Security Flaw in Popular Disk Encryption Technologies
Bill Moran
wmoran at collaborativefusion.com
Mon Feb 25 14:52:06 UTC 2008
In response to "Igor Mozolevsky" <igor at hybrid-lab.co.uk>:
> On 24/02/2008, Bill Moran <wmoran at collaborativefusion.com> wrote:
> > "Igor Mozolevsky" <igor at hybrid-lab.co.uk> wrote:
[snip]
> > Fact is, data is "sensitive" to different degrees. It's also valuable
> > to different degrees.
> >
> > If you're worried about your personal financial information on your
> > laptop being stolen, then modern disk encryption is fine. But, if you've
> > got a mobile device with the sensitive information from 1000s of people
> > on it, the stakes are different. That device is liable to be the target
> > of an attack specifically to get the _data_.
> >
> > You're correct in 90% of the cases, but there's still the 10% that some
> > of us need to consider.
>
> Crypto is merely a way of obfuscating data, and we all know the truth
> about security by obscurity, right?
I don't think you correctly understand the concept of "security through
obscurity" ... as crypto is _not_ an example of that.
> Why would you have sensitive data
> on a laptop that anyone could potentially snatch out of your hand???
> If it's sensitive enough to be paranoid, it should never leave the
> site!
That's like saying, "Why would you ever drive a car on the freeway when
you know how many people are killed in auto accidents every day."
The answer is, "because you must."
> There are better ways to protect data than simple disk encryption, *if
> you really have to* to take it offsite on a laptop.
Name 3.
> There's only one
> thing disk crypto is useful for - swap encryption, I'd not use
> straight crypto for anything else...
Again, I find you opinions odd, and possibly misinformed.
> But again, how many of us here
> actually use S/Key for remote logins?..
S/Key isn't the magical solution to all security.
> > The fact is that the attack is not difficult, and it's not a matter of
> > whether or not someone _can_ bypass your disk encryption, it's more a
> > matter of whether or not they actually care enough to bother, or whether
> > the $$$ they can get for the stolen hardware alone will satisfy them.
> > Each user/organization really needs to evaluate this information with
> > regards to their own situation, but it's important to understand the
> > details of the risk when making such a decision.
>
> It's not a "not difficult" attack - someone has to get hold of your
> laptop first!
Given.
> Then there's things like BIOS passwords,
How does a BIOS password protect RAM from being removed?
> restricting
> boot partitions, and if you don't want memory covers to be unscrewed
> (or your laptop case as a whole, for that matter) you can always use a
> bit of loctite!
Sure, the old "superglue in the USB port" trick. I'm sure HW manufacturers
love it when they see that ... warranty out the door! But in this case,
if the attacker is after the data, breaking the RAM door to get it open
isn't a very big deal, now is it?
> As the saying goes, those who think that crypto is the solution to
> their problem, don't crypto nor the problem...
Not sure I understand what you mean by that, but your flippant dismissal
of strong cryptography is not justified by any facts I've ever seen.
--
Bill Moran
Collaborative Fusion Inc.
http://people.collaborativefusion.com/~wmoran/
wmoran at collaborativefusion.com
Phone: 412-422-3463x4023
More information about the freebsd-hackers
mailing list