|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Rory Wasserman (rwasserman
mxisecurity.com)
Date: Thu Feb 21 2008 - 15:34:09 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Roy,
I agree with what you are saying, however if a portable hardware device is
used for multifactor authentication and the key is stored in a secure place
on the device, off of the hard drive, then this type of attack would be
futile.
Rory Wasserman
-----Original Message-----
From: dataloss-bouncesattrition.org [mailto:dataloss-bouncesattrition.org]
On Behalf Of Roy M. Silvernail
Sent: February 21, 2008 4:17 PM
To: B.K. DeLong
Cc: security curmudgeon; datalossattrition.org
Subject: Re: [Dataloss] fringe: Researchers: Disk Encryption Not Secure
On Thu, Feb 21, 2008 at 04:03:41PM -0500, B.K. DeLong wrote:
> Well, if anything I think it makes a further case for using
> multifactor authentication in order to login to machines - a
> "something you have" piece.
That's the wrong threat model, though. The attack described is directly
against disk encryption. If the FDE key is exposed through a cold-RAM
skimming attack, there is no need to login to anything. The RAM is
skimmed, then the drive is imaged. Presto. Your data is toast.
This can be pulled off over a lunch break, and the only evidence would
be an unexpected reboot when the victim returns.
--
Roy M. Silvernail is royrant-central.com, and you're not
"A desperate disease requires a dangerous remedy."
- Guy Fawkes
http://www.rant-central.com
_______________________________________________
Dataloss Mailing List (datalossattrition.org)
http://attrition.org/dataloss
Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml
_______________________________________________
Dataloss Mailing List (datalossattrition.org)
http://attrition.org/dataloss
Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]