[Discuss] Cold Boot Attacks on Encryption Keys
    Richard Pieri 
    richard.pieri at gmail.com
       
    Fri Nov  8 22:36:25 EST 2013
    
    
  
Tom Metro wrote:
> The scenario is that you have strongly encrypted data on disk,
> decryption keys in memory, an OS configured so that it doesn't do
> something stupid, like write the keys to unencrypted swap space, and an
> OS hardened enough that physical access to the machine seems like the
> easier attack vector.
The problem with this scenario is that it makes no sense. If your threat 
is physical attack then why aren't you hardening your physical intrusion 
prevention? Because there's a simple (not necessarily easy, just simple) 
way for me to circumvent all of your clever switches and self-destructs 
and WDE if you don't beef up your physical security procedures.
I go after your backups.
-- 
Rich P.
    
    
More information about the Discuss
mailing list