|
Researchers from Princeton University have found a simple way to crack popular encryption software, including the FileVault feature built-in to Apple's operating system and BitLocker, which is included in Windows Vista. The software aims to store data in a scrambled form making it indecipherable if in the wrong hands. Both programs use a federally approved algorithm that encrypts the information when it is written to, or read from, a hard disk. However, the keys allowing the computer to unscramble data are stored in the computer's memory. In theory, any information in a computer's memory disappears the moment a computer is shut down. But, it turns out a cold memory chip can retain data for anywhere between a few seconds and several minutes once the power is cut.
The researchers found that chips stored in liquid nitrogen could be transported to another machine and the data read, allowing them to find the key to the encryption. They then discovered that the technique could still work if the chips were simply cooled by a blast of cold air such as that found in dust remover sprays. It's not clear whether the problem affects government-held information because the methods used to encrypt such data are kept secret. Spokespersons for Apple and Microsoft said that encryption software only offered a certain degree of security, and that this could be enhanced by using physical methods which require a card or USB stick to be in a machine before data can be unscrambled. (Source: nytimes.com) Clearly such attacks require data thieves have physical access to a machine, so the method wouldn't be any use to Internet hackers. A spokesman for the research group said, "The risk seems highest for laptops, which are often taken out in public in states that are vulnerable to our attacks." (Source: news.com) Most of the concern over this vulnerability is with large corporations and government departments, particularly those who allow confidential information to be stored on laptops that can be stolen. Ordinary home users probably don't have much to worry about, though it may be worth making sure you don't leave a computer unattended in 'sleep' mode if there's even the slightest risk of it being nabbed.
-- Related newsletter articles:
2005/04/20 WinTuneup Review (memory)
2005/04/30 MemOptimizer Review (memory)
2007/01/18 'Die Hard', and 'Bit Tyrant' (memory)
2007/08/23 Trojan Makes Off With Thousands of Identities (data)
2007/06/25 Google Applauded for Privacy Policy? (data)
2005/08/27 Systweak CacheBoost Review (memory)
2007/04/25 'Ultra Vnc', and 'Reduce Firefox Memory Usage' (memory)
2007/03/02 'Microsoft Virtual Pc 2007', and 'Memscope' (memory)
2007/12/12 Wireless Keyboards Handy For Hackers, Too (encryption)
2007/10/18 What's the Punishment for Leaking Vital Government Data? (data)
2007/12/20 What Privacy? Security Survey Pessimistic (data)
2007/05/10 RegistryBooster Review (data)
2005/10/12 Protected Mode (memory)
2007/04/24 Vacuum Tubes and iPods: A Match Made in Retro Heaven (data)
2007/10/18 Hitachi Unveils "Nanoscale Hard Drive" (data)
2007/11/27 Hackers Threaten Internet Phone Calls (encryption)
-- Recent articles (from all channels): 2008/05/12 Today in History: for Monday, May 12, 2008
2008/05/12 [ShellX 20080512]: 'Remote Manager', and 'Cyber Bandwidth ...
2008/05/12 Video Gaming Trade Group Struggling
2008/05/12 T-Mobile Finally Joins 3G Phone Race
2008/05/12 Apple Slammed by Environment Watchdog
2008/05/09 [ShellX 20080509]: 'Advanced Run', and 'Diver Windows Manager'
2008/05/09 Texas Refuses Facebook Friend Request
2008/05/09 Photo-Enforcement Technology Replaces Officers On Patrol
2008/05/09 Cuban Government Says 'Ok Computer'
2008/05/09 Excel Can E-Mail Your Weekly Reports For You!
2008/05/08 [ShellX 20080508]: 'Shell Enhancer', and 'Lansweeper'
2008/05/08 Xobni: MS Outlook Social Networking Technology for your Inbox
2008/05/08 Music Companies Jump on GTA IV Bandwagon
2008/05/08 Fascinating: Memristor to replace Binary
2008/05/08 Adobe Hopes To Make Flash Master Of The (Mobile) Universe
2008/05/08 Spiffy Envelopes and Labels in MS Word
2008/05/07 [ShellX 20080507]: 'Winbin2iso', and 'Loop Typer'
2008/05/07 Yahoo Adds Security Warnings To Search Results
2008/05/07 Apple to Lose Money on iTunes Movie Releases
2008/05/07 Amazon.com takes New York Tax to Court
2008/05/07 Need Glasses for the Slide Sorter View in MS PowerPoint?
2008/05/07 After Winning The DVD Format War, Blu-Ray Sales Tank
2008/05/06 [ShellX 20080506]: 'Visual Basic 6.0 Portable', and 'Double-...
2008/05/06 Yahoo Outsources to Jajah
2008/05/06 New HP Circuit Could Change Technology Forever
2008/05/06 Movie Downloads To Match DVD Release Dates
2008/05/06 Microsoft Ends Yahoo Bid
2008/05/05 [ShellX 20080505]: 'Ie7 Pro', and 'Desktop Ok'
2008/05/05 The WB Network Hops Online
2008/05/05 Microsoft Slashes Price of Xbox 360 Overseas
2008/05/05 Google CEO Wants YouTube to Take More of Your Money
|
