 Posted by SecExtra on February 25th, 2008
9 Students have released a significant new research result. They show that disk encryption, the standard approach to protecting sensitive data on laptops, can be defeated by relatively simple methods. They demonstrate their methods by using them to defeat three popular disk encryption products: BitLocker, which comes with Windows Vista; FileVault, which comes with MacOS X; and dm-crypt, which is used with Linux. The research team includes J. Alex Halderman, Seth D. Schoen, Nadia Heninger, William Clarkson, William Paul, Joseph A. Calandrino, Ariel J. Feldman, Jacob Appelbaum, and Edward W. Felten.
Their site has links to the paper, an explanatory video, and other materials.
The root of the problem lies in an unexpected property of today’s DRAM memories. DRAMs are the main memory chips used to store data while the system is running. Virtually everybody, including experts, will tell you that DRAM contents are lost when you turn off the power. But this isn’t so. Their research shows that data in DRAM actually fades out gradually over a period of seconds to minutes, enabling an attacker to read the full contents of memory by cutting power and then rebooting into a malicious operating system.
Spread The Word:
These icons link to social bookmarking sites where readers can share and discover new web pages.
If you're new here, you may like our tasty RSS feed. Thanks for visiting!
This entry was posted
on Monday, February 25th, 2008 at 2:47 am and is filed under IT security.
You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
|
|
-->
February 28th, 2008 at 5:19 am
[…] the encryption easier to crack these days (see this post), are you worried about your data showing up in some odd place like ebay for all to see? Spread […]