June 28, 2008

Be Aware – Encrypting your hard drive not fool-proof

Posted in Uncategorized at 2:50 am by gloriouscomputing

Encrypting your whole system drive is a good idea, and certainly safer than not doing so.

However, be aware that it only saves you if your PC is shut down, and not messed with for a few minutes.

A smart attacker, when confronting your non-turned off machine, can steal your key from RAM.

See the research: http://citp.princeton.edu/memory/

So ask TrueCrypt to add a feature: Wipe System Encryption Password and Force Shut Down. Then you could just assign a hotkey, to quickly and fully protect your PC data.

I understand that this would be the same as unplugging the PC right in the middle of everything – but that’s fine! And this would be better, because it could quickly scramble the key data, and then turn off.

Whatever is in RAM would still take a few minutes to fade, but all the hard drive data would be safe, since the key would be gone.

I’d post further inquiries at the TC forum, which is seemingly not discussing this, but their registration system is keeping me out (no gmail allowed).