Re: [liberationtech] Fwd: [Crypto Stick News] Vulnerabilities of Self-Encrypted SSDs
Roughly speaking, the idea of these attacks is to move an SED from one machine to another without cutting power, i.e., by replugging the data cable only. Ouch. ..on Mon, Jan 14, 2013 at 06:23:41PM +0100, André Rebentisch wrote: fyi, André Original-Nachricht Betreff: [Crypto Stick News] Vulnerabilities of Self-Encrypted SSDs Datum:Mon, 14 Jan 2013 17:14:51 +0100 Von: n...@crypto-stick.com Antwort an: webmas...@crypto-stick.com, n...@crypto-stick.com An: n...@crypto-stick.com Researchers found vulnerabilities of self-encrypted SSDs. From the abstract: Self-encrypting drives (SEDs), such as Intel's SSD 320 and 520 series, are widely believed to be a fast and secure alternative to software-based solutions like TrueCrypt and BitLocker. [...] In this sense, hardware-based full disk encryption (FDE) is as insecure as software-based FDE. We also show that (2) there exists a new class of attacks that is specific to hardware-based FDE [Full Disk Encryption]. Roughly speaking, the idea of these attacks is to move an SED from one machine to another without cutting power, i.e., by replugging the data cable only. [...] Some machines are arguably more vulnerable when using SEDs. Watch the videos... [1] This article: http://www.crypto-stick.com/node/74 [1] https://www1.cs.fau.de/sed -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Julian Oliver http://julianoliver.com http://criticalengineering.org -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Fwd: [Crypto Stick News] Vulnerabilities of Self-Encrypted SSDs
On 01/14/2013 06:23 PM, André Rebentisch wrote: fyi, André Original-Nachricht Betreff: [Crypto Stick News] Vulnerabilities of Self-Encrypted SSDs Datum:Mon, 14 Jan 2013 17:14:51 +0100 Von: n...@crypto-stick.com Antwort an: webmas...@crypto-stick.com, n...@crypto-stick.com An: n...@crypto-stick.com Researchers found vulnerabilities of self-encrypted SSDs. From the abstract: Self-encrypting drives (SEDs), such as Intel's SSD 320 and 520 series, are widely believed to be a fast and secure alternative to software-based solutions like TrueCrypt and BitLocker. [...] In this sense, hardware-based full disk encryption (FDE) is as insecure as software-based FDE. We also show that (2) there exists a new class of attacks that is specific to hardware-based FDE [Full Disk Encryption]. Roughly speaking, the idea of these attacks is to move an SED from one machine to another without cutting power, i.e., by replugging the data cable only. [...] Some machines are arguably more vulnerable when using SEDs. Watch the videos... [1] This article: http://www.crypto-stick.com/node/74 [1] https://www1.cs.fau.de/sed -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech Here is a german speech from the 29C3 in Hamburg, Germany, where the problems of SEDs are also mentioned: Unsecure SEDs Youtube http://www.youtube.com/watch?feature=player_embeddedv=IzE2SKVP-MQ#%21 -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
