[FDE] DRAM attack - not thwarted at all by Seagate's drive CORRECTION the data on the HDD IS Protected!!!

Larry Massey larry.massey at usa.secude.com
Fri Feb 29 13:30:16 MST 2008 

Garrett:

 

Glad you "conveniently" received that email.J

 

Yes, you may be a bit too picky. 

 

Our solution is to solve a Data At Rest problem that in pure Software Laptop
Encryption products is broken by exposing the encryption key residing in PC
DRAM and NOT to solve the problem of securing the contents of DRAM which
would a different data exposure problem, of course.

 

We make no claim to solve the problem of data exposed in DRAM, simply to not
put data in DRAM at a point in time that it could be exposed and used to
defeat HDD on board encryption technology. You may want to spend some time
learning more about the Seagate drive, as it is quite an interesting and
secure technology.

 

If any of you will be attending the Data Protection Summit in LA next month,
we will have a presentation on this specific topic (again DAR only), I will
also be attending and would love to meet any members of this very enjoyable
although overly cloaked group on this blog. Maybe we can even get together
for a dinner one evening. I am sure that some of this blogs under cover
vendors might even be willing to foot the bill.

 

Regards,

Larry

 

 

___________________________________________________

Larry Massey

President

 

SECUDE IT Security, LLC 
380 Sundown Drive
Dawsonville, GA  30534 USA 



Tel : +1 706 216 8609 

Fax:    +1 706 216 4696

Mobile : +1 706 215 3854 

larry.massey at usa.secude.com
 <http://www.secude.com/> www.secude.com

 

From: fde-bounces at www.xml-dev.com [mailto:fde-bounces at www.xml-dev.com] On
Behalf Of Garrett M. Groff
Sent: Friday, February 29, 2008 2:07 PM
To: fde at www.xml-dev.com
Subject: [FDE] DRAM attack - not thwarted at all by Seagate's drive

 

I conveniently got an email from Secude in my inbox. One of the closing
paras had the following:

 

 

As you continue your investigation of disk-encryption technologies, I invite
you to contact us to learn more about our partnership with Seagate and other
hard drive manufacturers and how we eliminate the types of vulnerabilities
found in DRAM attacks.  By encrypting data at the drive level, we are able
to offer you the highest level of protection.  

 

 

Of course, that's not true at all. The vulnerability of data residing in
DRAM still exists. That will be the case until we get "secure RAM," or
something along those lines.

 

However, it is true that the particular attack involving reading the FDE key
directly from RAM is defeated since that key is never written to RAM.

 

Maybe I'm being too picky here, but looking ahead, this technique could be
used to read information from any application that happens to be open at the
moment using software that looks for juicy keywords (like "confidential" or
"password"). Doesn't that seem like the next logical threat once the
"low-hanging fruit" (such as it is) of cold-boot key discovery is patched? I
mean, how long are we going to have secure disks with wide-open RAM chips?

 

- Garrett

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.xml-dev.com/pipermail/fde/attachments/20080229/95f79529/attachment.html

More information about the FDE mailing list