Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

a comment from Ed Felten (and me) A Method for Critical Data Theft - New York Times

From: David Farber <dave () farber net>
Date: Fri, 22 Feb 2008 09:57:35 -0500
BTW an interesting scenario is at Customs entering any country. Your laptop is seized ----- djf 



Begin forwarded message:

From: "Edward W. Felten" <felten () cs princeton edu>
Date: February 22, 2008 9:51:50 AM EST
To: "David Farber" <dave () farber net>
Subject: Re: [IP] Re: A Method for Critical Data Theft - New York Times

I think Lee Dryburgh is missing the point of our work.

The whole point of disk encryption products is to protect the data on
a laptop drive if the laptop is lost or stolen, that is, if physical
security is breached.  Our work shows that popular disk encryption
products fail to do what people think they do.  An adversary with
physical access to a laptop using disk encryption can (usually)
extract all the encrypted information from the disk.

As a meta-comment, be careful about anybody who debunks an idea based
on "a quick read".  Would it be too much trouble to actually read our
paper before pronouncing it pointless?

On Fri, Feb 22, 2008 at 9:37 AM, David Farber <dave () farber net> wrote:



Begin forwarded message:

From: David Farber <dave () farber net>
Date: February 22, 2008 9:18:57 AM EST
To: "ip" <ip () v2 listbox com>
Subject: [IP] Re:    A Method for Critical Data Theft - New York Times
Reply-To: dave () farber net




Begin forwarded message:

From: "Lee Dryburgh" <dryburghl () gmail com>
Date: February 22, 2008 8:59:59 AM EST
To: dave () farber net
Cc: ip <ip () v2 listbox com>
Subject: Re: [IP] A Method for Critical Data Theft - New York Times

This has been all over the news today. It seems another unwarranted
headline grabber (sorry to IP person whose work it is).
The first point of security of data is physical security and from the quick read you need to push somebody away from their laptop, quickly spray the machine with something to cool it down very quick, hope the person did not disable booting from external drives (which you should do if running disk. encr.), and quickly boot from an external drive. If you can do to all that effort - I'd recommend installing a key logger - simpler with better results 
;)

Interesting and worthwhile research though.

Regards

Lee

\ Emerging Comms Conference
/ March 12-14 - www.eCommMedia.com
\ Skype: leedyburgh

On 22/02/2008, David Farber <dave () farber net> wrote:




http://www.nytimes.com/2008/02/22/technology/22chip.html?hp


________________________________



Archives



________________________________

Archives




-------------------------------------------
Archives: http://www.listbox.com/member/archive/247/=now
RSS Feed: http://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com
Previous By Date Next
Previous By Thread Next

Current thread: