Security Basics mailing list archives
Re: Laptop - Full Disk Encryption? (Booting defeats FDE)
From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Wed, 24 Oct 2007 02:15:58 +0200
On 2007-10-23 Bill Stout wrote:
How to defeat full disk encryption: Boot up
Wow, you mean disk encryption won't protect from attack vectors it wasn't designed to protect from in the first place? Big surprise here. Not. [...]
For protection of data on the computer _after_ it's running, you may consider products that offer more granular file-level encryption like Credant Technologies or Information Security Corp. These products encrypt what's important (user files and temp files), but allow for standard support, backup and recovery practices.
For protection of data on the computer _after_ it's running, you have a kernel which implements and enforces access controls and privileges. Besides, how do those file-level encryption systems make sure every kind of temporary data an application may create on the disk is encrypted? How do they ensure no unencrypted user data is left after the encryption system is put in place? How do they handle paged data? How do they handle (read "ensure confidentiality of") the keys? Regards Ansgar Wiechers -- "All vulnerabilities deserve a public fear period prior to patches becoming available." --Jason Coombs on Bugtraq
Current thread:
- Re: Laptop - Full Disk Encryption? (Booting defeats FDE) Bill Stout (Oct 23)
- Re: Laptop - Full Disk Encryption? (Booting defeats FDE) Ansgar -59cobalt- Wiechers (Oct 24)
- Bootable flash/USB/thumb drive Bob Chekoudjian (Oct 24)
- Re: Bootable flash/USB/thumb drive Jeff Pickell (Oct 24)
- Re: Bootable flash/USB/thumb drive Bob Chekoudjian (Oct 24)
- Re: Bootable flash/USB/thumb drive frengo () anche no (Oct 24)
- RE: Bootable flash/USB/thumb drive Jairo Pantoja Moncayo (Oct 25)
- Bootable flash/USB/thumb drive Bob Chekoudjian (Oct 24)
- Re: Bootable flash/USB/thumb drive Ray Cantwell (Oct 24)
- RE: Bootable flash/USB/thumb drive William.Colson (Oct 24)
- RE: Bootable flash/USB/thumb drive Lee Hilt (Oct 24)
- Re: Bootable flash/USB/thumb drive Simon (Oct 25)
- Re: Laptop - Full Disk Encryption? (Booting defeats FDE) Ansgar -59cobalt- Wiechers (Oct 24)
- <Possible follow-ups>
- Re: Laptop - Full Disk Encryption? (Booting defeats FDE) fac51 (Oct 29)