Source code for 'cold boot' attack released

Paul Mah — Tue, 22 Jul 2008 09:03:00 -0400

The security researcher, who in February this year demonstrated a 'cold boot' attack, has released the utilities used at the Hackers on Planet Earth (HOPE) conference last weekend. You can read more about 'cold boot' attacks here, though the entire principle revolves around the reality that data stored in volatile RAM is, contrary to popular belief, not immediately lost upon powering down a system. Rather, it fades slowly over seconds or even minutes. The team has successfully demonstrated how a DIMM containing 128-bit AES encryption keys could be copied, reconstructing any decayed bits along the way.

What is the relevance of a 'cold boot' attack in the grand scheme of things? Consider just how this new attack vector renders current disk encryption schemes irrelevant. Indeed, the researchers were able to mount a BitLocker-encrypted volume put in an external USB drive in about 25 minutes. Anyway, you can find the research paper as well as explanatory video and the source code here.

For more on this chilling new attack vector:
- check out this Ars Technica article

Phoenix Technologies enables remote drive security

Mehan Jayasuriya — Fri, 09 May 2008 13:21:52 -0400

Phoenix Technologies has announced that it will bring its "FailSafe" tech to Fujitsu's new Full Disk Encryption (FDE) 2.5" 7200RPM SATA hard drive. FailSafe allows IT admins to remotely track, disable and even erase drives in the event that a machine containing sensitive data is lost or stolen. No word yet on pricing or launch date, though we're sure that there are plenty of admins out there that can't wait to get their hands on this tech.

For more on FailSafe:
- see this Gizmodo article