[Dataloss] fringe: Researchers: Disk Encryption Not Secure
security curmudgeon
jericho at attrition.org
Thu Feb 21 20:48:47 UTC 2008
[Companies who suffer a data loss incident, take note. Not only is the
"password" to the operating system worthless, now the encrypted drives
that we never see used are too. =) -jericho]
http://blog.wired.com/27bstroke6/2008/02/researchers-dis.html
Researchers: Disk Encryption Not Secure
By Kim Zetter February 21, 2008 | 12:13:48 PM
Researchers with Princeton University and the Electronic Frontier
Foundation have found a flaw that renders disk encryption systems useless
if an intruder has physical access to your computer -- say in the case of
a stolen laptop or when a computer is left unattended on a desktop in
sleep mode or while displaying a password prompt screen.
The attack takes only a few minutes to conduct and uses the disk
encryption key that's stored in the computer's RAM.
The attack works because content as well as encryption keys stored in RAM
linger in the system, even after the machine is powered off, enabling an
attacker to use the key to collect any content still in RAM after
reapplying power to the machine.
"We've broken disk encryption products in exactly the case when they seem
to be most important these days: laptops that contain sensitive corporate
data or personal information about business customers," said J. Alex
Halderman, one of the researchers, in a press release. "Unlike many
security problems, this isn't a minor flaw; it is a fundamental limitation
in the way these systems were designed."
[..]
More information about the Dataloss
mailing list