interesting paper. but i fail to see how this could be "deadly" (as the author puts it) to the disk encryption products.
This methods requires the computer to be "recently" turned-on and unlocked. So the only way it would work is that the victim unlocks the disks i.e. enter their preboot password and turn off the computer and "immediately" handover (conveniently) the computer to the attacker so that the attacker remove the DRAM chip and store in nitrogen. And the attacker has to do all this in less then 2 seconds.... :) If the attacker is standing right next to the victim, why even let the victim turn-off the unlocked computer???? Or am I missing something? -- Saqib Ali, http://www.full-disk-encryption.net On 2/21/08, Perry E. Metzger <[EMAIL PROTECTED]> wrote: > > Ed Felten blogs on his latest research: > > http://www.freedom-to-tinker.com/?p=1257 > > Excerpt: > > Today eight colleagues and I are releasing a significant new > research result. We show that disk encryption, the standard > approach to protecting sensitive data on laptops, can be defeated > by relatively simple methods. We demonstrate our methods by using > them to defeat three popular disk encryption products: BitLocker, > which comes with Windows Vista; FileVault, which comes with MacOS > X; and dm-crypt, which is used with Linux. > > More info: http://citp.princeton.edu/memory > > Paper: http://citp.princeton.edu.nyud.net/pub/coldboot.pdf > > > > -- > Perry E. Metzger [EMAIL PROTECTED] > > --------------------------------------------------------------------- > The Cryptography Mailing List > Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED] > --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
