P
[email protected]
- Jan 1, 1970
- 0
-
Categories
-
Platforms
-
Content
messing with the power connection
- Thread starter [email protected]
- Start date
A
Anthony Guzzi
- Jan 1, 1970
- 0
So how long have you worked for that company?
P
[email protected]
- Jan 1, 1970
- 0
| [email protected] wrote:
|> This is an amazing device:
|>
|> http://www.wiebetech.com/products/HotPlug.php
|>
|
|
| So how long have you worked for that company?
Never have. I'm actually trying to figure out ways to defeat it.
1. Use a 240 volt circuit. The 240 volt version might not be in the USA.
2. Use 48 volt DC to the PSU. They don't even make that.
3. Use a power strip plug that shorts itself while not inserted.
4. Configure the whole disk encryption to timeout regardless of activity.
|> This is an amazing device:
|>
|> http://www.wiebetech.com/products/HotPlug.php
|>
|
|
| So how long have you worked for that company?
Never have. I'm actually trying to figure out ways to defeat it.
1. Use a 240 volt circuit. The 240 volt version might not be in the USA.
2. Use 48 volt DC to the PSU. They don't even make that.
3. Use a power strip plug that shorts itself while not inserted.
4. Configure the whole disk encryption to timeout regardless of activity.
P
Palindrome
- Jan 1, 1970
- 0
There is a *very* much easier way to defeat it. However, bearing in mind
that its use is as a forensic tool for law enforcement - such
discussions really aren't in the public interest.
P
[email protected]
- Jan 1, 1970
- 0
| [email protected] wrote:
|> | [email protected] wrote:
|> |> This is an amazing device:
|> |>
|> |> http://www.wiebetech.com/products/HotPlug.php
|> |>
|> |
|> |
|> | So how long have you worked for that company?
|>
|> Never have. I'm actually trying to figure out ways to defeat it.
|>
|> 1. Use a 240 volt circuit. The 240 volt version might not be in the USA.
|> 2. Use 48 volt DC to the PSU. They don't even make that.
|> 3. Use a power strip plug that shorts itself while not inserted.
|> 4. Configure the whole disk encryption to timeout regardless of activity.
|>
|
|
| There is a *very* much easier way to defeat it. However, bearing in mind
| that its use is as a forensic tool for law enforcement - such
| discussions really aren't in the public interest.
I disagree. Such tools can also be abused, and might be in the near future.
|> | [email protected] wrote:
|> |> This is an amazing device:
|> |>
|> |> http://www.wiebetech.com/products/HotPlug.php
|> |>
|> |
|> |
|> | So how long have you worked for that company?
|>
|> Never have. I'm actually trying to figure out ways to defeat it.
|>
|> 1. Use a 240 volt circuit. The 240 volt version might not be in the USA.
|> 2. Use 48 volt DC to the PSU. They don't even make that.
|> 3. Use a power strip plug that shorts itself while not inserted.
|> 4. Configure the whole disk encryption to timeout regardless of activity.
|>
|
|
| There is a *very* much easier way to defeat it. However, bearing in mind
| that its use is as a forensic tool for law enforcement - such
| discussions really aren't in the public interest.
I disagree. Such tools can also be abused, and might be in the near future.
P
[email protected]
- Jan 1, 1970
- 0
| In article <[email protected]>,
|
|> There is a *very* much easier way to defeat it. However, bearing in mind
|> that its use is as a forensic tool for law enforcement - such
|> discussions really aren't in the public interest.
|
| I rather suspect that on an accessible website like this, that it's aimed
| at a somewhat less respectable clientel!
|
| I'm sure law enforcement agencies already have their own methods of
| dealing with things.
A lot do, I am sure. Most probably would be baffled by a device like this.
Those same LEAs would probably boot up a computer they take back to the lab
instead of imaging the HD(s). I wouldn't be surprised if they leave the
external HD(s) at the scene. And worse, they might even re-install if the
computer is infected.
|
|> There is a *very* much easier way to defeat it. However, bearing in mind
|> that its use is as a forensic tool for law enforcement - such
|> discussions really aren't in the public interest.
|
| I rather suspect that on an accessible website like this, that it's aimed
| at a somewhat less respectable clientel!
|
| I'm sure law enforcement agencies already have their own methods of
| dealing with things.
A lot do, I am sure. Most probably would be baffled by a device like this.
Those same LEAs would probably boot up a computer they take back to the lab
instead of imaging the HD(s). I wouldn't be surprised if they leave the
external HD(s) at the scene. And worse, they might even re-install if the
computer is infected.
P
[email protected]
- Jan 1, 1970
- 0
| In article <[email protected]>,
|> | [email protected] wrote:
|> |> This is an amazing device:
|> |>
|> |> http://www.wiebetech.com/products/HotPlug.php
|> |>
|> |
|> |
|> | So how long have you worked for that company?
|
|> Never have. I'm actually trying to figure out ways to defeat it.
|
|> 1. Use a 240 volt circuit. The 240 volt version might not be in the
|> USA. 2. Use 48 volt DC to the PSU. They don't even make that. 3. Use
|> a power strip plug that shorts itself while not inserted. 4. Configure
|> the whole disk encryption to timeout regardless of activity.
|
| Can you still get Mercury tilt switches in your neck of the woods?
Sure. I all need to do is drive around out in the countryside and look
for homes that have some kind of central heat, and trade them a fancy
new digital thermostat for that old one.
| Stick one in the power lead to to HDD. It needs to be positioned so that
| it's made while the computer is stationary in it's normal position but
| breaks the moment it is moved. At one time car alarms used to have some
| sort of trembler switch too. Of course you might need microswitches that
| open the feed when someone tries to remove the computer casing to
| "interfere" with this arrangement.
D'oh! That one was too simple for me to think of.
|> | [email protected] wrote:
|> |> This is an amazing device:
|> |>
|> |> http://www.wiebetech.com/products/HotPlug.php
|> |>
|> |
|> |
|> | So how long have you worked for that company?
|
|> Never have. I'm actually trying to figure out ways to defeat it.
|
|> 1. Use a 240 volt circuit. The 240 volt version might not be in the
|> USA. 2. Use 48 volt DC to the PSU. They don't even make that. 3. Use
|> a power strip plug that shorts itself while not inserted. 4. Configure
|> the whole disk encryption to timeout regardless of activity.
|
| Can you still get Mercury tilt switches in your neck of the woods?
Sure. I all need to do is drive around out in the countryside and look
for homes that have some kind of central heat, and trade them a fancy
new digital thermostat for that old one.
| Stick one in the power lead to to HDD. It needs to be positioned so that
| it's made while the computer is stationary in it's normal position but
| breaks the moment it is moved. At one time car alarms used to have some
| sort of trembler switch too. Of course you might need microswitches that
| open the feed when someone tries to remove the computer casing to
| "interfere" with this arrangement.
D'oh! That one was too simple for me to think of.
P
[email protected]
- Jan 1, 1970
- 0
| [email protected] wrote:
|>
|> | In article <[email protected]>,
|> |
|> |> There is a *very* much easier way to defeat it. However, bearing in mind
|> |> that its use is as a forensic tool for law enforcement - such
|> |> discussions really aren't in the public interest.
|> |
|> | I rather suspect that on an accessible website like this, that it's aimed
|> | at a somewhat less respectable clientel!
|> |
|> | I'm sure law enforcement agencies already have their own methods of
|> | dealing with things.
|>
|> A lot do, I am sure. Most probably would be baffled by a device like this.
|> Those same LEAs would probably boot up a computer they take back to the lab
|> instead of imaging the HD(s). I wouldn't be surprised if they leave the
|> external HD(s) at the scene. And worse, they might even re-install if the
|> computer is infected.
|
|
| The local Sheriff's department would leave your sorry ass in the
| dust, then. Not only are they computer experts, but they have a nice
| electronics lab to build things they can't find on the market. Whenever
| there is suspected cyber crime, or a computer found when a warrant is
| served, the regular deputies do not touch them. The experts are called
| in, and take over the investigation, until their part is done.
Sure, there are a lot of departments that do have their act together.
The sad fact is, most don't. And it isn't because they have Barney on
the ranks. It's just that they are not prepared for anything unusual.
They don't have these experts to call on. They just have a couple of
officers in the ranks that really do know how to use computers, as long
as they are Windows. They even know how to image a drive. But that's
the end of it.
|>
|> | In article <[email protected]>,
|> |
|> |> There is a *very* much easier way to defeat it. However, bearing in mind
|> |> that its use is as a forensic tool for law enforcement - such
|> |> discussions really aren't in the public interest.
|> |
|> | I rather suspect that on an accessible website like this, that it's aimed
|> | at a somewhat less respectable clientel!
|> |
|> | I'm sure law enforcement agencies already have their own methods of
|> | dealing with things.
|>
|> A lot do, I am sure. Most probably would be baffled by a device like this.
|> Those same LEAs would probably boot up a computer they take back to the lab
|> instead of imaging the HD(s). I wouldn't be surprised if they leave the
|> external HD(s) at the scene. And worse, they might even re-install if the
|> computer is infected.
|
|
| The local Sheriff's department would leave your sorry ass in the
| dust, then. Not only are they computer experts, but they have a nice
| electronics lab to build things they can't find on the market. Whenever
| there is suspected cyber crime, or a computer found when a warrant is
| served, the regular deputies do not touch them. The experts are called
| in, and take over the investigation, until their part is done.
Sure, there are a lot of departments that do have their act together.
The sad fact is, most don't. And it isn't because they have Barney on
the ranks. It's just that they are not prepared for anything unusual.
They don't have these experts to call on. They just have a couple of
officers in the ranks that really do know how to use computers, as long
as they are Windows. They even know how to image a drive. But that's
the end of it.
P
Palindrome
- Jan 1, 1970
- 0
I must admit to being rather shocked (Ben said:
) that it *could* be marketed.ICBW, but I very much doubt that such a product could be sold to
anyone, through "confidential channels" or not, in the UK. It is just an
accident waiting to happen.
It isn't even a very bright idea, from the computing viewpoint.
Transporting *spinning* hard disks. Not exactly the best way of
protecting irreplaceable data - hitting the machine with a fire axe
would quite possibly be safer.
Even the "mouse jiggler" concept is flawed. But I suspect that you can
think of at least two flaws yourself, without me mentioning them!
I wonder what the guy is going to invent next? Roller skates for seeing
eye dogs?
P
Palindrome
- Jan 1, 1970
- 0
From the data sheet of a typical desktop machine hard disk:
http://www.seagate.com/docs/pdf/datasheet/disc/ds_barracuda_7200_11.pdf
Shock (Gs) Operating: 63 Nonoperating: 300
I'd not call the difference between them "not really much more".
I've written off the odd hard disk by careless handling whilst it was
running - in each case a powered-off drive would have survived, I'm
sure. YMMV.
Of course some modern laptop drives have become very sophisticated and
include g sensors that rapidly park and lock the heads. Producing a
suitably school marmy comment on the screen, having done so. I'm not
aware of any desktop machine drive that has such protection..
P
[email protected]
- Jan 1, 1970
- 0
| [email protected] wrote:
|>
|> Sure, there are a lot of departments that do have their act together.
|> The sad fact is, most don't. And it isn't because they have Barney on
|> the ranks. It's just that they are not prepared for anything unusual.
|> They don't have these experts to call on. They just have a couple of
|> officers in the ranks that really do know how to use computers, as long
|> as they are Windows. They even know how to image a drive. But that's
|> the end of it.
|
|
| It must be really backward on your world. Do your cops still ride
| horses and hang people in the public square for spitting on the street?
You sure do seem to have a narrow range of experience. Maybe you should
out sometime and see the world. Things really are more modern than you
seem to grasp. They just aren't as diverse at all technologies in all
the places. That's not necessarily the fault of the LEAs/LEOs ... it's
just the way the world is. When you are dealing with small towns with
maybe 20 to 30 LEOs on staff, and small budgets, there is no luxury of
having experts in all technologies available.
|>
|> Sure, there are a lot of departments that do have their act together.
|> The sad fact is, most don't. And it isn't because they have Barney on
|> the ranks. It's just that they are not prepared for anything unusual.
|> They don't have these experts to call on. They just have a couple of
|> officers in the ranks that really do know how to use computers, as long
|> as they are Windows. They even know how to image a drive. But that's
|> the end of it.
|
|
| It must be really backward on your world. Do your cops still ride
| horses and hang people in the public square for spitting on the street?
You sure do seem to have a narrow range of experience. Maybe you should
out sometime and see the world. Things really are more modern than you
seem to grasp. They just aren't as diverse at all technologies in all
the places. That's not necessarily the fault of the LEAs/LEOs ... it's
just the way the world is. When you are dealing with small towns with
maybe 20 to 30 LEOs on staff, and small budgets, there is no luxury of
having experts in all technologies available.
P
Palindrome
- Jan 1, 1970
- 0
The same way that most cheap UPS do it - a moderately fast relay and a
few mSec with no power at all. So, no attempt at paralleling or phase
matching.
The unit can test that the secondary supply is a suitable voltage. It
obviously does check that there is a secondary supply present, of some kind.
One could knock up something similar with a mains changeover relay
energised via a switch connected to the secondary supply.
P
Palindrome
- Jan 1, 1970
- 0
Simply letting the machine topple sideways onto a hard surface can
easily generate more than 63G in the hard drive. Bumping it into a
doorway whilst carrying it, likewise. Very short duration G forces rise
dramatically when even a slow moving "incompressible" body impacts on an
"incompressible" surface. 63G under such circumstances is easily
achieved. A drive travelling at just 1 metre per second, deforming
elastically less than 1mm on impact with an incompressible surface,
suffers a G force of around 50G..for around 2mSec.
Unless I had been first immersed in liquid helium, falling a foot or so
or bumping into a doorway isn't going to result in me receiving such G
forces. I am, fortunately, relatively good at absorbing impact by
deformation, in the unfrozen state.
It is safe to say that, if I was holding that drive in the car and the
vehicle hit another at 15 mph - I would be safe and well behind my air
bag and restrained by my seat belt. The drive, having gone through the
window and hit the ground, would be decidedly unwell.
P
Palindrome
- Jan 1, 1970
- 0
The last line says it all. Add a 10mmm "crumple zone" around a drive, so
that it can decellerate over a distance of even just a few mm, rather
than a fraction of 1mm - and the G forces plummet.
Risk is as much about the consequences of getting it wrong as it is
about the chances of that happening. Transporting a running drive full
of irreplaceable data (eg forensic computer evidence) is riskier than
transporting a parked drive and that risk can generally be avoided.
My (old) Tufbook has a drive that is suspended in the middle of stuff
that feels like jelly (gelatin). So it can move several tens of mm,
should the need arise.
It certainly survived dropping off the roof of the car (onto grass)
when I drove off, forgetting that I hadn't put it in the car yet.. No,
it wsn't running at the time.. It now has a different life, running 24x7
as an email server.
My (new) Tufbook has a silicon rubber sleeve around the drive, maybe
1/20th the thickness of the "jelly" in the old one. It, supposedly, can
take a great deal of rough handling too...
P
[email protected]
- Jan 1, 1970
- 0
On Sun, 17 Feb 2008 19:37:54 -0500 [email protected] wrote:
|
|>Transporting a running drive full
|>of irreplaceable data (eg forensic computer evidence) is riskier than
|>transporting a parked drive and that risk can generally be avoided.
|
| Actually I am unclear what shutting the machine off would do to that
| data in the first place, particularly if you just pulled the plug.
When a whole drive is encrypted, or just a partition, to access that data
it is necessary to first enter a passphase that decrypts a random bit
array, or is the seed to generate one. After that is done, it is used
to decrypt the data on the disk. But the key itself is only stored in
RAM. If the machine is shutoff, the key is lost and the entry of the
passphrase must be repeated. By taking the machine in its running state,
the opportunity exists to examine the drive contents while the decryption
is still active.
|
|>Transporting a running drive full
|>of irreplaceable data (eg forensic computer evidence) is riskier than
|>transporting a parked drive and that risk can generally be avoided.
|
| Actually I am unclear what shutting the machine off would do to that
| data in the first place, particularly if you just pulled the plug.
When a whole drive is encrypted, or just a partition, to access that data
it is necessary to first enter a passphase that decrypts a random bit
array, or is the seed to generate one. After that is done, it is used
to decrypt the data on the disk. But the key itself is only stored in
RAM. If the machine is shutoff, the key is lost and the entry of the
passphrase must be repeated. By taking the machine in its running state,
the opportunity exists to examine the drive contents while the decryption
is still active.
P
[email protected]
- Jan 1, 1970
- 0
On Sun, 17 Feb 2008 10:54:40 -0800 (PST) [email protected] wrote:
|
|> I must admit to being rather shocked ( ) that it *could* be marketed.
|> ICBW, but I very much doubt that such a product could be sold to
|> anyone, through "confidential channels" or not, in the UK. It is just an
|> accident waiting to happen.
|
| They list a 220V UK version; do they not even know what the mains
| Voltage is in the UK?
Probably close enough for government work.
| Unless I've misunderstood how it works the supplies from the mains and
| the UPS would briefly be connected in parallel; that might not be a
| good idea if the Voltages are not the same, and how do you ensure that
| they're in phase?
If they are not the same, the higher voltage source carries most of the
current.
The steps to do this first require connecting a working UPS. The UPS
would be generating its own power in phase with the mains. So the phase
would be the same when making the transfer from mains to UPS power. At
the lab, the process is reversed to release the UPS and the HotPlug.
Again, the UPS is plugged into the mains, and syncs its phase. Then
the computer power connection can be paralleled safely between UPS and
mains. Then the UPS is disconnected.
| I haven't seen the thing, but from the description I very much doubt
| that it could legally to sold, or used, here in the UK.
It is certainly dangerous. The rules might readily disallow it from
being sold to the public. They may make exception for law enforcement.
| They suggest using it to move servers; most servers have more than one
| power supply, so you can move them from one UPS to another while
| they're running anyway. I've once moved several servers from one rack
| to another this way while they were running. Simply replace the
| cables one at a time by long ones going in through the front of the
| cabinet, very carefully pull the server out of the rack and put it
| onto the other rack, one at a time replace the temporary power cables
| with the permanent ones in the new rack. It's not something I'd
| normally recommend if you can avoid it, but it can be done.
Lots do have the redundant power supplies. Not all do. It could be used
for that. But given the hazard, I would never recommend it except in the
most dire circumstances.
|
|> I must admit to being rather shocked (
) that it *could* be marketed.|> ICBW, but I very much doubt that such a product could be sold to
|> anyone, through "confidential channels" or not, in the UK. It is just an
|> accident waiting to happen.
|
| They list a 220V UK version; do they not even know what the mains
| Voltage is in the UK?
Probably close enough for government work.
| Unless I've misunderstood how it works the supplies from the mains and
| the UPS would briefly be connected in parallel; that might not be a
| good idea if the Voltages are not the same, and how do you ensure that
| they're in phase?
If they are not the same, the higher voltage source carries most of the
current.
The steps to do this first require connecting a working UPS. The UPS
would be generating its own power in phase with the mains. So the phase
would be the same when making the transfer from mains to UPS power. At
the lab, the process is reversed to release the UPS and the HotPlug.
Again, the UPS is plugged into the mains, and syncs its phase. Then
the computer power connection can be paralleled safely between UPS and
mains. Then the UPS is disconnected.
| I haven't seen the thing, but from the description I very much doubt
| that it could legally to sold, or used, here in the UK.
It is certainly dangerous. The rules might readily disallow it from
being sold to the public. They may make exception for law enforcement.
| They suggest using it to move servers; most servers have more than one
| power supply, so you can move them from one UPS to another while
| they're running anyway. I've once moved several servers from one rack
| to another this way while they were running. Simply replace the
| cables one at a time by long ones going in through the front of the
| cabinet, very carefully pull the server out of the rack and put it
| onto the other rack, one at a time replace the temporary power cables
| with the permanent ones in the new rack. It's not something I'd
| normally recommend if you can avoid it, but it can be done.
Lots do have the redundant power supplies. Not all do. It could be used
for that. But given the hazard, I would never recommend it except in the
most dire circumstances.
P
[email protected]
- Jan 1, 1970
- 0
| Ben Miller wrote:
|>
|> [email protected] wrote:
|> > This is an amazing device:
|> >
|> > http://www.wiebetech.com/products/HotPlug.php
|> >
|> Aside from the discussions of security, defeating it, etc. there are
|> electrical safety issues:
|>
|> 1) This guy claims "years of experience as an electrician" yet demonstrates
|> opening an outlet cover and cutting a hot wire with the circuit energized.
|> He says to use "insulated" cutters, but how many non-professionals would
|> know that the normal hardware store cutters are not adequately insulated.
|>
|> 2) The hot plug device, once armed, puts 120V on the end of an exposed
|> plug, and the receptacle (after it is removed).
|>
|> This is completely irresponsible. Dangerous product, and dangerous
|> demonstration.
|
|
| Which is the reason Phil is fascinated by it.
You've completely missed the mark. OTOH, this is not the first time you
have been fascinated by making personal attacks online.
|>
|> [email protected] wrote:
|> > This is an amazing device:
|> >
|> > http://www.wiebetech.com/products/HotPlug.php
|> >
|> Aside from the discussions of security, defeating it, etc. there are
|> electrical safety issues:
|>
|> 1) This guy claims "years of experience as an electrician" yet demonstrates
|> opening an outlet cover and cutting a hot wire with the circuit energized.
|> He says to use "insulated" cutters, but how many non-professionals would
|> know that the normal hardware store cutters are not adequately insulated.
|>
|> 2) The hot plug device, once armed, puts 120V on the end of an exposed
|> plug, and the receptacle (after it is removed).
|>
|> This is completely irresponsible. Dangerous product, and dangerous
|> demonstration.
|
|
| Which is the reason Phil is fascinated by it.
You've completely missed the mark. OTOH, this is not the first time you
have been fascinated by making personal attacks online.
P
Palindrome
- Jan 1, 1970
- 0
With 500+GByte disks household items these days - it can take quite a
while copying the data off - even presuming a police officer was present
who knew how to do it and had enough USB drives with him to do it.
Whilst many encryption algorithms are easily breakable, MS Word springs
to mind, others are a challenge - even for the NSA. The advantage of
getting hold of a computer which has the suspect still logged in, is
that a lot of encrypted stuff is available en clair - whilst that user
is logged in. All this kit does is keep the computer in that state. Why
spend (expensive) time and effort breaking encryption, when the stuff is
available, unencrypted?
Plus, it is possible to set up computers to run with no hard disk at
all. They boot from the network and load their operating system from the
network - into RAM. From a server that could be in another juristiction,
or even on a different continent. Lose power and there is absolutely no
evidence left to analyse. However, if someone has gone to the trouble of
setting up a computer like this, for less than honest reasons, he is
probably going to take a few more precautions, too*.
*Which you will excuse me for not going into.
P
[email protected]
- Jan 1, 1970
- 0
| [email protected] wrote:
|> | [email protected] wrote:
|> |> This is an amazing device:
|> |>
|> |> http://www.wiebetech.com/products/HotPlug.php
|> |>
|> |
|> |
|> | So how long have you worked for that company?
|>
|> Never have. I'm actually trying to figure out ways to defeat it.
|>
|> 1. Use a 240 volt circuit. The 240 volt version might not be in the USA.
|> 2. Use 48 volt DC to the PSU. They don't even make that.
|> 3. Use a power strip plug that shorts itself while not inserted.
|> 4. Configure the whole disk encryption to timeout regardless of activity.
|>
|
|
| There is a *very* much easier way to defeat it. However, bearing in mind
| that its use is as a forensic tool for law enforcement - such
| discussions really aren't in the public interest.
Not exclusively so, otherwise it would not be offered to the public (as
dangerous as it might be).
|> | [email protected] wrote:
|> |> This is an amazing device:
|> |>
|> |> http://www.wiebetech.com/products/HotPlug.php
|> |>
|> |
|> |
|> | So how long have you worked for that company?
|>
|> Never have. I'm actually trying to figure out ways to defeat it.
|>
|> 1. Use a 240 volt circuit. The 240 volt version might not be in the USA.
|> 2. Use 48 volt DC to the PSU. They don't even make that.
|> 3. Use a power strip plug that shorts itself while not inserted.
|> 4. Configure the whole disk encryption to timeout regardless of activity.
|>
|
|
| There is a *very* much easier way to defeat it. However, bearing in mind
| that its use is as a forensic tool for law enforcement - such
| discussions really aren't in the public interest.
Not exclusively so, otherwise it would not be offered to the public (as
dangerous as it might be).
P
[email protected]
- Jan 1, 1970
- 0
17:56 GMT, [email protected] wrote:
|
|>When a whole drive is encrypted, or just a partition, to access that data
|>it is necessary to first enter a passphase that decrypts a random bit
|>array, or is the seed to generate one. After that is done, it is used
|>to decrypt the data on the disk. But the key itself is only stored in
|>RAM. If the machine is shutoff, the key is lost and the entry of the
|>passphrase must be repeated. By taking the machine in its running state,
|>the opportunity exists to examine the drive contents while the decryption
|>is still active.
|
| If the drive is "opened" when they sieze it, why not just copy the
| data right there?
They could do that. But maybe there is not attachment means to make a
copy, or make one fast enough. Ever tried to copy a 1TB drive via USB?
| In real life guys like the FBI and NSA can crack just about any
| encryption with minimal effort. I know a guy who works in that arena
| and he has a tool that broke the IBM encryption on my laptop in about
| 5 minutes.
Wishful thinking. Commercial encryption also tends to be weak.
|
|>When a whole drive is encrypted, or just a partition, to access that data
|>it is necessary to first enter a passphase that decrypts a random bit
|>array, or is the seed to generate one. After that is done, it is used
|>to decrypt the data on the disk. But the key itself is only stored in
|>RAM. If the machine is shutoff, the key is lost and the entry of the
|>passphrase must be repeated. By taking the machine in its running state,
|>the opportunity exists to examine the drive contents while the decryption
|>is still active.
|
| If the drive is "opened" when they sieze it, why not just copy the
| data right there?
They could do that. But maybe there is not attachment means to make a
copy, or make one fast enough. Ever tried to copy a 1TB drive via USB?
| In real life guys like the FBI and NSA can crack just about any
| encryption with minimal effort. I know a guy who works in that arena
| and he has a tool that broke the IBM encryption on my laptop in about
| 5 minutes.
Wishful thinking. Commercial encryption also tends to be weak.
Similar threads
