Introduction
I have noticed an increased trend in the use of full disk encryption recently,
especially among Linux users. However, this growing trend is not entirely a
good one, many users are treating full disk encryption as a panacea, thinking
it invulnerable and wholly trusting the security of their data to it. I have
taken the time writing this paper to address this dangerous line of thinking,
and to suggest ways to fix the most common flaws with full disk encryption.
Unfortunately, I do not have the time at the moment to write detailed guides to
enact my solutions, so I will leave this as an exercise to the reader and the
community in general. It's important to note before continuing that this paper
is discussing the flaws common to full disk encryption, if you do not use full
disk encryption then your data is already vulnerable, and it would be wise to
take the steps necessary to protect it.
Why your data may already be compromised
I will kindly ask you to examine the following list, and see if one or more of
these items fits your computer's usage and environment.
- My kernel is stored unencrypted on an internal drive
- My system has a firewire port
- I leave my system alone (even occasionally) without shutting it down
- I leave my system alone after shutting it down without a second thought
Now, if any of the above items apply to you, your use of full disk encryption
is nothing more than a false sense of security, anyone who really wants access
to your data has multiple ways to access your encryption keys, and in some cases
your data directly!
The World Ends With Your Kernel
What is the most important piece of software on your entire machine? Your
kernel, of course, followed by your bootloader, which is responsible for loading
the kernel in the first place. Your kernel is God on your machine, it handles
disk and network I/O, access to memory, multitasking, everything that allows
your software to do its job. Having such power comes with great responsibility:
the kernel can do whatever it wants, including sending your encryption keys,
passwords and passphrase's to some unsavory party.
But you don't have to worry, right? You use full disk encryption after all,
don't you? Well, here's the common misconception, your disk isn't actually
fully encrypted, your kernel has to be stored somewhere unencrypted for the
bootloader to access it. Yes, that God-like piece of software that controls
every bit of information passing through your machine is sitting there,
unprotected. It's no difficult task for someone to install a modified kernel
that sends your encryption keys to them, and then your efforts to secure your
system were in vain.
So why can't we just encrypt the kernel? Simple, then the bootloader would have
to decrypt it, which means security falls onto the bootloader, and that could
just as easily (if not easier) be modified and replaced as your kernel. Above
the bootloader, what is there, your hardware? You can't very well trust your
hardware to encrypt your bootloader, since that would essentially prevent
installing anything but the bootloader that came with your machine, tying you
into whatever OS it came with. Yeowch, we don't want that.
So if we can't leave security up to our machines, is there no way to have a
truly secure system? Are we doomed to using full disk encryption in vain for the
rest of time? Fortunately, no, and it goes back to an old computer security
adage: "there's no security without physical security.''
To keep our data safe our kernel must be physically guarded, along with our
bootloader. To keep your kernel and bootloader physically secure, without
needing to watch your PC 24/7, we need a way to carry them with us.
Fortunately, most (if not all) PC's today allow booting from USB flash drives or
external USB hard drives. This means we can store our kernel and bootloader on
a cheap flash drive that we carry with us. If this God-like piece of software
is on you at all times, no one will be able to secretly slip a modified version
into your system. How about that?
If you lose your flash drive, or it is stolen, you can simply reinstall the
bootloader and kernel on a new one and continue on with life, since it's likely
that your old one has been compromised if it shows up again.
Firewire Needs a Firewall
It's quite unfortunate, Firewire was designed to be a high-speed data bus for
connecting digital video/audio equipment and external storage devices, but today
it is almost nothing more than a gaping security hole to your system. Firewire
allows host and guest devices to access each others memory directly using DMA or
Direct Memory Access, this means a Firewire device plugged into your system can
access your system memory and create a dump of it, likely snagging your
encryption keys for your disks in the process. Even worse, they could modify
your kernel in-memory or on-disk if the person trying to access your data is
clever enough.
This makes Firewire a very easy vector for attackers to access your data, and if
you do not make use of the technology I suggest you disable it in your systems
BIOS or blacklist the kernel module.
RAM Remembers When
Another vulnerability most people don't know about is less obvious than the
gaping hole in the Firewire specification. Did you know that DRAM does not
reach a full discharge immediately after it loses power? Also of note, when
DRAM is frozen it will retain its charge for a prolonged period of time. Put
simply, this means two things: an attacker can freeze your memory to keep data
such as encryption keys 'live' long enough that he can plug it into a new power
source and make a dump of it; but they can also do it shortly after your machine
has shut down since data will remain in RAM for about a minute at the least
before it starts discharging.
Thankfully, the Linux disk encryption provided by dm-crypt bit-flips the keys it
uses in memory constantly, preventing your system RAM from building up a large
enough charge to store the key for more than a minute or so. But you still have
to worry about other data that may be in memory, like your unlocked SSH keys, or
a top-secret document. If you must leave your machine alone, you should shut it
down and keep on eye on it for at least a minute to make sure no one attempts to
freeze your RAM when it is most vulnerable.
Conclusion (Perfect Security Doesn't Exist)
Unfortunately, it's a fact of life that nothing is perfect, and perfect security
doesn't exist either. In fact, security is only as strong as we are, and it's
extremely easy to overlook little holes that may give someone unauthorized
access to your data. This is why it is important to be vigilant and read up on
any security measure you use, and make sure you use a combination of them (but
don't go overboard, you'll just make it harder for yourself to access your data,
which is not the goal of security).
I hope this paper has informed you of some risks of using full disk encryption
alone as a security measure, because while it does help, it is not a security
panacea and should not be treated as one. Always ensure your kernel is
protected or you might as well not have any security at all.
A downloadable PDF of this paper is available here.
Comments
Some problems seem more serious than others.
Where I live, the police/robbers aren't technical enough to overcome a screen lock. They'd rather try to reboot. So that somewhat mitigates this risk.
Replacing the kernel and initrd is something I gave little attention to, I admit. Here it would be nice if a GRUB was able to prefetch both files and compare against a saved checksum and present some little hint at boot time. OTH, if someone is versed enough to rebuild a custom initrd to buffer the passphrase, then a checksum file is probably not obscure enough.. (Again, different thing in my region, but still..)
I wonder if the Firewire DMA access is a fully hardware-controlled mechanism. If I could just disable it (BIOS and kernel initialization), wouldn't this "fix" it? - It's not if I need FW all the time.
It appears that firewire
It appears that firewire ports do actually need OS initialization to enable their functionality, from what I've read. So simply blacklisting the module in your udev rules should fix the issue. Disabling it in the BIOS would be a useless practice, since it can be re-enabled easily (password protected BIOS' aren't very well protected, due to the CMOS backup issue).
Edit: Let me explain a little better. The advantage to the firewire exploit is that it doesn't require a system reboot, they can just plug in and dump your ram. If you disable it in the BIOS, they would obviously be forced to reboot to take advantage of that situation, and if you use full disk encryption then it will essentially lock them out anyways. In this case, it would obviously be more likely for them to take advantage of the modified kernel or memory freezing attacks.
However, the BIOS doesn't control external firewire cards, and it *IS* possible for someone to do a two-visit attack if this is a home machine, once to enable firewire and a second to dump your memory. However, as I said, the chances of this are unlikely.
Stefan Nuxoll
Nice post
I am not much into reading, but somehow I got to read nice information on your site. We will look forward for your future updates.
Thanks
seo company
love yourself
i am here to share you the best UGG Boots in our website---freeshipping ! welcome to our website to get the things you want! you will not miss it !
http://www.uggpark.com
UGG Boots.Perfect & Classic Australia UGG Shoes Slippers & More for Men Women & kids.
http://www.avrilbags.com/
Bring your kernel with you? And the BIOS?
I don't see the point of bringing your kernel with you constantly in a USB key or something.
That is because, if the attacker is able to modify your kernel without you noticing, then they are also able to modify your firmware (a PC BIOS for instance) in the same vein, given it's usually situated in writable memory.
So your BIOS could be made to just pretend it's booting your kernel-on-USB, while it's really booting a trojan kernel on the HD that was modified by the attacker.
As much as I hate to say this, but TC chips seems *the* solution to this.
The concept behind Trusted
The concept behind Trusted Computing is most definetly the solution, but the current implementation is more inclined to use as DRM than as a way to protect your system from harm.
I never thought that full
I never thought that full disk encryption has its flaws. I always thought it's enough to protect my system. I've learned so much from this article.
Sports Betting
love
i am here to share you the best UGG Boots in our website---freeshipping ! welcome to our website to get the things you want! you will not miss it !
http://www.uggpark.com
UGG Boots.Perfect & Classic Australia UGG Shoes Slippers & More for Men Women & kids.
http://www.avrilbags.com/
funny jokes
funny jokes
gay action movies
gay action movies
promotional usb
That was a great post! Thanks for providing the informative article indeed
Thanks for such a great post and the review, I am totally impressed! Keep stuff like this coming.
nice!
nice post and it is really helpful!
guccicn.net
Thanks for sharing... It
Thanks for sharing... It really helped..
hmm
SEO Services
jewelry
whoisjewelry.com is a leading supplier of all popular types of jewelry such as mens jewelry, womens jewelry, wedding jewelry, fashion jewelry, gold jewelry ,silver jewelry...please contact us right now
nike shos
very interesting post, thanks for sharing.
max air max tn dollar running design in the front pocket some special enhaned the flexibility to provide greater flexibility, the weight is less than 13 ounces grey mens shoes running is the nike air max series lightest footwear. Come buy. Cheap and comfortable.our website http://www.sportshoesol.com/nike-air-max-tn-dollar-c-21_66.html
watches
We sell brands of watches such as http://www.watchestoo.com/rolex-c-145.html http://www.watchestoo.com/cartier-c-129.html http://www.watchestoo.com/patekphilippe-c-142.html http://www.watchestoo.com/breitling-c-119.html
http://www.watchestoo.com/omega-c-141.html http://www.watchestoo.com/tagheuer-c-156.html
http://www.watchestoo.com/rado-c-144.html
http://www.watchestoo.com/iwc-c-138.html
http://www.watchestoo.com/uboat-c-163.html
http://www.watchestoo.com/longines-c-140.html
http://www.watchestoo.com/corum-c-132.html
golf
TaylorMade R9 Fairway Wood
TaylorMade R7 Irons
Callaway Big Bertha Diablo Driver
Ping G15 Fairway Wood
Maruman Majesty Prestigio Gold Premium Driver
MIZUNO JPX E600 Driver
TaylorMade Burner Fairway Wood
PVC Raincoat
Very happy to share your article! If you have intention to buy PVC Raincoat ,we can provide you all kinds of colors and style with the best quality and service!
roller shoes
One day I went to a party with my new roller shoes ,wow,so many friends of mine also like them very much.In fact there are all kinds of other popular style ,and I believe you will be interested in it too as long as you are a fashionable young person.
very good
This is a good post, I stumbled across your article while looking for song downloads. Thanks for sharing, I’ll be sure to recommend this site to others.Champions Online resources
58
http://www.htohealth.com/thread-3828-1-1.html
8 suprises you will find in http://www.perfect-digitizing.com
You will find so many suprises if you choose Perfect Emboridery Digitizing, http://www.perfect-digitizing.com, or contact digitizing@perfect-digitizing.com to learn more.
Gucci sunglasses
Gucci sunglasses hot selling net ,sale Gucci sunglasses, discount offered,free shipping to worldwide,you are Welcome go to the--Gucci sunglasses hot selling net:
http://www.sunglasses-niceview.com
dvd to avi converter
Video Converter
dvd to avi converter
dvd to ipad converter for mac
ipad converter for mac
iPad Video Converter for Mac
dvd to ipad
iPad Video Converter
ipad converter
DVD Ripper Software
DVD Creator Software
DVD Converter Software
IPhone Tools
Ipod Tools
DVD Software for Mac
Video Software for Mac
Misc Software for Mac
MP4 Software
Audio Software
Video Software
Zune Software
Flash Software
YouTube Software
Other Tools
SMS Backup
Backup SMS
Contacts Backup
Backup Contacts
SMS transfer
transfer SMS
Used-Wheel-Loaders
Used Bulldozers
Used Cranes
Used Excavators
Used Rollers
Used Motor graders
Used Forklifts
Used Concrete Mixers
Used Generating Sets
talking to strangers I would never see again
discount tiffany
tiffany bangles
tiffany bracelets
tiffany Pendants
tiffany earrings
tiffany necklaces
tiffany rings
tiffany money clips
tiffany cuff Links
tiffany key rings
great read thanks
weeds season 4 episode 1
weeds season 4 episode 2
weeds season 4 episode 3
weeds season 4 episode 4
weeds season 4 episode 5
weeds season 4 episode 6
weeds season 4 episode 7
weeds season 4 episode 8
weeds season 4 episode 9
weeds season 4 episode 10
weeds season 4 episode 11
weeds season 4 episode 12
weeds season 4 episode 13
yongliang01
This makes Firewire a very easy vector for attackers to access your data, and if
you do not make use of the technology I suggest you disable it in your systems
BIOS or blacklist the kernel module.
step up converter
ok that is fine i will not mind
Alright got my doubts clear
Alright got my doubts clear here, thank you for taking time to share this informative and important thing with the readers!
UppaBaby Vista
walk in bath tubs for seniors and handicapped
I just got to know this website from my friend,it is sure enough really nice .
That is some inspirational stuff. Never knew that opinions could be this varied. Thanks for all the enthusiasm to offer such
helpful information here.
I bookmarked it into my facebook and digg and share the good stuff with my friends too,Keep up work.Is there more aspect
about this subject?I am looking forward to seeing it .
walk in tub|walk in
tubs|walk in baths|walk in
bathtubs
http://www.walk-in-tub.org
www.fjruan.com
All of our MBT shoes are from factory directly, authentic quality and original packages, such as MBT Changa , MBT kisumu ,MBT Sport and so on.pls check links: www.fjruan.com
One Special Self-Made Pinhole Cameras
Pinhole cameras can be very inexpensive. There are commercially available pinhole cameras available on the Internet or in photography shops. However, you can make one yourself. Now you don’t have to worry about this part.
Believe or not, making a pinhole camera is simple. All you’ll need are a light-tight box or a can with a tight-fitting top, film and photo paper, black photographic tape or black electric tape, black paint, and, of course, a pin or a needle.
Once you have all the materials, the first thing you must do is to paint the container inside-out with flat black paint. This is to ensure that light does not enter the camera. The next step is to make the pinhole.
For making non-cartridge pinhole cameras, make the pinhole on the opposite end of the removable side. This will make things easier for you when attaching the film. You can make the pinhole directly on the container, or you can make it on a separate piece of thin metal of heavy black paper and fasten it over a bigger hole made in the center of the container.
There are charts available that equate the pinhole size to the pin size and the distance from the pinhole to the film. When making the hole, make sure to rotate the needle as you push through the container, this will give you a smoother hole. Don’t press the pin too hard. Smooth the rough edges with an emery paper. After all these, you tape the pinhole over the hole in the box. Use the photographic tape or electric tape to do this.
To check that the pinhole is perfectly round, look through the back of the cam. If you see images clearly when aiming the camera toward a scene, then you’ll know that you’re doing the right thing. For the shutter, you can use an opaque dark paper. Attach it to the pinhole by hinging it with adhesive tape. You can also use tape to keep the shutter fastened while the camera is not in use.
A viewfinder is optional for pinhole cameras. But if you want your pinhole camera to have one, you can use wire or cardboard. The larger frame should be located above the pinhole and should be a bit smaller than the film size.
You can use either fast photographic paper or film. But paper is more advisable, since it can be loaded into the camera under a safelight. If safelight is unavailable, you can improvise by covering flashlight with several layers of red cellophane paper. Use it in a dark room, six to eight feet away from your pinhole camera. The only downside to using paper instead of film is that exposure takes about two minutes while film requires only a few seconds.
The above is the all steps for making a pinhole camera yourself. Well, it seems a little bit complicated, however it is very easy, but you need patient when you are making. If you are that kind of person who is patient and interest in hand-making, you’d better go to a shop and buy one.
Article from http://www.ixbay.com
Features of Pinhole Camera
Pinhole cameras may just be the simplest type of camera ever invented, and they have been around for a long time now. These cameras are used for art, fun, science, and even surveillance. The pinhole camera is not one of the conventional cameras you're used to in both its form and function. Instead of the typical camera case, a pinhole camera makes use of a light-proof box - matchboxes and cereal boxes will do.
But don't look down upon this cardboard camera. The fact is the results are impressive and sophisticated works of art. The images you get after exposure is a whole lot better than those you get from a conventional camera. It's soft, yet crisp at the same time, and the images have an almost infinite depth of field.
This simple camera works on an equally simple principle: Pinhole Optics. One side of the box has a miniscule hole. Light from outside the box passes through the hole and an image is formed on one side of the camera.
The bigger the scene and the smaller the hole will automatically mean a longer process. But this also means better results. The image will of course be dim, as the hole is very small.
The actual pinhole camera comes in many different sizes. But all the same, it is a lot smaller than the box mentioned above. And instead of a bare wall opposite the hole, the pinhole camera makes use of a sort of film. The film, flattened against the wall, records the light or the image that passes through the hole.
The camera creates a nice, in-focus representation of the scene where you point your camera. The exposure time usually lasts from half a second to several hours, much longer than usual exposure time of your conventional camera. This is because the pinhole can only allow so much light to pass through, but the result is definitely worth the wait.
Need any help? Please feel free to contact us via info@securitycamera2000.com, we always reply email within one business day.
Source:www.SecurityCamera2000.com
Pinhole cameras
Pinhole cameras can be very inexpensive. There are commercially available pinhole cameras available on the Internet or in photography shops. However, you can make one yourself. Now you don’t have to worry about this part.
Believe or not, making a pinhole camera is simple. All you’ll need are a light-tight box or a can with a tight-fitting top, film and photo paper, black photographic tape or black electric tape, black paint, and, of course, a pin or a needle.
Once you have all the materials, the first thing you must do is to paint the container inside-out with flat black paint. This is to ensure that light does not enter the camera. The next step is to make the pinhole
mbt shoes
Do not want to foot pain shopping a day, please do wear MBT uncertainly in mind shoes, soft, smooth surface, is a powerful daily training shoes. mbt shoes feature is also a friend introduced to me, wore one day know, really go a day will not feel tired, It is really a miracle. if I wear flat heeled shoes to go shopping, visiting the day, my leg still pain, but wearing this MBT Shoes,can improve gait and reduce the pressure on the floor right foot.
swf decompiler flash
swf decompiler
flash decompiler
swf to fla
drop down menu
dhtml menu builder
logo maker
logo creator
swf decompiler mac
flash decompiler mac
flash editor
swf editor
MBT shoes discount
MBT shoes are special shoes,they are not the same as
normal shoes,they are in special leather and design. Look at the MBT Shoe Picture,you will
find the sole of the shoes are in unusual shape.
reebok easy tone are
design for soldiers,they need do exercise,they need comfortabel shoes support their military
training. So when shape ups
shoes sale in the market,people rush to buy them,they though the MBT shoes can help them
be more healthier.
azanbbs
a>: azanbbs
New a>:azanbbs
url]: [url=http://hi.baidu.com/azanbbs]azanbbs[/url]
a]: [a/]http://hi.baidu.com/azanbbs[a]azanbbs[/a]
link]: [link=http://hi.baidu.com/azanbbs]azanbbs[/link]
纯: http://hi.baidu.com/azanbbs /1.html azanbbs
リンク>: <リンク:http://hi.baidu.com/azanbbs>azanbbs
cheap nike air max
Thanks a lot for sharing. You have done a brilliant job. Your article is truly relevant to my study at this moment, and I am really happy I discovered your website. However, I would like to see more details about this topic. I'm going to keep coming back here.
coach handbags
http://www.coachoutletfactory.com coach outlet factory
Post new comment