Geeks, come together on this...NOW...Tech talk it up...
THANKS
--
Tech, computer repair specialist (on the side), part time Tech
Pro poster to Wilders Security...home base...On usenet to help noobs
Not me...
> On 12 Jan 2011 23:08:11 -0000, Rooster wrote:
>
>> http://www.legaltechtoday.com/2010/0...-kit-forensic-
>> decrypts-truecrypt-hard-disks-in-minutes-prnewswire/
>
> Bad news for Good Guys...
>
> No BRUTE FORCE...? What the...?
>
> Geeks, come together on this...NOW...Tech talk it up...
>
> THANKS
*lol*
<rolls eyes twice at pair of Animal Morons Rooster and DasFox>
--
ŽIf you give me six lines written by the hand of the most honest of
men, I will find something in them which will hang him.¡ ~Cardinal
Richelieu
["Followup-To:" header set to sci.crypt.]
On 2011-01-13, DasFox <dasfox@gmail.com> wrote:
> On 12 Jan 2011 23:08:11 -0000, Rooster wrote:
>
>> http://www.legaltechtoday.com/2010/0...-kit-forensic-
>> decrypts-truecrypt-hard-disks-in-minutes-prnewswire/
>
> Bad news for Good Guys...
>
> No BRUTE FORCE...? What the...?
>
> Geeks, come together on this...NOW...Tech talk it up...
Ah, a FireWire DMA attack. These aren't really a new thing, they've
been widely known for several years now.
The basic solution (short of not letting people plug stuff into your
computer while you've got encryption keys in memory) is either to yank
the FireWire port off your motherboard (not recommended unless you're
handy with a soldering iron) or to disable it (or at least the DMA
feature) in software. The precise way to do that will depend on what
OS you're using; I don't have any links handy, so try Googling it.
Also, you should do the same for other ports that can be used for a
similar attack. PCMCIA (found on older laptops) is apparently one.
Offhand, I'm not sure about USB or eSATA.
--
Ilmari Karonen
To reply by e-mail, please replace ".invalid" with ".net" in address.
On Thu, 13 Jan 2011 01:23:27 +0000 (UTC), Ilmari Karonen wrote:
> ["Followup-To:" header set to sci.crypt.]
> On 2011-01-13, DasFox <dasfox@gmail.com> wrote:
>> On 12 Jan 2011 23:08:11 -0000, Rooster wrote:
>>
>>> http://www.legaltechtoday.com/2010/0...-kit-forensic-
>>> decrypts-truecrypt-hard-disks-in-minutes-prnewswire/
>>
>> Bad news for Good Guys...
>>
>> No BRUTE FORCE...? What the...?
>>
>> Geeks, come together on this...NOW...Tech talk it up...
>
> Ah, a FireWire DMA attack. These aren't really a new thing, they've
> been widely known for several years now.
>
> The basic solution (short of not letting people plug stuff into your
> computer while you've got encryption keys in memory) is either to yank
> the FireWire port off your motherboard (not recommended unless you're
> handy with a soldering iron) or to disable it (or at least the DMA
> feature) in software. The precise way to do that will depend on what
> OS you're using; I don't have any links handy, so try Googling it.
>
> Also, you should do the same for other ports that can be used for a
> similar attack. PCMCIA (found on older laptops) is apparently one.
> Offhand, I'm not sure about USB or eSATA.
Most of us here are pretty hard core Tech geeks this isn't Grandma's
Baking Forum...TECH Talk..
If there were some real world alternatives to this what we could do to
minimize the risks, if anything possible...
I KNOW THE ANSWERS...for noobs I ask...
--
Tech, computer repair specialist (on the side), part time Tech
Pro poster to Wilders Security...home base...On usenet to help noobs
Not me...
On Jan 13, 3:21*am, DasFox <das...@gmail.com> wrote:
> On 12 Jan 2011 23:08:11 -0000, Rooster wrote:
>
> >http://www.legaltechtoday.com/2010/0...-kit-forensic-
> > decrypts-truecrypt-hard-disks-in-minutes-prnewswire/
>
> Bad news for Good Guys...
>
> No BRUTE FORCE...? What the...?
>
> Geeks, come together on this...NOW...Tech talk it up...
>
> THANKS
> --
> Tech, computer repair specialist (on the side), part time Tech
> Pro poster to Wilders Security...home base...On usenet to help noobs
> Not me...
----------------
article got Nothing to comment. that looks only ad-like. if to say of
encrypted hdd, residual magnetization is most rival there. But it
needs to've physical access to hard drive. Remote attacks can be
useful too, but effectiveness depends upon policies of network
services & firewalls.
One idea I have thought of that would make it harder to read your data
would be to use GPS to protect the encryption key.
How it would work is this:
1.You have a encrypting device sitting between the hard disk and the PC
(similar to how many "secure" external hard disks work except with an
algorithim that's actually secure). This device would have a GPS chip on it.
2.You store the keys for the data in a small chip of some kind (not sure
what sort would work for this) along with GPS coordinates of the location
where the drive will be (the code processing this would add a fudge factor
to allow for the fact that GPS is not 100% accurate)
3.If the device is powered up and the GPS coordinates are not close enough
to that stored in the storage chip, the storage chip would be permanently
erased and the keys would be gone forever
4.If you need to move the device for a legitimate reason (e.g. move house)
you would clear out the GPS coordinates first while the computer is still
powered up at the old location and then set new ones when you set up at the
other end
5.To further ensure security, the storage device holding the keys would be
something that cant be read directly and requires decapping the chip (there
are chips out there that are designed to be resistant to decapping)
6.All the circuits would be protected with epoxy and use custom formats so
its difficult to replace the GPS chip with circuits that feed it fake
coordinates so it thinks its where it should be.
If you wanted to, you could even add some small amount of battery power and
some circuits so that it will erase the keys if it goes outside the allowed
area even if it is powered off.
Obviously this system would be combined with a stong password/pass-phrase
and other normal security measures)
In order for an attacker to defeat this system they have several options
(assuming they can guess or obtain your password and other details)
1.dump the data whilst its still in the location it needs to be
2.Fake the GPS signal by putting the device in a GPS blocking Faraday cage
and send signals that appear to be comming from the GPS satellites
3.Hack the signal from the GPS chip to the rest of the system and change
the coordinates.
4.Somehow break the secure storage used to hold the encryption keys (if
they are stored on some kind of MCU with internal code as well as secure
storage, doing this can be very difficult)
On Fri, 14 Jan 2011 22:37:31 +0800, Jonathan Wilson wrote:
> One idea I have thought of that would make it harder to read your data
> would be to use GPS to protect the encryption key.
Oh Man what are you thinking...? GPS...? If you move ten steps left or
right, what then...?
One Time Pad...?
THANKS
--
Tech, computer repair specialist (on the side), part time Tech
Pro poster to Wilders Security...home base...On usenet to help noobs
Not me...
On Fri, 14 Jan 2011 22:37:31 +0800, Jonathan Wilson wrote:
> One idea I have thought of that would make it harder to read your data
> would be to use GPS to protect the encryption key.
>
> How it would work is this:
> 1.You have a encrypting device sitting between the hard disk and the PC
> (similar to how many "secure" external hard disks work except with an
> algorithim that's actually secure). This device would have a GPS chip on it.
> 2.You store the keys for the data in a small chip of some kind (not sure
> what sort would work for this) along with GPS coordinates of the location
> where the drive will be (the code processing this would add a fudge factor
> to allow for the fact that GPS is not 100% accurate)
> 3.If the device is powered up and the GPS coordinates are not close enough
> to that stored in the storage chip, the storage chip would be permanently
> erased and the keys would be gone forever
> 4.If you need to move the device for a legitimate reason (e.g. move house)
> you would clear out the GPS coordinates first while the computer is still
> powered up at the old location and then set new ones when you set up at the
> other end
> 5.To further ensure security, the storage device holding the keys would be
> something that cant be read directly and requires decapping the chip (there
> are chips out there that are designed to be resistant to decapping)
> 6.All the circuits would be protected with epoxy and use custom formats so
> its difficult to replace the GPS chip with circuits that feed it fake
> coordinates so it thinks its where it should be.
>
> If you wanted to, you could even add some small amount of battery power and
> some circuits so that it will erase the keys if it goes outside the allowed
> area even if it is powered off.
>
> Obviously this system would be combined with a stong password/pass-phrase
> and other normal security measures)
>
> In order for an attacker to defeat this system they have several options
> (assuming they can guess or obtain your password and other details)
> 1.dump the data whilst its still in the location it needs to be
> 2.Fake the GPS signal by putting the device in a GPS blocking Faraday cage
> and send signals that appear to be comming from the GPS satellites
> 3.Hack the signal from the GPS chip to the rest of the system and change
> the coordinates.
> 4.Somehow break the secure storage used to hold the encryption keys (if
> they are stored on some kind of MCU with internal code as well as secure
> storage, doing this can be very difficult)
This is art at work, Jonathan. I am feeling good about you. Here's a
small tribute,,,without a tributary. ;) ;)
> On Fri, 14 Jan 2011 22:37:31 +0800, Jonathan Wilson wrote:
>
>> One idea I have thought of that would make it harder to read your data
>> would be to use GPS to protect the encryption key.
>>
>> How it would work is this:
>> 1.You have a encrypting device sitting between the hard disk and the PC
>> (similar to how many "secure" external hard disks work except with an
>> algorithim that's actually secure). This device would have a GPS chip on it.
>> 2.You store the keys for the data in a small chip of some kind (not sure
>> what sort would work for this) along with GPS coordinates of the location
>> where the drive will be (the code processing this would add a fudge factor
>> to allow for the fact that GPS is not 100% accurate)
>> 3.If the device is powered up and the GPS coordinates are not close enough
>> to that stored in the storage chip, the storage chip would be permanently
>> erased and the keys would be gone forever
>> 4.If you need to move the device for a legitimate reason (e.g. move house)
>> you would clear out the GPS coordinates first while the computer is still
>> powered up at the old location and then set new ones when you set up at the
>> other end
>> 5.To further ensure security, the storage device holding the keys would be
>> something that cant be read directly and requires decapping the chip (there
>> are chips out there that are designed to be resistant to decapping)
>> 6.All the circuits would be protected with epoxy and use custom formats so
>> its difficult to replace the GPS chip with circuits that feed it fake
>> coordinates so it thinks its where it should be.
>>
>> If you wanted to, you could even add some small amount of battery power and
>> some circuits so that it will erase the keys if it goes outside the allowed
>> area even if it is powered off.
>>
>> Obviously this system would be combined with a stong password/pass-phrase
>> and other normal security measures)
>>
>> In order for an attacker to defeat this system they have several options
>> (assuming they can guess or obtain your password and other details)
>> 1.dump the data whilst its still in the location it needs to be
>> 2.Fake the GPS signal by putting the device in a GPS blocking Faraday cage
>> and send signals that appear to be comming from the GPS satellites
>> 3.Hack the signal from the GPS chip to the rest of the system and change
>> the coordinates.
>> 4.Somehow break the secure storage used to hold the encryption keys (if
>> they are stored on some kind of MCU with internal code as well as secure
>> storage, doing this can be very difficult)
>
> This is art at work, Jonathan. I am feeling good about you. Here's a
> small tribute,,,without a tributary. ;) ;)
>
> http://www.redtube.com/25232
Do you prefer double anal penetration or jizz sammiches? Think about
it and get back. /lol/
--
ŽIf you give me six lines written by the hand of the most honest of
men, I will find something in them which will hang him.¡ ~Cardinal
Richelieu
On Jan 14, 1:33*pm, Anne Onime <anonym...@rip.ax.lt> wrote:
> Evgeney Knyazhev <z0dch...@gmail.com> wrote:
> > if to say of encrypted hdd, residual magnetization is most rival there.But it
> > needs to've physical access to hard drive.
>
> Huh? *If the full drive is encrypted, then the residual
> magnetization is encrypted as well, so what's the problem?
-------------------------------------------------
cipher doesn't & cannot encrypt magnetization of bits; ciphertext
rewrites plaintext. Scheme to avoid/reduce problems of residual
magnetization runs so:
1. to cipher fileA & to keep its ciphertext in temp file or RAM;
2. to rewrite fileA with random data;
3 to rewrite fileA with ciphertext of #1.
-------------------
reliable schemes to encrypt hdd data makes machine slow, & cannot be
100% of security. + To be too paranoidal of security issues Always &
Ever has been nice way towards mental hospital XD
On Fri, 14 Jan 2011 11:33:23 +0100 (CET), Anne Onime wrote:
> Evgeney Knyazhev <z0dchiy8@gmail.com> wrote:
>> if to say of encrypted hdd, residual magnetization is most rival there. But it
>> needs to've physical access to hard drive.
>
> Huh? If the full drive is encrypted, then the residual
> magnetization is encrypted as well, so what's the problem?
Aren't these anonymousie's cute? /lol/
--
ŽIf you give me six lines written by the hand of the most honest of
men, I will find something in them which will hang him.¡ ~Cardinal
Richelieu
On Jan 14, 8:48*pm, Evgeney Knyazhev <z0dch...@gmail.com> wrote:
> On Jan 14, 1:33*pm, Anne Onime <anonym...@rip.ax.lt> wrote:> Evgeney Knyazhev <z0dch...@gmail.com> wrote:
> > > if to say of encrypted hdd, residual magnetization is most rival there. But it
> > > needs to've physical access to hard drive.
You do NOT need to put any plaintext on disk at all. So there's
nothing to rewrite, no magnetization to encrypt, etc.
> Scheme to avoid/reduce problems of residual
> magnetization runs so:
Just encrypt the disk as whole.
> 1. to cipher fileA & to keep its ciphertext in temp file or RAM;
> 2. to rewrite fileA with random data;
> 3 to rewrite fileA with ciphertext of #1.
> -------------------
> reliable schemes to encrypt hdd data makes machine slow
Using truecrypt on my computer takes hardly any noticeable time. The
CPU is much faster than the HD. I get 424 MB/s using AES on all four
cores, this is about twice faster than sequential read of my RAID-10.
And sequential read is not that common at all.
On Jan 15, 12:55*am, Maaartin <grajc...@seznam.cz> wrote:
>Just encrypt the disk as whole.
event 1. 0 rewrites 0;
event 2. 0 rewrites 1;
event 3. 0 rewrites 0;
-----------
where is probability greater to get closest values of magnetization.
above-mentioned three-layer scheme makes hard to run statistical
analysis onto. however, devices to destruct hdd physically execute
data far & more effectively + faster as well XD
>Using truecrypt on my computer takes hardly any noticeable time. The
>CPU is much faster than the HD. I get 424 MB/s using AES on all four
>cores, this is about twice faster than sequential read of my RAID-10.
>And sequential read is not that common at all.
Everything depends upon tasks for your machine;-) but completely,
Please, explain me why someone needs to encrypt hdd. If user cannot
defend machine against non-authorized remote/physical access, to get
keys is Just Matter of Time + encrypted hdd gets nice abilities to
damage user data with great magnitude XD
On Fri, 14 Jan 2011 15:23:56 -0800 (PST), Evgeney Knyazhev wrote:
> On Jan 15, 12:55*am, Maaartin <grajc...@seznam.cz> wrote:
>>Just encrypt the disk as whole.
>
> event 1. 0 rewrites 0;
> event 2. 0 rewrites 1;
> event 3. 0 rewrites 0;
> -----------
> where is probability greater to get closest values of magnetization.
> above-mentioned three-layer scheme makes hard to run statistical
> analysis onto. however, devices to destruct hdd physically execute
> data far & more effectively + faster as well XD
>
>>Using truecrypt on my computer takes hardly any noticeable time. The
>>CPU is much faster than the HD. I get 424 MB/s using AES on all four
>>cores, this is about twice faster than sequential read of my RAID-10.
>>And sequential read is not that common at all.
>
> Everything depends upon tasks for your machine;-) but completely,
> Please, explain me why someone needs to encrypt hdd. If user cannot
> defend machine against non-authorized remote/physical access, to get
> keys is Just Matter of Time + encrypted hdd gets nice abilities to
> damage user data with great magnitude XD
You encrypt the entire HD b/c Windows and windows applications write
crap all over the place which points to data even when erased
Gutmmann.
WTS, as soon as you encrypt the entire HD, you expose yourself to
calamity in data retrieval.
Answer: there is none.
--
ŽIf you give me six lines written by the hand of the most honest of
men, I will find something in them which will hang him.¡ ~Cardinal
Richelieu
On Jan 15, 12:23*am, Evgeney Knyazhev <z0dch...@gmail.com> wrote:
> On Jan 15, 12:55*am, Maaartin <grajc...@seznam.cz> wrote:
>
> >Just encrypt the disk as whole.
>
> event 1. 0 rewrites 0;
> event 2. 0 rewrites 1;
> event 3. 0 rewrites 0;
> -----------
> where is probability greater to get closest values of magnetization.
> above-mentioned three-layer scheme makes hard to run statistical
> analysis onto.
You're surely joking, right? Who cares about magnetization, when all
data (past , current, and future) are properly encrypted. Here
"properly" means XTS oe something similar, so that there's no
exploitable relation between different data in same sector nor between
same data in different sectors.
> however, devices to destruct hdd physically execute
> data far & more effectively + faster as well XD
There are a lot of applications for a sledgehammer, but encrypting the
whole disk is better.
> >Using truecrypt on my computer takes hardly any noticeable time. The
> >CPU is much faster than the HD. I get 424 MB/s using AES on all four
> >cores, this is about twice faster than sequential read of my RAID-10.
> >And sequential read is not that common at all.
>
> Everything depends upon tasks for your machine;-) but completely,
No, really, what practical task could lead do a slow down?
> Please, explain me why someone needs to encrypt hdd. If user cannot
> defend machine against non-authorized remote/physical access, to get
Why are you asking? It's obvious, isn't it?
Can you protect your computer against theft? No.
Can you protect your computer against remote access? Yes.
Everything can get stolen, and all countermeasures are expensive and
not 100% reliable. Prohibiting remote access is quite simple, just do
not plug in the cable. :D
> keys is Just Matter of Time + encrypted hdd gets nice abilities to
> damage user data with great magnitude XD
On Jan 15, 7:15*pm, Maaartin <grajc...@seznam.cz> wrote:
/* You're surely joking, right? Who cares about magnetization, when
all
data (past , current, and future) are properly encrypted. Here
"properly" means XTS oe something similar, so that there's no
exploitable relation between different data in same sector nor
between
same data in different sectors. */
on the hdd, bit has logical state (1/0) & physical state magnetization
(magnetization less than defined level is logical zero, otherwise is
logical 1). No term exists "to cipher magnetization". Values of
magnetization can be measured to try to extract data which was
rewritten or erased. Yes, I have not argued schemes to "heal" residue
magnetization are effective as well.
/*No, really, what practical task could lead do a slow down? */
Ohhhhhh.... so many mathematical calculations desperately gobble up
CPU Time, RAM + hdd spins as Hell to save data XD
/*Why are you asking? It's obvious, isn't it? */
To encrypt entire disk Just for the sake of delusive hope to make life
a cracker a little harder to research stolen hdd? :-) Just a thought:
if someone can steal your computer, why he cannot sneak off your
password???
On Jan 15, 10:05*pm, Evgeney Knyazhev <z0dch...@gmail.com> wrote:
> On Jan 15, 7:15*pm, Maaartin <grajc...@seznam.cz> wrote:
> on the hdd, bit has logical state (1/0) & physical state magnetization
> (magnetization less than defined level is logical zero, otherwise is
> logical 1). No term exists "to cipher magnetization". Values of
> magnetization can be measured to try to extract data which was
> rewritten or erased.
Right. Using magnetization you can under some circumstances read the
past data. Which are encrypted. So who cares?
> /*No, really, what practical task could lead do a slow down? */
>
> Ohhhhhh.... so many mathematical calculations desperately gobble up
> CPU Time, RAM + hdd spins as Hell to save data XD
They may exist, but I never ran something like this. I already ran
programs utilizing 100% CPU, but then the disk was nearly idle.
> /*Why are you asking? It's obvious, isn't it? */
>
> To encrypt entire disk Just for the sake of delusive hope to make life
> a cracker a little harder to research stolen hdd? :-)
A little? I don't have firewire and don't let my computer locked and
unattended, so you don't get the password. Have fun cracking AES.
> Just a thought:
> if someone can steal your computer, why he cannot sneak off your
> password???
How? My password is in my head, and I hope it doesn't get stolen as
well.
For somebody to install a keylogger or alike, they'd have to break in
without leaving trace, which is harder than just break in. I don't
claim, I'm perfectly secure against it, but there are many companies
who are.
>>Just encrypt the disk as whole.
>
> event 1. 0 rewrites 0;
> event 2. 0 rewrites 1;
> event 3. 0 rewrites 0;
> -----------
> where is probability greater to get closest values of magnetization.
> above-mentioned three-layer scheme makes hard to run statistical
> analysis onto. however, devices to destruct hdd physically execute
> data far & more effectively + faster as well XD
It doesn't really matter if someone can recover the current and 2 previous
versions of *ciphertext*.
> Everything depends upon tasks for your machine;-) but completely,
> Please, explain me why someone needs to encrypt hdd. If user cannot
(1) because it is required by law for certain types of sensitive data,
such as medical information, credit card information, or classified
government data.
(2) because you are not allowed to keep physical custody of the
computer (e.g. you want to take it on an airplane, or ship it).
You might be able to protect it at one of your company's offices
but not in transit.
(3) because you cannot defend yourself against TLAs with badges
and lots of weapons, especially while travelling.
(4) because you have to sleep sometime
> defend machine against non-authorized remote/physical access, to get
> keys is Just Matter of Time + encrypted hdd gets nice abilities to
> damage user data with great magnitude XD
Being able to effectively destroy an entire (many gigabyte) hard
disk by repeatedly overwriting a couple of sectors containing an
encrypted key for the rest of the disk is an advantage when the
TLAs break in giving you only minutes to erase the data. This comes
with the disadvantage that accidental destruction is also easier.
On Sun, 16 Jan 2011 20:58:25 -0600, Gordon Burditt wrote:
On Sun, 16 Jan 2011 20:58:25 -0600, Gordon Burditt wrote NOTHING:
*TECH exposes TROLL*
--
Tech, computer repair specialist (on the side), part time Tech
Pro poster to Wilders Security...home base...On usenet to help noobs
Not me...
On Jan 17, 5:58*am, gordonb.8b...@burditt.org (Gordon Burditt) wrote:
> >>Just encrypt the disk as whole.
>
> > event 1. 0 rewrites 0;
> > event 2. 0 rewrites 1;
> > event 3. 0 rewrites 0;
> > -----------
> > where is probability greater to get closest values of magnetization.
> > above-mentioned three-layer scheme makes hard to run statistical
> > analysis onto. however, devices to destruct hdd physically execute
> > data far & more effectively + faster as well XD
>
> It doesn't really matter if someone can recover the current and 2 previous
> versions of *ciphertext*.
>
> > Everything depends upon tasks for your machine;-) but completely,
> > Please, explain me why someone needs to encrypt hdd. If user cannot
>
> (1) because it is required by law for certain types of sensitive data,
> such as medical information, credit card information, or classified
> government data.
> (2) because you are not allowed to keep physical custody of the
> computer (e.g. you want to take it on an airplane, or ship it).
> You might be able to protect it at one of your company's offices
> but not in transit.
> (3) because you cannot defend yourself against TLAs with badges
> and lots of weapons, especially while travelling.
> (4) because you have to sleep sometime
>
> > defend machine against non-authorized remote/physical access, to get
> > keys is Just Matter of Time + encrypted hdd gets nice abilities to
> > damage user data with great magnitude XD
>
> Being able to effectively destroy an entire (many gigabyte) hard
> disk by repeatedly overwriting a couple of sectors containing an
> encrypted key for the rest of the disk is an advantage when the
> TLAs break in giving you only minutes to erase the data. *This comes
> with the disadvantage that accidental destruction is also easier.
-----------------------------
Gordon, if workstation was deployed in safe place with only authorized
access, usefulness of entire hdd encryption would look too doubtful;
if you travel laptop of classified info with yourself, you must be
worried at highest red Alert of side-channel-attacks.
> Being able to effectively destroy an entire (many gigabyte) hard
> disk by repeatedly overwriting a couple of sectors containing an
> encrypted key for the rest of the disk is an advantage when the
> TLAs break in giving you only minutes to erase the data. *This comes
> with the disadvantage that accidental destruction is also easier.
Professionals would not break through to you so straightly :-)
Re: TrueCrypt hack? 
Linear Mode
