I concede your points. My frustration is not with Secude's hardware+software solution specifically. In fact, I think hardware-based encryption (like the Momentus drive) is the way to go in the long haul (hardware+software attacks are typically more difficult than software-only attacks). Just a bit frustrated that I can't sleep as easy at night knowing that the "theoretical" RAM analysis technique will (soon?) be used by more than a group of researchers at Princeton, realistically.
- Garrett ----- Original Message ----- From: Larry Massey To: [email protected] Sent: Friday, February 29, 2008 3:30 PM Subject: Re: [FDE] DRAM attack - not thwarted at all by Seagate's driveCORRECTION the data on the HDD IS Protected!!! Garrett: Glad you "conveniently" received that email.J Yes, you may be a bit too picky. Our solution is to solve a Data At Rest problem that in pure Software Laptop Encryption products is broken by exposing the encryption key residing in PC DRAM and NOT to solve the problem of securing the contents of DRAM which would a different data exposure problem, of course. We make no claim to solve the problem of data exposed in DRAM, simply to not put data in DRAM at a point in time that it could be exposed and used to defeat HDD on board encryption technology. You may want to spend some time learning more about the Seagate drive, as it is quite an interesting and secure technology. If any of you will be attending the Data Protection Summit in LA next month, we will have a presentation on this specific topic (again DAR only), I will also be attending and would love to meet any members of this very enjoyable although overly cloaked group on this blog. Maybe we can even get together for a dinner one evening. I am sure that some of this blogs under cover vendors might even be willing to foot the bill. Regards, Larry ___________________________________________________ Larry Massey President SECUDE IT Security, LLC 380 Sundown Drive Dawsonville, GA 30534 USA Tel : +1 706 216 8609 Fax: +1 706 216 4696 Mobile : +1 706 215 3854 [EMAIL PROTECTED] www.secude.com From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Garrett M. Groff Sent: Friday, February 29, 2008 2:07 PM To: [email protected] Subject: [FDE] DRAM attack - not thwarted at all by Seagate's drive I conveniently got an email from Secude in my inbox. One of the closing paras had the following: As you continue your investigation of disk-encryption technologies, I invite you to contact us to learn more about our partnership with Seagate and other hard drive manufacturers and how we eliminate the types of vulnerabilities found in DRAM attacks. By encrypting data at the drive level, we are able to offer you the highest level of protection. Of course, that's not true at all. The vulnerability of data residing in DRAM still exists. That will be the case until we get "secure RAM," or something along those lines. However, it is true that the particular attack involving reading the FDE key directly from RAM is defeated since that key is never written to RAM. Maybe I'm being too picky here, but looking ahead, this technique could be used to read information from any application that happens to be open at the moment using software that looks for juicy keywords (like "confidential" or "password"). Doesn't that seem like the next logical threat once the "low-hanging fruit" (such as it is) of cold-boot key discovery is patched? I mean, how long are we going to have secure disks with wide-open RAM chips? - Garrett ------------------------------------------------------------------------------ _______________________________________________ FDE mailing list [email protected] http://www.xml-dev.com/mailman/listinfo/fde
_______________________________________________ FDE mailing list [email protected] http://www.xml-dev.com/mailman/listinfo/fde
