# New way to break disk encryption



## jfschultz (Feb 22, 2008)

A way to break disk encription works on PC's and Mac's.


----------



## VictorBravo (Feb 22, 2008)

jfschultz said:


> A way to break disk encription works on PC's and Mac's.



Well that's nice to know. Reaffirms my decision to ecrypt my old hard drives with a sledgehammer. 

It is a good reminder to shut down when not in use. Maybe a bit inconvenient, but good practice.


----------



## larryjf (Feb 22, 2008)

That's ok...when quantum computing is fully developed most current methodologies of cryptography will be useless anyway...except for the advances being made in quantum cryptography.


----------



## larryjf (Feb 22, 2008)

I believe "Loop AES" encryption uses key scrubbing and such to counteract this kind of attack.

I wonder if any encryption systems use SRAM instead of DRAM.


----------



## Civbert (Feb 22, 2008)

Once someone has your machine - they own it. It's just a matter of time. This only demonstrates that there are tools now that make it even easier and faster to crack your PC, even if your encrypt your your files. 

If you merely have password protection, there are other tools that look for your encrypted password on your drive. This is a "known" location. Then they use cracking programs, some use"rainbow tables" and even some web based tools, that can break most passwords in a matter of hours - or at most a couple days. 

However, if you encrypt a whole drive or directory, it isn't enough to crack the user password. That will only get access to the OS and any un-encrypt files. But with this method, they get your encryption key right out of your RAM. And they don't even need your user password first! Brilliant! 

This will save the cracker hours and days of work. I'm really impressed on how easy their method is. However, the cracker needs to grab your machine while it's still hot, and work fast. And it seems that an easy solution would be to over-write the ram with random bits at shut down. I'd think this would be easy to do by software, and even better would be ram that does this automatically.

But the trend now is to make your ram more permanent so you PC will always stay semi-booted - with much of the OS permanently loaded. This will produce "instant-on" PCs. No more waiting for your PC to boot up. But it sounds like this will leave you even more vulnerable to this kind of attack. Someone could get your PC hours or days after you shut down, and steal vital information from it. Hmmm. 

So just remember this rule, if someone steals your computer, they "own" it. Don't count on a user password to protect your PC if it's stolen. Disk encryption is still the best way to protect your data. Now you just need to find a what to wipe the ram when you shut down.


----------



## VictorBravo (Feb 22, 2008)

Civbert said:


> Now you just need to find a what to wipe the ram when you shut down.



You suppose taking out the RAM and wiping it real fast with a piece of staticy wool will do it? 

I'm only half joking.


----------



## Coram Deo (Feb 22, 2008)

Run your OS and Store all your Files from a Thumb Drive....

They can get your computer if they want but they can get no information or data but only an empty shell without having the thumb drive....


----------



## gene_mingo (Feb 22, 2008)

I feel like i walked into a ultra secret spy site. Most computer user won't ever have anything worth breaking into a home or office with a can of liquid nitrogen, tear apart your computer, freeze your ram.. all within minutes of you walking out the door. Generally speaking if they have physical access to your computer it would be sooo much easier to put a keystroke logger on it an have it email you the results (you could use a usb flashdrive with a small OS on it as well), rather than perform some kind of mission impossible for your data. Your best security for this kind of attack is a mean dog who doesn't like strangers..


----------



## larryjf (Feb 22, 2008)

Another way to stay safe is just to not let folks know you have a computer. Get one of them new Apple laptops that fit in a manila envelope. When you're done using it, put it in an envelope and file it...nobody will be the wiser.

[ame="http://www.youtube.com/watch?v=mcw_Mvnp3WY"]YouTube - Apple MacbookAir - Envelope[/ame]


----------



## gene_mingo (Feb 23, 2008)

Here is what the site recommends for you to protect yourself from this exploit.



> Q. What can users do to protect themselves?
> A. The most effective way for users to protect themselves is to fully shut down their computers several minutes before any situation in which the computers’ physical security could be compromised.


----------

