Practical whole disk encryption, or, how to frustrate data forensics.

  howto boot_loaders crypto data_forensics full_disk_encryption grub hard_drive laptops mac_osx portables truecrypt wde whole_disk_encryption windows

When you get right down to it, the best way for an attacker to get hold of your data is to shut the box down, pull the drive, and rip a sector-by-sector image to analyze offsite. It might not be quick (depending on the speed of the hard drive, speed of the storage drive, and a number of other factors) but if you're not there when it's done you might not know that it ever happened. However, if you encrypt data at the level of the drive, they can copy the drive all they want but they won't be able …

Read more...

Cutting the power doesn't necessarily mean that memory is cleared.

  bitlocker canned_air computers cooling crypto data dimms disk_encryption dm_crypt dram extraction filevault forensics information_decay keying_information linux liquid_nitrogen mac_osx memory netboot physical_attack power precomputat

It has long been a piece of grassroots wisdom that when the power to your computer goes dead, you're up a certain creek without a means of propulsion: Whatever you were doing at the time had gone to the great bit bucket in the sky, and unless you'd just saved your work you could kiss your next couple of hours goodbye while reconstructing everything. However, from a technical standpoint this isn't actually true. Modern-day DRAM can actually hold usable data for a finite but non-zero period of time after the main power's been cut off. This has actually been known …

Read more...

Bastille Linux domain hijacked by domain squatter; project renamed, relocated.

  bastille beale domain_hijacking extortion fingerprint hp_ux linux mac_osx osx perebiynis pgp public_key

Some time on Monday, the Bastille Linux project was notified that someone had hijacked their domain, namely, a domain squatter named Mykhaylo Perebiynis who is willing to return use of the domain name for the paltry sum of $10kus. The official announcement can be read here. However, because the Bastille security system has been running on more than just Linux for a few years now (vis a vis HP-UX and Mac OSX), Jay Beale has decided to rename the project to Bastille Unix and acquire a new domain name while his lawyers fight it out with Perebiynis.

Beale is also …

Read more...