I conveniently got an email from Secude in my inbox. One of the closing paras
had the following:
As you continue your investigation of disk-encryption technologies, I invite
you to contact us to learn more about our partnership with Seagate and other
hard drive manufacturers and how we eliminate the types of vulnerabilities
found in DRAM attacks. By encrypting data at the drive level, we are able to
offer you the highest level of protection.
Of course, that's not true at all. The vulnerability of data residing in DRAM
still exists. That will be the case until we get "secure RAM," or something
along those lines.
However, it is true that the particular attack involving reading the FDE key
directly from RAM is defeated since that key is never written to RAM.
Maybe I'm being too picky here, but looking ahead, this technique could be used
to read information from any application that happens to be open at the moment
using software that looks for juicy keywords (like "confidential" or
"password"). Doesn't that seem like the next logical threat once the
"low-hanging fruit" (such as it is) of cold-boot key discovery is patched? I
mean, how long are we going to have secure disks with wide-open RAM chips?
- Garrett
_______________________________________________
FDE mailing list
[email protected]
http://www.xml-dev.com/mailman/listinfo/fde
