>From a Computerworld blog. --Jerry
When encryption doesn't work By Robert L. Mitchell on Wed, 07/26/2006 - 12:00pm In my interview with Ontrack Data Recovery this week (see Recovery specialists bring data back from the dead: http://www.computerworld.com/action/article.do?command=printArticleBasic&art icleId=112460), quite a bit hit the cutting room floor, including these three nuggets by Mike Burmeister, director of engineering for data recovery: Encrption can be broken I was surprised to learn that Ontrack regularly recovers encrypted data on systems where the user has lost the key. "There's only a couple of technologies where we would run into a roadblock [such as] some of the new laptops that have passwords that are tied to the media and to the BIOS," says Burmeister. That raises the question: if they can do it, who else can? On encrypted systems that are more difficult to crack, OnTrack also has a secret weapon. "Certain situations involve getting permission to get help from the manufacturer," he says. Broken CDs still yield data Ontrack can also reassemble and recover data from CD-ROM discs that have been broken into pieces. If you're using CDs for backups of sensitive data, it's probably best to shred them. Tapes work. People fail Among the tape problems Ontrack sees most often are those related to human errors, such as accidentally erased or formatted tapes. "Formatting the wrong tapes is the most common [problem] by far. The other one is they back up over a tape that has information on it. The general thing is they back up the wrong data. We'll get the tape in and they'll say, 'The data I thought was on this tape is not on it.'" While those failures can be attributed to confusion, another failure is the result of just plain laziness. "People run these backup processes and they're not simple anymore. They run these large, complex tape libraries and they call that good enough. They don't actually go through the process of verifying [the tape]," Burmeister says. The result: disaster strikes twice: once when the primary storage goes down and again when the restore fails. For more on how the technical challenge of recovery have raised the stakes and what you can do to protect your data, see the story above. Filed under : Security | Software | Storage Robert L. Mitchell's blog James Earl wrote: It's really too bad that ComputerWorld deems to edit these explainations. Especially when you consider its all ELECTRONIC paper. Posted on Thu, 07/27/2006 - 4:12pm| reply Security Skeptic wrote: CDs (and DVDs) are very effective targets for recovery, because they have massive error correction and the data is self-identifying because of the embedded sector IDs. It's quite possible to recover a CD that has been shredded, not just broken. A few years ago, there was academic research describing automated reassembly of shredded documents by scanning the bits and matching the rough edges of along the cuts. I'm sure that technology has improved, too. The moral of the story is that physical destruction is hard. Grinding to powder and heating past the Curie point are pretty reliable, but short of that, it's tough. You're better off encrypting, as long as the key actually is secret. Posted on Thu, 07/27/2006 - 4:44pm| reply Security Skeptic wrote: Computer BIOS passwords: easy to recover by resetting or other direct access to CMOS. You can do this at home. Disk drive media passwords: hard to recover, but possible by direct access to flash memory on the drive. This is tough to do at home, but probably a breeze for OnTrack. Disk drive built-in hardware encryption (which as far as I know is only a Seagate feature so far) should be essentially impossible to recover, unless Seagate has built in a back door, has fumbled the implementation, or the password is simple enough to guess. Same is true for software- based full-disk encryption: it can be invulnerable in the absence of errors. Use it properly, and you'll never have to worry about your data if the computer is lost or stolen. Posted on Thu, 07/27/2006 - 4:54pm| reply Iain Wilkinson wrote: Surely it's far more common to use the BIOS to prevent a hard drive being mounted in another device that to encrypt it. As one of the other commentators says, the BIOS is pretty easy to get into if you know what you are doing. Basing an encryption system on this would inherit all its weaknesses. Posted on Fri, 07/28/2006 - 7:53am| reply --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]