extract
> the contents of a computer's memory and discover the secret encryption key
> used to scramble files. (I tested these claims by giving them a MacBook
> with FileVault; here's a slideshow.)
>
> "There seems to be no easy remedy for these vulnerabilities," the
> researchers say. "Simple software changes are likely to be ineffective;
> hardware changes are possible but will require time and expense; and
> today's Trusted Computing technologies appear to be of little help because
> they cannot protect keys that are already in memory. The risk seems
> highest for laptops, which are often taken out in public in states that
> are vulnerable to our attacks. These risks imply that disk encryption on
> laptops may do less good than widely believed." "
>
> Read the entire article at
> http://www.news.com/8301-13578_3-9876060-38.html?tag=tb or view the video
> straight from Princeton at http://citp.princeton.edu/memory/.
>
> jim
>
C.B.
Guest
Posts: n/a
 
Re: ALERT: Disk encryption may not be secure enough
Posted: 02-22-2008, 09:58 PM


"jim" <jim@home.net> wrote in message
news:G8Bvj.106956$L%6.17232@bignews3.bellsouth.net ...
> You may have already heard about or read about this story. If so, this is
> not for you.
>
> For those people in positions where privacy can mean the life or death of
> a career or even a person, listen up......
>
> "Computer scientists have discovered a novel way to bypass the encryption
> used in programs like Microsoft's BitLocker and Apple's FileVault and then
> view the contents of supposedly secure files.
>
> In a paper (PDF) published Thursday that could prompt a rethinking of how
> to protect sensitive data, the researchers describe how they can extract
> the contents of a computer's memory and discover the secret encryption key
> used to scramble files. (I tested these claims by giving them a MacBook
> with FileVault; here's a slideshow.)
>
> "There seems to be no easy remedy for these vulnerabilities," the
> researchers say. "Simple software changes are likely to be ineffective;
> hardware changes are possible but will require time and expense; and
> today's Trusted Computing technologies appear to be of little help because
> they cannot protect keys that are already in memory. The risk seems
> highest for laptops, which are often taken out in public in states that
> are vulnerable to our attacks. These risks imply that disk encryption on
> laptops may do less good than widely believed." "
>
> Read the entire article at
> http://www.news.com/8301-13578_3-9876060-38.html?tag=tb or view the video
> straight from Princeton at http://citp.princeton.edu/memory/.
>
> jim
>
Jim,

If you write an application to lock down or encrypt your system it is
only a matter of time before someone writes an application to unlock or
unencrypt it. Nothing new. It's the same old cat and mouse game. It will
never stop. I would imagine Microsoft has already provided a back door for
law enforcement agencies anyway.
However, I still choose to encrypt my system in the event an average
Joe decides to steal my computer. I don't worry about it as I have no child
porn or incriminating evidence of any kind on my computers. I am not
suggesting or insinuating that you do so don't respond accordingly.
Government intelligence agencies and military intelligence agencies
will probably be able see everything they wish if they confiscate a
computer. Then again, there is always the extremely intelligent 12 year old
gamer or whizkid who is capable of much more than you could ever realize,
sometimes much more intelligent than the best of the intelligence agents.
1984 has come and gone but will never cease to exist.

C.B.


--
It is the responsibility and duty of everyone to help the underprivileged
and less fortunate among us.

Paul Adare
Guest
Posts: n/a
 
Re: ALERT: Disk encryption may not be secure enough
Posted: 02-22-2008, 10:01 PM
On Fri, 22 Feb 2008 16:44:13 -0500, Richard G. Harper wrote:
> I always, ALWAYS carry a can of compressed air upside down in my pocket just
> so I can super cool the memory chips from a PC and steal the data resident
> on them. This just goes back to probably the second oldest security rule
> there is - "If you don't physically secure your computer, it is no longer
> your computer." The oldest, of course, being "If you let someone else run
> code on your computer, it is no longer your computer."
You've missed the point here, which is that most full disk encryption
utilities, Bitlocker included, advertise as one of their benefits, the
ability to protect confidential data in the event your computer is stolen.

With BDE at least, if you use a TPM with a PIN or a USB device with a PIN
and either power off or hibernate your computer, the attack is mitigated.
--
Paul Adare
MVP - Virtual Machines
http://www.identit.ca
The generation of random numbers is too important to be left to chance.
Mostly Gizzards
Guest
Posts: n/a
 
Re: ALERT: Disk encryption may not be secure enough
Posted: 02-22-2008, 11:23 PM
Memo to users:

Never leave your computer unattended while powered on or in Standby Mode.
If you feel the need to leave your computer on a random park bench, please
ensure that you watch it closely for at least 60 seconds to ensure the
contents of the DRAM have decayed adequately to ensure someone cannot
possibly extract your encryption keys. At that point in time, feel free to
leave the area and frolic about in a carefree fashion - your data is safe.

MG

"Paul Adare" <pkadare@gmail.com> wrote in message
news:18prn5yu3ujqv.1bfvlan32fagt$.dlg@40tude.net.. .
> On Fri, 22 Feb 2008 16:44:13 -0500, Richard G. Harper wrote:
>
>> I always, ALWAYS carry a can of compressed air upside down in my pocket
>> just
>> so I can super cool the memory chips from a PC and steal the data
>> resident
>> on them. This just goes back to probably the second oldest security rule
>> there is - "If you don't physically secure your computer, it is no longer
>> your computer." The oldest, of course, being "If you let someone else
>> run
>> code on your computer, it is no longer your computer."
>
> You've missed the point here, which is that most full disk encryption
> utilities, Bitlocker included, advertise as one of their benefits, the
> ability to protect confidential data in the event your computer is stolen.
>
> With BDE at least, if you use a TPM with a PIN or a USB device with a PIN
> and either power off or hibernate your computer, the attack is mitigated.
> --
> Paul Adare
> MVP - Virtual Machines
> http://www.identit.ca
> The generation of random numbers is too important to be left to chance.
 
LinkBack Thread Tools Display Modes
 


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Forum Jump


Similar Threads
Thread Thread Starter Forum Replies Last Post
Disk Encryption Recommendations for Vista Home Premium - NO TPM Bios Blake Mengotto Windows Vista Security 1 01-10-2008 06:00 PM
secure and non secure items message tim Windows Vista Security 3 07-21-2007 02:12 PM
Hard disk Encryption Shalini Windows XP Device Drivers 7 02-17-2004 09:56 AM
See update - VIRUS ALERT - VIRUS ALERT - W32.Swen.A@mm Worm - VIRUS ALERT - VIRUS ALERT - VIRUS ALERT - VIRUS ALERT nemo Windows XP Photos 0 10-12-2003 12:29 PM
See update - VIRUS ALERT - VIRUS ALERT - W32.Swen.A@mm Worm - VIRUS ALERT - VIRUS ALERT - VIRUS ALERT - VIRUS ALERT nemo Windows XP Printers / Scanners / Fax 0 10-12-2003 12:29 PM