Just found this disturbing article..........
http://www.news.com/8301-13578_3-987...?tag=nefd.lede
Just found this disturbing article..........
http://www.news.com/8301-13578_3-987...?tag=nefd.lede
Donate to Xtreme Systems!
Now Showing:
Gigabyte x48-DQ6, Q6600,OCZ 1066 Reapers,2 750gb seagate 7200.11 hd, BFG 8800GTS 512,PC P&C 750 Quad psu, 24" Sceptre lcd, Antec 900
my wife's system now!
Intel C2D 6400, Zotac Matx mobo, 1gb kingston mem, Nvidia 7050,I Feel really Good now!
Jon C2D 6600 Zotac mobo 1gb mem............................................... ................. HTPC qx6700@3.0ghz
Annabelle Amd 3800+@2.4ghz, Biostar mobo, 1gb ocz pc4500 beta's................. Optyx2 opty165@ 2.1 ghz
'Want a real high?
Come crunch WCG and you'll feel like your on QuadCaine"
First loops are like first sex, all hands and thumbs till you figure out what goes where, then it's what ever works best for you.
dam...
would be interesting to hear what Steve Gibson at GRC.com thinks about it.
If you went to the lengths of full disk encryption with super sensitive data on the computer, you probably wouldn't put it into sleep mode anyway and expose the risk of scanning the ram for encryptions keys.
CPU Intel E8400 4.3ghz (9x478), Poseidon WCL-04 Water Cooling | RAM Crucial Ballistix Tracer PC2-8500 2x1gb | Motherboard Asus P5Q Deluxe | Graphics Card 512mb ASUS 9800GTX+ | Audio X-Fi XtremeMusic, Logitech Z-2300 | Power Supply Corsair HX620 | Case Antec 900 | Input Devices Razer ProClick, Logitech G15 | Display Device Dell UltraSharp 2408WFP, Samsung 226BW
This works only when the encrypted volume is mounted and accessible by any program. For example in TrueCrypt, simply dismounting the volume results in the keys being erased from RAM thus making this "exploit" impossible. TC also automatically dismounts all volumes once the user logs off or the system enters a sleep mode.
Supercooling RAM?
You were not supposed to see this.
Nice trick cooling the ram to make it hold its information while hotswapping it.
All along the watchtower the watchmen watch the eternal return.
Thats some pretty cool stuff!!
exactly. so they need direct access to your RAM, for instance via a trojan horse. if they have direct access to the computer while it is running and the volumes are mounted they don't even have to take a look into the RAMOriginally Posted by largon
This works only when the encrypted volume is mounted and accessible by any program. For example in TrueCrypt, simply dismounting the volume results in the keys being erased from RAM thus making this "exploit" impossible. TC also automatically dismounts all volumes once the user logs off or the system enters a sleep mode.
Supercooling RAM?
I don't see a big problem here
Notice any grammar or spelling mistakes? Feel free to correct me! Thanks
Well if your encrypting your hdd would you not run a decent firewall/antivirus/spyware/maleware etc. to prevent a trojan.
I want to see this in practice on video.
brainwall.exe is sufficient for most cases...
Notice any grammar or spelling mistakes? Feel free to correct me! Thanks
software encryption will never be 100% secure, this isnt news...
what you need is hardware encryption
The problem with hardware encryption is whoever made the hardware has the key or the backdoor. IBM keys are probably not secure as they likely give them to the feds in the US anyhow. Trust no one
"Foldin, Foldin, Foldin...keep those benchers foldin..." (Lyrics by Angra, Music is Rawhide)
BOYCOTT MIR's
here u go: http://www.youtube.com/watch?v=JDaicPIgn9U
AMD Phenom II X6 1055T@3.5GHz@Scythe Mugen 2 <-> ASRock 970 Extreme4 <-> 8GB DDR3-1333 <-> Sapphire HD7870@1100/1300 <-> Samsung F3 <-> Win8.1 x64 <-> Acer Slim Line S243HL <-> BQT E9-CM 480W
There aren't any known exploits to attack AES or serpent. saaya, please show some evidence that supports your theory that AES / serpent volumes created in truecrypt aren't "100% secure" short of brute force attacks.
And to think I thought the weak point for all of this software encryption was the fact that really it is protected by a password.
Also a nice trick: soldering a power supply to it in parallel. Y'know, doesn't require it to be near zero kelvin to work.
Sigs are obnoxious.
Anyone know if True Crypt would store the key files coming off a USB drive in the RAM?
Edit: Now that I think about it some more I guess it does since you can remove the drive and still have the volume open. Can someone confirm that True Crypt does in fact wipe the RAM once the volume is closed?
I don't see such a big deal here. This isn't really news even is it? We've known how ram works forever. I'm really not too worried about someone taking the ram out of my computer, if I have data on a computer that is that sensitive and someone were able to take the ram out of it, I don't think the problem lies on the fault of the encryption.
E8400 @ 3600mhz
4870 @ 790/1100
2x2GB DDR2
But this exploit is not about the encryption. It's all about how encryption softwares handles the keys.
TrueCrypt documentation states that the master key is stored unencrypted in the RAM as long as the volume is mounted.edit:Inherently, unencrypted master keys have to be stored in RAM as well. When a TrueCrypt volume is dismounted, TrueCrypt erases its master keys (stored in RAM). When the computer is cleanly restarted, all TrueCrypt volumes are automatically dismounted (thus, all master keys stored in RAM are erased by the TrueCrypt driver).
On a completely unrelated note:
kryptobs2000,
I think there's an unwritten rule on internet on forums that prohibit male users from using avatars that depic males who aren't either of these:
1. the user himself
2. celebrity that has considerable amount of "street kred"
Last edited by largon; 02-22-2008 at 03:08 PM.
You were not supposed to see this.
Posting Permissions
Reply With Quote
Bookmarks