Security Flaw in Popular Disk Encryption Technologies

Igor Mozolevsky igor at hybrid-lab.co.uk
Mon Feb 25 11:24:02 UTC 2008 

On 24/02/2008, Bill Moran <wmoran at collaborativefusion.com> wrote:
> "Igor Mozolevsky" <igor at hybrid-lab.co.uk> wrote:

[snip]

>  > IMO the possibility of such attack is so remote that it doesn't really
>  > warrant any special attention, it's just something that should be kept
>  > in mind when writing "secure" crypto stuff...
>
>
> Then you're not using this to protect data of a particular sensitive
>  nature, or you're being a fool.

Not at all!

>  Fact is, data is "sensitive" to different degrees.  It's also valuable
>  to different degrees.
>
>  If you're worried about your personal financial information on your
>  laptop being stolen, then modern disk encryption is fine.  But, if you've
>  got a mobile device with the sensitive information from 1000s of people
>  on it, the stakes are different.  That device is liable to be the target
>  of an attack specifically to get the _data_.
>
>  You're correct in 90% of the cases, but there's still the 10% that some
>  of us need to consider.

Crypto is merely a way of obfuscating data, and we all know the truth
about security by obscurity, right? Why would you have sensitive data
on a laptop that anyone could potentially snatch out of your hand???
If it's sensitive enough to be paranoid, it should never leave the
site!

There are better ways to protect data than simple disk encryption, *if
you really have to* to take it offsite on a laptop. There's only one
thing disk crypto is useful for - swap encryption, I'd not use
straight crypto for anything else... But again, how many of us here
actually use S/Key for remote logins?..

>  The fact is that the attack is not difficult, and it's not a matter of
>  whether or not someone _can_ bypass your disk encryption, it's more a
>  matter of whether or not they actually care enough to bother, or whether
>  the $$$ they can get for the stolen hardware alone will satisfy them.
>  Each user/organization really needs to evaluate this information with
>  regards to their own situation, but it's important to understand the
>  details of the risk when making such a decision.

It's not a "not difficult" attack - someone has to get hold of your
laptop first! Then there's things like BIOS passwords, restricting
boot partitions, and if you don't want memory covers to be unscrewed
(or your laptop case as a whole, for that matter) you can always use a
bit of loctite!

As the saying goes, those who think that crypto is the solution to
their problem, don't crypto nor the problem...


Igor :-)

More information about the freebsd-hackers mailing list