Martin Laabs wrote:
> Preventing the physical access to the memory modules
> could be done with a light sensor or a simple switch
> at the computer case.
Easily to circumvent, too.
> If you implement also a temperature-
> sensor near the memory-modules you could prevent cooling
> them down
You might want to take a look at eNova (http://www.enovatech.net/)
who are pointing at interesting hardware using their crypto
technology.
=
the idea of closed-source hardware-based crypto disk drive may
appeal to some, but i've seen too many similar things fail through
st
On Tue, 26 Feb 2008, Achim Patzner wrote:
You might want to take a look at eNova (http://www.enovatech.net/) who
are pointing at interesting hardware using their crypto technology.
=
the idea of closed-source hardware-based crypto disk drive may appeal to
some, but i've seen t
Hi,
Maybe someone could implement a memory section
that is overwritten by the bios after reboot.
Then all the sensitive keys could be stored there.
This would prevent an attack that just boots from
another media and dump the whole memory out of i.e.
an USB-stick.
Preventing the physical access
On Sat, Feb 23, 2008 at 02:08:54PM +1300, Atom Smasher wrote:
> article below. does anyone know how this affects eli/geli?
>
> from the geli man page: "detach - Detach the given providers, which means
> remove the devfs entry and clear the keys from memory." does that mean
> that geli properly w
Am 26.02.2008 um 12:45 schrieb Uwe Doering:
You might want to take a look at eNova (http://www.enovatech.net/)
who are pointing at interesting hardware using their crypto
technology.
Interesting approach as well. Thanks for the pointer. However,
given that notebooks are the most vulnerabl
Am 25.02.2008 um 23:48 schrieb Uwe Doering:
Since it hasn't been mentioned so far: There are hard disk drives
that do encryption on the firmware level, so you don't have to store
keys on the OS level.
I wouldn't go that far as there isn't (better: I didn't find)
enough documentation on thei
Achim Patzner wrote:
Am 25.02.2008 um 23:48 schrieb Uwe Doering:
Since it hasn't been mentioned so far: There are hard disk drives that
do encryption on the firmware level, so you don't have to store keys
on the OS level.
I wouldn't go that far as there isn't (better: I didn't find)
enough do
Achim Patzner wrote:
article below. does anyone know how this affects eli/geli?
There's fairly little any disk crypto system can do to thoroughly defend
against this.
Hm. Strange. Serious hardware is very well suited to do that (usually
by adding well defended crypto hardware). Keys don't hav
On Mon, Feb 25, 2008 at 03:33:30PM +, Igor Mozolevsky wrote:
> [text]
Guys, can you take this to chat@ please...
--
Rink P.W. Springer- http://rink.nu
"Anyway boys, this is America. Just because you get more votes doesn't
mean you win." - Fox Mulder
_
On 25/02/2008, Bill Moran <[EMAIL PROTECTED]> wrote:
> In response to "Igor Mozolevsky" <[EMAIL PROTECTED]>:
>
> > Crypto is merely a way of obfuscating data, and we all know the truth
> > about security by obscurity, right?
>
>
> I don't think you correctly understand the concept of "security th
In response to "Igor Mozolevsky" <[EMAIL PROTECTED]>:
> On 24/02/2008, Bill Moran <[EMAIL PROTECTED]> wrote:
> > "Igor Mozolevsky" <[EMAIL PROTECTED]> wrote:
[snip]
> > Fact is, data is "sensitive" to different degrees. It's also valuable
> > to different degrees.
> >
> > If you're worried a
On 24/02/2008, Bill Moran <[EMAIL PROTECTED]> wrote:
> "Igor Mozolevsky" <[EMAIL PROTECTED]> wrote:
[snip]
> > IMO the possibility of such attack is so remote that it doesn't really
> > warrant any special attention, it's just something that should be kept
> > in mind when writing "secure" cry
Christopher Arnold <[EMAIL PROTECTED]> wrote:
>
>
>
> On Sun, 24 Feb 2008, Bill Moran wrote:
>
> > Or laptop vendors could make "secure" laptops that always lose memory
> > on shutdown.
> >
> That dosn't really change anything, just don't shutdown the laptop.
It reduces the risk greatly when co
"Igor Mozolevsky" <[EMAIL PROTECTED]> wrote:
>
> On 24/02/2008, Bill Moran <[EMAIL PROTECTED]> wrote:
> > "Igor Mozolevsky" <[EMAIL PROTECTED]> wrote:
> > >
> > > On 23/02/2008, Brooks Davis <[EMAIL PROTECTED]> wrote:
> > >
> > > >
> > > > You should actually read the paper. :) They successful
On Sun, 24 Feb 2008, Bill Moran wrote:
Or laptop vendors could make "secure" laptops that always lose memory
on shutdown.
That dosn't really change anything, just don't shutdown the laptop.
Cut an opening in the case and attach a probe to monitor memory access and
wait for the key being ac
"Igor Mozolevsky" <[EMAIL PROTECTED]> wrote:
>
> On 23/02/2008, Brooks Davis <[EMAIL PROTECTED]> wrote:
>
> >
> > You should actually read the paper. :) They successfully defeat both
> > of these type of protections by using canned air to chill the ram and
> > transplanting it into another machi
On 24/02/2008, Bill Moran <[EMAIL PROTECTED]> wrote:
> "Igor Mozolevsky" <[EMAIL PROTECTED]> wrote:
> >
> > On 23/02/2008, Brooks Davis <[EMAIL PROTECTED]> wrote:
> >
> > >
> > > You should actually read the paper. :) They successfully defeat both
> > > of these type of protections by using
--- Dimitry Andric <[EMAIL PROTECTED]> wrote:
> On 2008-02-23 02:08, Atom Smasher wrote:
> > article below. does anyone know how this affects eli/geli?
> >
> > from the geli man page: "detach - Detach the given providers, which means
> > remove the devfs entry and clear the keys from memory." d
article below. does anyone know how this affects eli/geli?
There's fairly little any disk crypto system can do to thoroughly
defend
against this.
Hm. Strange. Serious hardware is very well suited to do that (usually
by adding well defended crypto hardware). Keys don't have to be stored
in u
On 2008-02-23 02:08, Atom Smasher wrote:
> article below. does anyone know how this affects eli/geli?
>
> from the geli man page: "detach - Detach the given providers, which means
> remove the devfs entry and clear the keys from memory." does that mean
> that geli properly wipes keys from RAM wh
Am 23.02.2008 um 22:28 schrieb Igor Mozolevsky:
Or you could carry something that emits a huge EMI pulse to destroy
the data on the disk...
It would be easier to buy a MacBook Air...
Achim
On Sat, Feb 23, 2008 at 02:08:31PM +1300, Atom Smasher wrote:
> article below. does anyone know how this affects eli/geli?
There's fairly little any disk crypto system can do to thoroughly defend
against this. The best workaround currently is to turn off your machine
when not in use. This has alwa
On 23/02/2008, Brooks Davis <[EMAIL PROTECTED]> wrote:
>
> You should actually read the paper. :) They successfully defeat both
> of these type of protections by using canned air to chill the ram and
> transplanting it into another machine.
Easy to get around this attack - store the key on a us
On Sat, Feb 23, 2008 at 11:24:22AM -0800, Tim Clewlow wrote:
>
> --- Pieter de Boer <[EMAIL PROTECTED]> wrote:
>
> > Jeremy Chadwick wrote:
> >
> > > It's interesting that you classified this as a "feature" (in quotes),
> > > because there's nothing "modern" about said "feature". This issue has
--- Pieter de Boer <[EMAIL PROTECTED]> wrote:
> Jeremy Chadwick wrote:
>
> > It's interesting that you classified this as a "feature" (in quotes),
> > because there's nothing "modern" about said "feature". This issue has
> > existed since the beginning of RAM chip engineering; I can even confir
Pieter de Boer wrote:
Atom Smasher wrote:
article below. does anyone know how this affects eli/geli?
from the geli man page: "detach - Detach the given providers, which
means remove the devfs entry and clear the keys from memory." does
that mean that geli properly wipes keys from RAM when a l
Jeremy Chadwick wrote:
It's interesting that you classified this as a "feature" (in quotes),
because there's nothing "modern" about said "feature". This issue has
existed since the beginning of RAM chip engineering; I can even confirm
this "feature" exists on old video game consoles such as the
On Sat, Feb 23, 2008 at 07:40:53PM +0100, Pieter de Boer wrote:
> Atom Smasher wrote:
>> article below. does anyone know how this affects eli/geli?
>> from the geli man page: "detach - Detach the given providers, which means
>> remove the devfs entry and clear the keys from memory." does that mean
Atom Smasher wrote:
article below. does anyone know how this affects eli/geli?
from the geli man page: "detach - Detach the given providers, which
means remove the devfs entry and clear the keys from memory." does that
mean that geli properly wipes keys from RAM when a laptop is turned off?
30 matches
Mail list logo
