[sf-lug] Full Disk Encryption options?

Kristian Erik Hermansen kristian.hermansen at gmail.com
Mon Mar 24 17:02:54 PDT 2008


2008/3/24 Erich Newell <erich.newell at gmail.com>:
>  You show me any such device that works on a laptop and I'll show you
> someone who is about to be "disappeared" by the NSA or worse. The device you
> are imagining does not exist outside the realm of multinational espionage...

Retail Hardware Laptop Keylogger:
http://www.keyghost.com/PCI-MPCI-Keylogger.htm

Of course, I think we can all agree that full disk encryption only
solves the problem where your attacker has access to your laptop only
once (stolen/lost), and not over a period of time.  If you lose your
laptop then FDE prevents data acquisition by the attacker.  However,
sustained physical access to any machine will always spell doom for
the attacked.  I thought this was obvious to everyone, but thanks to
Rick for making it so apparent :-)  My original intent was only to
provide a solution for software-based attacks, and not hardware
attacks.  In the worst case, someone might steal my RAM and freeze it.
 Heh, thanks to Jake for that research.  I still think someone could
make a ton of money by selling a hardware device (to those
three-letter-agencies) that automatically powers, cools, and dumps
stolen RAM on the fly so that you don't need to keep it installed in
the attacked laptop and boot from alternate media.  Eh, damn hackers
and their crazy attacks.  On a completely separate now, all your GSM
phone data are belong to some security researchers at the price of a
$1000 device.  Yay!!!

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9063899&source=rss_topic17
-- 
Kristian Erik Hermansen
--
"Clever ones don't want the future told. They make it."




More information about the sf-lug mailing list