Fwd: [Crypto Stick News] Vulnerabilities of Self-Encrypted SSDs

[the grugq]

Just received this. Reminded me of our earlier discussions about
preserving power to machines to do a forensic recovery.

--gq

-------- Original Message --------
Subject: [Crypto Stick News] Vulnerabilities of Self-Encrypted SSDs
Date: Mon, 14 Jan 2013 17:14:51 +0100
From: ne...@crypto-stick.com
Reply-To: webm...@crypto-stick.com, ne...@crypto-stick.com
To: ne...@crypto-stick.com

Researchers found vulnerabilities of self-encrypted SSDs. From the abstract:
"Self-encrypting drives (SEDs), such as Intel's SSD 320 and 520 series, are
widely believed to be a fast and secure alternative to software-based
solutions like TrueCrypt and BitLocker. [...] In this sense, hardware-based
full disk encryption (FDE) is as insecure as software-based FDE. We also
show
that (2) there exists a new class of attacks that is specific to
hardware-based FDE [Full Disk Encryption]. Roughly speaking, the idea of
these attacks is to move an SED from one machine to another without cutting
power, i.e., by replugging the data cable only. [...] Some machines are
arguably more vulnerable when using SEDs." Watch the videos... [1]

This article: http://www.crypto-stick.com/node/74

[1] https://www1.cs.fau.de/sed


_______________________________________________
news mailing list
ne...@crypto-stick.com
http://crypto-stick.com/mailman/listinfo/news_crypto-stick.com
Unsubscribe:
<http://crypto-stick.com/mailman//options/news_crypto-stick.com>