But in the end all the possible fixes that have been listed are only software fixes for today's inherently insecure, archaic and simply outdated PC architecture. Only a migration to a trusted PC architecture as proposed by the Trusted Computing Group and technologies like the forthcoming Intel TXT and Danbury architectures will help solve today's known problems with untrusted platforms.
Secure encryption solutions like Seagate's native hard drive encryption, where the key is never exposed outside of the hard drive enclosure area, and turning on the TPM are the next step to propel us forward into the new century of trusted computing. The software encryption hack is but one occurrence of all the hack possibilities as long as the world doesn't fess up to the fact that only software in combination with appropriate new but already existing hardware is employed. To continue trying to do it all in software is just a foolish proposition. Cheers! Brian Glancey wrote :--------------------. There are a complete set of feasible defenses suggested including (suggested in full text of research paper): - Split encryption Keys (or s-box tables) into separate pieces - Dynamically relocate Keys regularly in memory to make exact location difficult to determine - Overwrite memory several times when unloading Key - Encrypt key in memory with another key Of course, most of these are more difficult to rearrange with hardware where the inputs and outputs are known memory addresses and can not be easily relocated. Bu these defences are already in some FDE software products but, obviously, not all.
_______________________________________________ FDE mailing list [email protected] http://www.xml-dev.com/mailman/listinfo/fde
