AdamStovicek.com

Archive for the ‘Computers’ Category

Source … Center For Information Technology Policy at Princeton University

Disk Encryption has been touted as the ultimate in securing a computer, especially laptops which are prone to being lost or stolen. The theory is that once a machine is turned off, encryption “activates” and renders the hard drive inaccessible. Without entering the correct keyword or accessing a separate key file,
the hard drive would essentially be nothing more than a paperweight. However, things rarely seem so simple.

Because your computer needs to access the encrypted hard drive while powered on, the access key remains resident in its memory. The natural assumption is that when you power off your computer, its memory flicks off like a light. Researches at Princeton have shown that DRAM, which is used in the majority of computers today, fades off over the course of a few minutes. If one were to cool the ram down to a much lower temperature, that power fade can extend far longer than a few minutes. So what does this mean in terms of encryption?

Since the ram takes longer to power down, the encryption access keys remain in the memory. With some simple computer engineering, one could transfer the ram to another computer, or create a separate device, in order to read the contents of the memory while it still contains the encryption access key.

This does, however, depend on a few assumptions. The first and foremost is power. While the DRAM does take a few minutes to fade, it still does power down. So there is a significantly short window of opportunity. While you can slow the process of the fade down, one would need physical access to the ram in order to do so. The trick would be to keep a system powered on until one were ready to hack into it.

The second is access to the hard drive. With bios and boot loader passwords, simply getting to the prompt to enter the encryption access key could be troublesome. One would have to physically remove the hard drive and place it into another machine. Not that this approach is out of line considering that the machine is already in the hands of a hacker. If they were lucky enough not to encounter a bios password, they could
just have the machine boot from an external device such as an USB key
or hard drive.

Laptops with battery power are certainly easy targets for this. Many people are known to leave a laptop powered on and unattended in a public place. A thief could easily have a setup in car nearby, or even a few minutes away. But how does one attempt this with desktop? Desktop machines rarely have any kind of battery backup, and when they do it certainly doesn’t last long. Some desktops use more electricity than all other home appliances combined. How do you keep the power in the DRAM long enough to perform the hack? Answer: WiebeTech HotPlug. The web page clearly states:

How to circumvent Whole Disk Encryption
The key: Do not allow the encryption to activate. Low level encryption such as Vista’s Whole Disk Encryption (WDE) can halt an investigation. Use HotPlug and Mouse Jiggler to prevent encryption technologies from activating. If you can carry away the computer while it’s still logged in, you maintain full access to the hard drive.

That statement assumes to keep a password screensaver from activating. But as the researchers have shown, one needs to only supply power to the DRAM long enough to get the desktop somewhere to perform the hack. The trick is moving a desktop without disrupting it’s power source and the web site even has links to videos showing how they perform this kind of a seizure using their HotPlug device. Designed for Government and Forensic customers, it still available for sale to general public.

So does this mean disk encryption is no longer viable? Well ask yourself this: do you still lock the door to your house as you leave knowing full well that windows are easily broken and door locks can be picked? You can never make anything completely theft proof, but you can significantly increase the resistance to theft. A thief is going to look for the easy targets that take the least amount of time. Unless you’re carry a laptop with detailed maps to untold fortunes, a thief most likely won’t take the time to break into your computer to see where you shop online. Passwords and financial information is easier to get from online attacks anyway through phishing and trojan viruses.

Unless you’re a government employee, corporate executive, or under investigation for illegal activities, you’re not going to garner enough attention to go through the work of circumventing your disk encryption. However, you should still understand the concept and know that it can be defeated. Don’t assume that your disk encryption is the holy grail of protection and take extra steps to ensure the safety of your computer and its data.

1. Never leave your laptop unattended.
2. Set the bios’s boot password. Without it, the computer’s operating system will never boot.
3. Use a screensaver that requires a password to deactivate and have it activate within a few minutes of inactivity.
4. Use a login to the operating system, even if you’re the sole user.
5. If you run a boot loader like LILO or GRUB, set a boot password. Every password prompt means one extra lock in the chain. And keep the passwords different.
6. For desktop security, power down when not in use. By the time anyone thinks of stealing it, the memory ought to have been cleared.
7. Never advertise your security measures. If they don’t know the encryption exists, they may not be prepared for it.
8. Hide your typing when entering passkeys/passwords. Many passwords are hacked by looking over the target’s shoulder or video recording the finger movements over the keyboard.

Source … InformationWeek

Is Windows Vista too fat for you? I know it is for me. It’s one of the many reasons why I don’t touch the damned thing.

Enter vLite. This tool allows you to customize Vista before you install it. So, instead of it using up 15GB of hard drive space, you might only need half of that by limiting which components actually get installed. Other features include unattended setups, creating ISOs and bootable CD/DVDs, language pack and driver integration, and tweaking. We all like to tweak.

I have no personal experience to share. I tried Vista once and gave up on it. I am happy with my XP machine. Everything else I use has Linux installed. But from what I’ve read in the past, any way to customize the bloated Vista has to be good.