Alun
Wed Feb 27 10:37:38 CST 2008
<sarcasm>Wow - "several seconds".</sarcasm>
This would mean that your laptop would have to be taken and immediately
scanned, no more than a few steps away from you.
So, yeah, if you're coming through customs and you realise you want to hide
all your naughty videos, you might have a problem if the customs agent is
interested, technologically savvy, and equipped with thousands of dollars of
gadgets.
But if someone steals your laptop from you at knifepoint, unless he's got a
van full of gear right beside you, no, you're not in any significant danger.
Alun.
~~~~
"mitishushi" <@discussion.com> wrote in message
news:u0NFz9odIHA.4164@TK2MSFTNGP05.phx.gbl...
> please refer to this
>
http://afp.google.com/article/ALeqM5i0t4sGyIOt776qLZudh4epei2RuQ
>
> SAN FRANCISCO (AFP) ¡ª Researchers said Friday they found a way to
> sidestep encryption technology commonly used to protect sensitive data in
> computers.
>
> A "major security flaw" in several types of popular encryption software
> exposes supposedly safeguarded information, provided a savvy data thief
> can get hold of the machines, according to the Electronic Frontier
> Foundation.
>
> "People trust encryption to protect sensitive data when their computer is
> out of their immediate control," said EFF staff technologist Seth Schoen,
> a member of the research team.
>
> "Whether your laptop is stolen, or you simply lose track of it for a few
> minutes at airport security, the information inside can still be read by a
> clever attacker."
>
> Researchers claim they cracked an array of commonly-used encryption
> programs, including Microsoft's BitLocker, Apple's FileVault, TrueCrypt,
> and dm-crypt.
>
> In a paper published on the Internet, researchers show that data is
> vulnerable because encryption keys and passwords linger in the temporary
> memory of computers after machines lose power.
>
> "We discovered that on most computers, even without power applied for
> several seconds, data stored in RAM seemed to remain when power was
> reapplied," said research team member Jacob Appelbaum, an independent
> security specialist.
>
> "We then wrote programs to collect the contents of memory after the
> computers were rebooted."
>
> Laptops are especially vulnerable to the attack when the machines are in
> lock, sleep, or hibernation modes, according to the report.
>
> "We've broken disk encryption products in exactly the case when they seem
> to be most important these days: laptops that contain sensitive corporate
> data or personal information about business customers," said Princeton
> University computer science doctoral student J. Alex Halderman.
>
> "This isn't a minor flaw; it is a fundamental limitation in the way these
> systems were designed."
>
> Researchers say the attack technique is likely to be effective against
> many other computer disk encryption systems because of structural
> similarities.
>
> Turning laptops off completely helps guard against intrusion, but doesn't
> work in all cases, according to the report.
>
> "David H. Lipman" <DLipman~nospam~@Verizon.Net>
> дÈëÏûÏ¢ÐÂÎÅ:u1yIOPhdIHA.4712@TK2MSFTNGP04.phx.gbl...
>> From: "mitishushi" <@discussion.com>
>>
>> | There is recent report from AFP that says
>> FileVault¡¢TrueCrypt,BitLocker
>> | and dm-crypt are not reliable anymore. They are all easy to be
>> discrypted!
>> | then what can the users do?
>> |
>>
>> Please post the URL of the 'AFP' Rreport.
>>
>> --
>> Dave
>>
http://www.claymania.com/removal-trojan-adware.html
>> Multi-AV -
http://www.pctipp.ch/downloads/dl/35905.asp
>>
>>
>
>