How secure is your FDE solution?

View Poll Results: Will we see technology that utilizes this capability outside of Academia

Voters
2. You may not vote on this poll
  • Definitely

    2 100.00%
  • Not a Chance

    0 0%
  • Who Cares?

    0 0%
Results 1 to 10 of 10

Thread: How secure is your FDE solution?

  1. #1
    Member tin.roof.rabbit's Avatar
    Join Date
    Apr 2006
    Posts
    63

    How secure is your FDE solution?

    From a University of Princeton study? Not very.

    We use cold reboots to mount attacks on popular disk encryption systems — BitLocker, FileVault, dm-crypt, and TrueCrypt — using no special devices or materials. We experimentally characterize the extent and predictability of memory remanence and report that remanence times can be increased dramatically with simple techniques.
    http://citp.princeton.edu/memory/

    Full story sent to me is below.
    http://www.networkworld.com/news/200...n-cracked.html

    Just food for thought for those of us regulated by HIPPA, FERPA, or other government privacy laws that may require the use of a Full Disk Encryption solution.


    Ciao
    Human beings, who are almost unique in having the ability to learn from the experience of others, are also remarkable for their apparent disinclination to do so. - Douglas Adams

  2. #2
    Senior Member
    Join Date
    Oct 2003
    Location
    MA
    Posts
    1,053
    Well a lot of notebooks have FDE they just need to incorporate those technologies into all types of motherboards.

  3. #3
    Senior Member phernandez's Avatar
    Join Date
    Aug 2003
    Location
    NYC
    Posts
    246
    Beat me to it. Caught the story at Wired Blogs and it is scary indeed. Keep an eye on those laptops!

  4. #4
    Super Moderator
    Know-it-All Master Beaver

    Join Date
    Jan 2003
    Posts
    3,914

    How secure is your FDE solution?

    I was really uncertain of where I wanted to post this, but this is probably the best forum.

    Source: http://www.heise-online.co.uk/securi...--/news/110174
    Scientists at Princeton University have demonstrated how encryption keys can be retrieved from memory if the attacker has physical access to a computer which is switched on or in standby, by making use of a well known phenomenon – the relatively slow decay of DRAM data when power is removed.
    This is rather interesting. While right now it's purely academic in application. I wonder if we'll see the development of a technology that applies this. As this could have significant uses in forensics. Beyond the obvious forensic gain, there is the negative... the encryption is essentially useless if this is every applied outside of the academic world.

    Think about what this means to companies with encrypted laptops... It could potentially give industrial espionage a whole new twist. It also makes it more dangerous to openly travel with sensitive information, even if encrypted, on your laptop.

    In the end though... my poll question really sums it up... Will we ever see this applied? Beyond that questions that people may want to take a stab at:
    Do we need to see this applied?
    Does it actually have practical application?
    Will hardware be modified to somehow prevent this?
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  5. #5
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    How people treat you is their karma- how you react is yours-Wayne Dyer

  6. #6
    Super Moderator
    Know-it-All Master Beaver

    Join Date
    Jan 2003
    Posts
    3,914
    Quote Originally Posted by morganlefay
    That's for pointing it out... threads are merged.
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  7. #7
    Senior Member
    Join Date
    Oct 2003
    Location
    MA
    Posts
    1,053
    I will answer " Will hardware be modified to somehow prevent this?" With hopefully. It would be great to see really.

  8. #8
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Hmmmm,

    Peter Gutmann published on this about 10 years ago. He was looking at the pure remnance phenomenon rather than encryption, but the principles were the same.

    It all boils down to physical security. I must say that I find it a little far-fetched that a thief would be able to access the computer within the time frame suggested.


    The most practical solution to the problem of DRAM data retention is therefore to constantly flip the bits in memory to ensure that a memory cell never holds a charge long enough for it to be "remembered". While not practical for general use, it is possible to do this for small amounts of very sensitive data such as encryption keys. This is particularly advisable where keys are stored in the same memory location for long periods of time and control access to large amounts of information, such as keys used for transparent encryption of files on disk drives. The bit-flipping also has the convenient side-effect of keeping the page containing the encryption keys at the top of the queue maintained by the system's paging mechanism, greatly reducing the chances of it being paged to disk at some point.
    Last edited by nihil; February 24th, 2008 at 02:35 PM.
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  9. #9
    Senior Member
    Join Date
    Feb 2002
    Posts
    500
    I was just about to post something, but it kind of relates to this thread, so...

    How secure is a solution like Symantec endpoint encryption? Aside from reading the dram, are there easy ways to bypass a product like this (before lockout, after lockout, etc)? We use it at my work, and man, what a headache it causes! Always breaking causing users to have to ship us the laptops to fix, slows down the machines to all hell, etc. Wondering if its worth all this hassle or if its just for show?

    Just noticed how old this thread was, active section huh?
    Last edited by cross; May 4th, 2011 at 11:12 PM.
    Ron Paul: Hope for America
    http://www.ronpaul2008.com/

  10. #10
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Hi cross,

    How secure is a solution like Symantec endpoint encryption?
    A lot more secure than not having one, as you force an attacker to have to deal with another obstacle.

    I usually look on these solutions as being mainly aimed at laptops or home installations, where there is generally a greater potential security risk of loss or theft.

    If I got a stolen machine with an encrypted drive I would either wipe it or replace it, so the security would have done its job.

    Please remember that a lot of security (AV for example) is mostly a CYA exercise for IT. They have it so that they can demonstrate that they have shown "due diligence".

    In your case I would have thought that the question should be whether the product you are using is the most cost effective, and plays nicely with the rest of your systems and applications?

    There are a variety of products on the market that do pretty much the same thing, so perhaps it is time to look around if you are having problems?

    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

Similar Threads

  1. An Introduction to Cryptography, and Common Electronic Cryptosystems – Part I
    By 576869746568617 in forum Cryptography, Steganography, etc.
    Replies: 1
    Last Post: July 10th, 2006, 11:38 PM
  2. Encryption Algorithms - Basics
    By kruptos in forum The Security Tutorials Forum
    Replies: 0
    Last Post: January 29th, 2005, 01:01 AM
  3. Date Encryption
    By CyberSpyder in forum AntiOnline's General Chit Chat
    Replies: 0
    Last Post: March 25th, 2003, 09:31 AM
  4. How To: Crack a File
    By SpydaByte in forum AntiOnline's General Chit Chat
    Replies: 1
    Last Post: January 20th, 2003, 10:55 PM
  5. Basic Encryption
    By Ennis in forum The Security Tutorials Forum
    Replies: 5
    Last Post: July 5th, 2002, 10:08 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •