BreachExchange mailing list archives
Re: fringe: Researchers: Disk Encryption Not Secure
From: "Rory Wasserman" <rwasserman () mxisecurity com>
Date: Thu, 21 Feb 2008 16:34:09 -0500
Roy, I agree with what you are saying, however if a portable hardware device is used for multifactor authentication and the key is stored in a secure place on the device, off of the hard drive, then this type of attack would be futile. Rory Wasserman -----Original Message----- From: dataloss-bounces () attrition org [mailto:dataloss-bounces () attrition org] On Behalf Of Roy M. Silvernail Sent: February 21, 2008 4:17 PM To: B.K. DeLong Cc: security curmudgeon; dataloss () attrition org Subject: Re: [Dataloss] fringe: Researchers: Disk Encryption Not Secure On Thu, Feb 21, 2008 at 04:03:41PM -0500, B.K. DeLong wrote:
Well, if anything I think it makes a further case for using multifactor authentication in order to login to machines - a "something you have" piece.
That's the wrong threat model, though. The attack described is directly against disk encryption. If the FDE key is exposed through a cold-RAM skimming attack, there is no need to login to anything. The RAM is skimmed, then the drive is imaged. Presto. Your data is toast. This can be pulled off over a lunch break, and the only evidence would be an unexpected reboot when the victim returns. -- Roy M. Silvernail is roy () rant-central com, and you're not "A desperate disease requires a dangerous remedy." - Guy Fawkes http://www.rant-central.com _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tenable Network Security offers data leakage and compliance monitoring solutions for large and small networks. Scan your network and monitor your traffic to find the data needing protection before it leaks out! http://www.tenablesecurity.com/products/compliance.shtml _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tenable Network Security offers data leakage and compliance monitoring solutions for large and small networks. Scan your network and monitor your traffic to find the data needing protection before it leaks out! http://www.tenablesecurity.com/products/compliance.shtml
Current thread:
- fringe: Researchers: Disk Encryption Not Secure security curmudgeon (Feb 21)
- Re: fringe: Researchers: Disk Encryption Not Secure B.K. DeLong (Feb 21)
- Re: fringe: Researchers: Disk Encryption Not Secure Roy M. Silvernail (Feb 21)
- Re: fringe: Researchers: Disk Encryption Not Secure Rory Wasserman (Feb 21)
- Re: fringe: Researchers: Disk Encryption Not Secure B.K. DeLong (Feb 21)
- Re: fringe: Researchers: Disk Encryption Not Secure Roy M. Silvernail (Feb 21)
- Re: fringe: Researchers: Disk Encryption Not Secure Evan Francen (Feb 22)
- Re: fringe: Researchers: Disk Encryption Not Secure Friedlander, Gary S (Feb 22)
- Re: fringe: Researchers: Disk Encryption Not Secure Paul Stevens (Feb 22)
- Re: fringe: Researchers: Disk Encryption Not Secure Chris Walsh (Mar 06)
- Re: fringe: Researchers: Disk Encryption Not Secure Roy M. Silvernail (Feb 21)
- Re: fringe: Researchers: Disk Encryption Not Secure B.K. DeLong (Feb 21)