[Dataloss] fringe: Researchers: Disk Encryption Not Secure
Roy M. Silvernail
roy at rant-central.com
Thu Feb 21 21:17:23 UTC 2008
On Thu, Feb 21, 2008 at 04:03:41PM -0500, B.K. DeLong wrote:
> Well, if anything I think it makes a further case for using
> multifactor authentication in order to login to machines - a
> "something you have" piece.
That's the wrong threat model, though. The attack described is directly
against disk encryption. If the FDE key is exposed through a cold-RAM
skimming attack, there is no need to login to anything. The RAM is
skimmed, then the drive is imaged. Presto. Your data is toast.
This can be pulled off over a lunch break, and the only evidence would
be an unexpected reboot when the victim returns.
--
Roy M. Silvernail is roy at rant-central.com, and you're not
"A desperate disease requires a dangerous remedy."
- Guy Fawkes
http://www.rant-central.com
More information about the Dataloss
mailing list