QUEEN

QUEEN 1

Tutorial: Corraling Linux Hard Disk Names

The Linux kernel is a restless beast, and must continally evolve and change. Especially in ways that mystify us poor end lusers. A recent wrinkle, as of kernel version 2.6.20, is changing the /dev names for ATA devices, so that all ATA and SCSI devices are named /dev/sd*. This is a result of using the shiny new libata subsystem. Carla Schroder guides you through the new nomenclature in this tutorial

Tutorial: Corraling Linux Hard Disk Names

The Linux kernel is a restless beast, and must continally evolve and change. Especially in ways that mystify us poor end lusers. A recent wrinkle, as of kernel version 2.6.20, is changing the /dev names for ATA devices, so that all ATA and SCSI devices are named /dev/sd*. This is a result of using the shiny new libata subsystem. Carla Schroder guides you through the new nomenclature in this tutorial.
By: Server Tales
LaCie Hard Disk - Disco externo com 3 opções de conexões2008-04-03 23:15:00A LaCie apresentou o LaCie Hard Disk, Design by Neil Poulton, um HD externo que traz a opção de três diferentes conexões para que não haja dificuldades em conectá-lo a um computador. As portas são: USB 2.0, Firewire 400 e eSATA, que proporcionam muito mais velocidade nas transferências de arquivos. A capacidade do discos também não deixa a desejar, começam em 500 GB e um preço de 149 euros (401 reais), 1 TB disponÃvel por 289 euros (778 reais) e ainda uma versão intermediária de 750 GB.O LaCie Hard Disk é compatÃvel com com Windows, Mac e Linux e dispensa drivers para a instalação. Ainda acompanha um software para realizar cópias de segurança.+ informaçõesUse o BuscaPé para comparar o preço de: Computador, HD de 1TB


LaCie Hard Disk - Disco externo com 3 opções de conexões

LaCie Hard Disk - Disco externo com 3 opções de conexõesA LaCie apresentou o LaCie Hard Disk, Design by Neil Poulton, um HD externo que traz a opção de três diferentes conexões para que não haja dificuldades em conectá-lo a um computador. As portas são: USB 2.0, Firewire 400 e eSATA, que proporcionam muito mais velocidade nas transferências de arquivos. A capacidade do discos também não deixa a desejar, começam em 500 GB e um preço de 149 euros (401 reais), 1 TB disponÃvel por 289 euros (778 reais) e ainda uma versão intermediária de 750 GB.O LaCie Hard Disk é compatÃvel com com Windows, Mac e Linux e dispensa drivers para a instalação. Ainda acompanha um software para realizar cópias de segurança.+ informaçõesUse o BuscaPé para comparar o preço de: Computador, HD de 1TB

Tuesday, September 23, 2008

Cold Boot Attacks on Disk Encryption

Cold Boot Attacks on Disk Encryption
By Ed Felten - Posted on February 21st, 2008 at 4:30 am
Today eight colleagues and I are releasing a significant new research result. We show that disk encryption, the standard approach to protecting sensitive data on laptops, can be defeated by relatively simple methods. We demonstrate our methods by using them to defeat three popular disk encryption products: BitLocker, which comes with Windows Vista; FileVault, which comes with MacOS X; and dm-crypt, which is used with Linux. The research team includes J. Alex Halderman, Seth D. Schoen, Nadia Heninger, William Clarkson, William Paul, Joseph A. Calandrino, Ariel J. Feldman, Jacob Appelbaum, and Edward W. Felten.
Our site has links to the paper, an explanatory video, and other materials.
The root of the problem lies in an unexpected property of today's DRAM memories. DRAMs are the main memory chips used to store data while the system is running. Virtually everybody, including experts, will tell you that DRAM contents are lost when you turn off the power. But this isn't so. Our research shows that data in DRAM actually fades out gradually over a period of seconds to minutes, enabling an attacker to read the full contents of memory by cutting power and then rebooting into a malicious operating system.
Interestingly, if you cool the DRAM chips, for example by spraying inverted cans of "canned air" dusting spray on them, the chips will retain their contents for much longer. At these temperatures (around -50 °C) you can remove the chips from the computer and let them sit on the table for ten minutes or more, without appreciable loss of data. Cool the chips in liquid nitrogen (-196 °C) and they hold their state for hours at least, without any power. Just put the chips back into a machine and you can read out their contents.
This is deadly for disk encryption products because they rely on keeping master decryption keys in DRAM. This was thought to be safe because the operating system would keep any malicious programs from accessing the keys in memory, and there was no way to get rid of the operating system without cutting power to the machine, which "everybody knew" would cause the keys to be erased.
Our results show that an attacker can cut power to the computer, then power it back up and boot a malicious operating system (from, say, a thumb drive) that copies the contents of memory. Having done that, the attacker can search through the captured memory contents, find any crypto keys that might be there, and use them to start decrypting hard disk contents. We show very effective methods for finding and extracting keys from memory, even if the contents of memory have faded somewhat (i.e., even if some bits of memory were flipped during the power-off interval). If the attacker is worried that memory will fade too quickly, he can chill the DRAM chips before cutting power.
There seems to be no easy fix for these problems. Fundamentally, disk encryption programs now have nowhere safe to store their keys. Today's Trusted Computing hardware does not seem to help; for example, we can defeat BitLocker despite its use of a Trusted Platform Module.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)