|
 |  |  |  |  |  |  |
| Welcome to Windows Vista Forums. Our forum is dedicated to helping you find solutions with any problems, errors or issues you are experiencing with Windows Vista. The Vista forum also covers news and updates and has an extensive Windows Vista tutorial section that covers a wide range of tips and tricks. |
| |||||||
 |
| |
02-22-2008
| #1 (permalink) |
| | Re: ALERT: Disk encryption may not be secure enough I always, ALWAYS carry a can of compressed air upside down in my pocket just so I can super cool the memory chips from a PC and steal the data resident on them. This just goes back to probably the second oldest security rule there is - "If you don't physically secure your computer, it is no longer your computer." The oldest, of course, being "If you let someone else run code on your computer, it is no longer your computer." -- Richard G. Harper [MVP Shell/User] rgharper@xxxxxx * NEW! Catch my blog ... http://msmvps.com/blogs/rgharper/ * PLEASE post all messages and replies in the newsgroups * The Website - http://rgharper.mvps.org/ "jim" <jim@xxxxxx> wrote in message news:G8Bvj.106956$L%6.17232@xxxxxx Quote: > You may have already heard about or read about this story. If so, this is > not for you. > > For those people in positions where privacy can mean the life or death of > a career or even a person, listen up...... > > "Computer scientists have discovered a novel way to bypass the encryption > used in programs like Microsoft's BitLocker and Apple's FileVault and then > view the contents of supposedly secure files. > > In a paper (PDF) published Thursday that could prompt a rethinking of how > to protect sensitive data, the researchers describe how they can extract > the contents of a computer's memory and discover the secret encryption key > used to scramble files. (I tested these claims by giving them a MacBook > with FileVault; here's a slideshow.) > > "There seems to be no easy remedy for these vulnerabilities," the > researchers say. "Simple software changes are likely to be ineffective; > hardware changes are possible but will require time and expense; and > today's Trusted Computing technologies appear to be of little help because > they cannot protect keys that are already in memory. The risk seems > highest for laptops, which are often taken out in public in states that > are vulnerable to our attacks. These risks imply that disk encryption on > laptops may do less good than widely believed." " > > Read the entire article at > http://www.news.com/8301-13578_3-9876060-38.html?tag=tb or view the video > straight from Princeton at http://citp.princeton.edu/memory/. > > jim > |
My System Specs |
|
02-22-2008
| #2 (permalink) |
| | Re: ALERT: Disk encryption may not be secure enough On Fri, 22 Feb 2008 16:44:13 -0500, Richard G. Harper wrote: Quote: > I always, ALWAYS carry a can of compressed air upside down in my pocket just > so I can super cool the memory chips from a PC and steal the data resident > on them. This just goes back to probably the second oldest security rule > there is - "If you don't physically secure your computer, it is no longer > your computer." The oldest, of course, being "If you let someone else run > code on your computer, it is no longer your computer." utilities, Bitlocker included, advertise as one of their benefits, the ability to protect confidential data in the event your computer is stolen. With BDE at least, if you use a TPM with a PIN or a USB device with a PIN and either power off or hibernate your computer, the attack is mitigated. -- Paul Adare MVP - Virtual Machines http://www.identit.ca The generation of random numbers is too important to be left to chance. |
| My System Specs |
|
02-22-2008
| #3 (permalink) |
| | Re: ALERT: Disk encryption may not be secure enough Memo to users: Never leave your computer unattended while powered on or in Standby Mode. If you feel the need to leave your computer on a random park bench, please ensure that you watch it closely for at least 60 seconds to ensure the contents of the DRAM have decayed adequately to ensure someone cannot possibly extract your encryption keys. At that point in time, feel free to leave the area and frolic about in a carefree fashion - your data is safe. MG "Paul Adare" <pkadare@xxxxxx> wrote in message news:18prn5yu3ujqv.1bfvlan32fagt$.dlg@xxxxxx Quote: > On Fri, 22 Feb 2008 16:44:13 -0500, Richard G. Harper wrote: > Quote: >> I always, ALWAYS carry a can of compressed air upside down in my pocket >> just >> so I can super cool the memory chips from a PC and steal the data >> resident >> on them. This just goes back to probably the second oldest security rule >> there is - "If you don't physically secure your computer, it is no longer >> your computer." The oldest, of course, being "If you let someone else >> run >> code on your computer, it is no longer your computer." > You've missed the point here, which is that most full disk encryption > utilities, Bitlocker included, advertise as one of their benefits, the > ability to protect confidential data in the event your computer is stolen. > > With BDE at least, if you use a TPM with a PIN or a USB device with a PIN > and either power off or hibernate your computer, the attack is mitigated. > -- > Paul Adare > MVP - Virtual Machines > http://www.identit.ca > The generation of random numbers is too important to be left to chance. |
| My System Specs |
|
| Thread Tools | |
| |
Similar Threads | ||||
| Thread | Forum | |||
| Vista 64 Disk encryption? | Vista security | |||
| Re: ALERT: Disk encryption may not be secure enough | Vista General | |||
| Re: ALERT: Disk encryption may not be secure enough | Vista security | |||
| Disk Encryption recommendations | Vista General | |||
| Encryption using secure key | PowerShell | |||
