On Mon, Feb 25, 2008 at 9:20 PM, Angus Scott-Fleming <[EMAIL PROTECTED]> wrote: > If you do the above, a remaining feasible attack would be chilling the RAM > and > inserting it in another box to be read there.
Or... chill the whole system (RAM included) to make the window of opportunity bigger. Kill the power. Swap the normal hard disk with your own. Boot from that, and recover the keys from RAM, storing them on your disk. Now you've got what you need to decrypt the data on the original (now removed) disk. Should be even easier to counter that, though. Have the BIOS sanitize the RAM at power-on, and any leftover keys will be gone. That leaves the RAM chip swap you describe, which is pretty radical. -- Ben ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
