Practical whole disk encryption, or, how to frustrate data forensics.

When you get right down to it, the best way for an attacker to get hold of your data is to shut the box down, pull the drive, and rip a sector-by-sector image to analyze offsite. It might not be quick (depending on the speed of the hard drive, speed of the storage drive, and a number of other factors) but if you're not there when it's done you might not know that it ever happened. However, if you encrypt data at the level of the drive, they can copy the drive all they want but they won't be able …

Read more...

Cutting the power doesn't necessarily mean that memory is cleared.

It has long been a piece of grassroots wisdom that when the power to your computer goes dead, you're up a certain creek without a means of propulsion: Whatever you were doing at the time had gone to the great bit bucket in the sky, and unless you'd just saved your work you could kiss your next couple of hours goodbye while reconstructing everything. However, from a technical standpoint this isn't actually true. Modern-day DRAM can actually hold usable data for a finite but non-zero period of time after the main power's been cut off. This has actually been known …

Read more...

Bastille Linux domain hijacked by domain squatter; project renamed, relocated.

Some time on Monday, the Bastille Linux project was notified that someone had hijacked their domain, namely, a domain squatter named Mykhaylo Perebiynis who is willing to return use of the domain name for the paltry sum of $10kus. The official announcement can be read here. However, because the Bastille security system has been running on more than just Linux for a few years now (vis a vis HP-UX and Mac OSX), Jay Beale has decided to rename the project to Bastille Unix and acquire a new domain name while his lawyers fight it out with Perebiynis.

Beale is also …

Read more...