The idea that encrypting your entire hard drive provides data security in case your system is stolen. The whole scenario seemingly fits. If a thief can't get to the information on your hard drive due to encryption, it is safe right?
Well a work around has been found that surprised even me. The trick isn't breaking the encryption algorithm or brute forcing a key, rather the technique demonstrated simply plucks the key from a running system's memory. Normal security prevents a person from taking over a running system when you're not there - various forms of passwords and authentication. The clever tricks is that memory doesn't necessarily lose its information when your computer is turned off. By turning off the machine, hyper cooling the memory and then transporting it to another system allows for all the contents of memory to be read, including the encryption key for the hard drive. I knew that the contents of RAM disappeared after shutting down, but I thought it was on the order of several minutes before everything would be gone. The testing done showed that they had over 10 minutes of time to do the memory swap before data corruption reached 1% when the chips were hyper cooled.
February 22nd, 2008, 03:34 PM
Common disk encryption is kinda worthless. 
Linear Mode
