http://www.matasano.com/log/1749/typing-the-letters-a-e-s-into-your-code-youre-doing-it-wrong/
Towards the end of this rather offbeat blog post they describe a
rather clever attack which is possible when the application provides
error messages (i.e. is an error oracle) for PKCS7 padding in e.g. AE
Reading really old email, but have new information to add.
On Wed, Oct 03, 2007 at 02:15:38PM +1000, Daniel Carosone wrote:
> Speculation: the drive always encrypts the platters with a (fixed) AES
> key, obviating the need to track which sectors are encrypted or
> not. Setting the drive password s