From owner-freebsd-hackers@FreeBSD.ORG Mon Feb 25 15:33:32 2008 Return-Path: Delivered-To: hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9F6F816A402 for ; Mon, 25 Feb 2008 15:33:32 +0000 (UTC) (envelope-from mozolevsky@gmail.com) Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.170]) by mx1.freebsd.org (Postfix) with ESMTP id E20C813C4D3 for ; Mon, 25 Feb 2008 15:33:31 +0000 (UTC) (envelope-from mozolevsky@gmail.com) Received: by ug-out-1314.google.com with SMTP id y2so909802uge.37 for ; Mon, 25 Feb 2008 07:33:30 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; bh=7jvjA69IkBfCtvw+EIub+Ex82taMfrNu6MHwcghrAiQ=; b=mNT8B6T0AjdPaebbpt+F+Y0/f60jNSEWxHJhK3brPqlsI4D+u2ksP7Fib91mfSza3VRsVkvIeR1J9zGbauBd0fm94YpRaGoitB2pTOVGs9wqv9Dl/zcLbJEYS6DVaoz+sk4NTYfKCTLnzjNgw+ceixi6FAzK5ywlb620HSjQRao= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=KE5CRauJhJKq6OIZQyqazwHSMTKp1qD8/V6DCYl0uGxr9Ut5N7VY3WH04x2ZJZWk9RxVWWH0bld/+7CDWypsWaMHeJpznuqNIDiM4pzq9l6GFGW4rE7nnVGqhILooarn6PuZ5FetKruHOsZ1aHCtsyrHJFafdKCKC2Q9jMQ6nds= Received: by 10.66.221.6 with SMTP id t6mr3333236ugg.0.1203953610559; Mon, 25 Feb 2008 07:33:30 -0800 (PST) Received: by 10.66.248.11 with HTTP; Mon, 25 Feb 2008 07:33:30 -0800 (PST) Message-ID: Date: Mon, 25 Feb 2008 15:33:30 +0000 From: "Igor Mozolevsky" Sender: mozolevsky@gmail.com To: "Bill Moran" In-Reply-To: <20080225095205.def9414d.wmoran@collaborativefusion.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <47C06E1F.5020308@thedarkside.nl> <760775.85636.qm@web50306.mail.re2.yahoo.com> <20080223203316.GC38485@lor.one-eyed-alien.net> <20080224100924.c8e08776.wmoran@collaborativefusion.com> <20080224123328.a0a85d7c.wmoran@collaborativefusion.com> <20080225095205.def9414d.wmoran@collaborativefusion.com> X-Google-Sender-Auth: 952a577368dd8237 Cc: hackers@freebsd.org Subject: Re: Security Flaw in Popular Disk Encryption Technologies X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 Feb 2008 15:33:32 -0000 On 25/02/2008, Bill Moran wrote: > In response to "Igor Mozolevsky" : > > > Crypto is merely a way of obfuscating data, and we all know the truth > > about security by obscurity, right? > > > I don't think you correctly understand the concept of "security through > obscurity" ... as crypto is _not_ an example of that. You have way too much faith in crypto - any crypto system can be broken given enough time + computing power + determinism... You can't break a system when half the data that you need is missing (see * later). > > Why would you have sensitive data > > on a laptop that anyone could potentially snatch out of your hand??? > > If it's sensitive enough to be paranoid, it should never leave the > > site! > > > That's like saying, "Why would you ever drive a car on the freeway when > you know how many people are killed in auto accidents every day." > > The answer is, "because you must." That's a ridiculous analogy! Such as when?.. > > There are better ways to protect data than simple disk encryption, *if > > you really have to* to take it offsite on a laptop. > > > Name 3. 1) Store the data on a USB stick, or other portable medium which you can detach from the laptop*; or 2) Use crypto system that requires a physical token to decrypt the data (which can be detached from the laptop in transit); and I don't have time to think of a third one ATM... > > There's only one > > thing disk crypto is useful for - swap encryption, I'd not use > > straight crypto for anything else... > > > Again, I find you opinions odd, and possibly misinformed. How could it be misinformed - you've just said that HD crypto is easy to compromise using the aforementioned method, clearly it's not good enough to encrypt sensitive data?.. > > But again, how many of us here > > actually use S/Key for remote logins?.. > > > S/Key isn't the magical solution to all security. I know, I was merely using it as an example of security solution being 'out there' and hardly anyone using it... > > Then there's things like BIOS passwords, > > > How does a BIOS password protect RAM from being removed? Password protecting BIOS prevents the attacker from manipulating permissible boot partitions... > > restricting > > boot partitions, and if you don't want memory covers to be unscrewed > > (or your laptop case as a whole, for that matter) you can always use a > > bit of loctite! > > > Sure, the old "superglue in the USB port" trick. I'm sure HW manufacturers > love it when they see that ... warranty out the door! But in this case, > if the attacker is after the data, breaking the RAM door to get it open > isn't a very big deal, now is it? Once the computer is off you only need to delay the extraction of RAM sufficiently for the attack to be ineffective... And as for the warranty, you have a choice, you either make the system secure and compromise the warranty, or you make the system comply with warranty T&C and compromise the security... > > As the saying goes, those who think that crypto is the solution to > > their problem, don't crypto nor the problem... > > > Not sure I understand what you mean by that, but your flippant dismissal > of strong cryptography is not justified by any facts I've ever seen. The issue is not how strong crypto is, but how people use it - if one relies on the fact that their highly sensitive national secrets are safe just because they've encrypted the hard drive the data is on, and haven't taken any other precautions then you can easily see how a simple attack like that would screw them over, and quite frankly they would deserve it!.. Crypto is not a replacement for common sense! Igor