Styleforum › Forums › Lifestyle › Fine Living, Home, Design & Auto › Can you password protect a flashdrive? Hard drive?
New Posts  All Forums:Forum Nav:

Can you password protect a flashdrive? Hard drive? - Page 2

post #16 of 23
7/23/08 at 12:40pm
Quote:
Originally Posted by rnoldh View Post
I just bought two computers with fingerprint readers and I've come to love the biometric technology. I think mine use omnipass (or something like that). I'm not sure if that is some kind of generic biometric software.

It's wonderful! I particularly like the feature that allows you to swipe your finger when a password is called for. It's really convenient.

I'm not sure about your question, but I think that you can get what you are talking about.

I suppose many people know this, but present day biometrics are nothing more than scanners and can be bypassed with an image. Retina, fingerprint, face.. etc.. all of it. Not to say it isn't a good additional layer of security, but I do believe some people overvalue the level of security offered because it feels so personal and unique.
Reply
Reply
post #17 of 23
7/23/08 at 1:27pm
brian, would it be correct to say that if you have a Trucrypt volume operating on a TC encrypted system, then the key to that volume is not subject to a cold boot attack provided the volume is dismounted at the time of the attack? Seems sensible to me as the key wouldn't be resident in RAM. Should work even if the system is not encrypted. BTW, great thread and thanks for your comments. Realistically, I have no need (perhaps, beyond caprice) for this level of protection but it's an engaging topic and it's nice to know options are available. Regards, Huntsman
Reply
Reply
post #18 of 23
7/23/08 at 3:44pm
Quote:
Originally Posted by Huntsman View Post
brian, would it be correct to say that if you have a Trucrypt volume operating on a TC encrypted system, then the key to that volume is not subject to a cold boot attack provided the volume is dismounted at the time of the attack? Seems sensible to me as the key wouldn't be resident in RAM. Should work even if the system is not encrypted. BTW, great thread and thanks for your comments. Realistically, I have no need (perhaps, beyond caprice) for this level of protection but it's an engaging topic and it's nice to know options are available. Regards, Huntsman
You got something to hide from the feds?
Reply
Reply
post #19 of 23
7/23/08 at 3:49pm
Quote:
Originally Posted by briancl View Post
I suppose many people know this, but present day biometrics are nothing more than scanners and can be bypassed with an image. Retina, fingerprint, face.. etc.. all of it. Not to say it isn't a good additional layer of security, but I do believe some people overvalue the level of security offered because it feels so personal and unique.

Just to add to this in case anyone is interested:

From http://www.pcworld.com/article/10353..._skindeep.html
Quote:
The most damning criticism came from researchers: one set from Germany, and another at the International Telecommunication Union, a global industry standards group. Tsutomu Matsumoto, researching the security of thumbprint readers for the ITU, demonstrated the relative ease with which a thumbprint pressed into a soft plastic material could be used to mold fake fingerprints out of a gelatin similar to the composition of gummy bear candies.

Smith also explained how to defeat another kind of thumb scanner, a device that uses capacitive resistance technology to read a fingerprint. It can be thwarted simply by pressing a plastic bag filled with water against the thumb reader after someone else has used it, the German researchers discovered. Simply blowing on the reader generates enough of a pattern from latent oil left on the capacitive surface to trick the sensor into making a false-positive match
Reply
Reply
post #20 of 23
7/23/08 at 6:29pm
Quote:
Originally Posted by Huntsman View Post
brian, would it be correct to say that if you have a Trucrypt volume operating on a TC encrypted system, then the key to that volume is not subject to a cold boot attack provided the volume is dismounted at the time of the attack? Seems sensible to me as the key wouldn't be resident in RAM. Should work even if the system is not encrypted. BTW, great thread and thanks for your comments. Realistically, I have no need (perhaps, beyond caprice) for this level of protection but it's an engaging topic and it's nice to know options are available. Regards, Huntsman

Your nesting of encrypted volumes doesn't really decrease the effectiveness of the attack because all mounted volumes will have stored keys in RAM, but perhaps you were nesting for some other reason. As for the cold boot attack, the assumption is that the attacker has access to a system with a mounted encrypted volume. So to answer your question, the cold boot attack does not work if the volume is not mounted when the power is cut.

This stuff is engaging for me, too, and that is fortunate because it is my job. However, most people find security discussions involving security professionals rather dull. Debbie Downer is not the worst thing I've been called following these kinds of conversations...

Although not always actively, my brain is always figuring out the weaknesses of a system and the quickest way to subvert a system in just about any situation. And by system, I do not stricly mean computers or IT infrastructure. I do plenty of social and physical attacks, so my brain is wired for all kinds of potential evil.
Reply
Reply
post #21 of 23
7/23/08 at 8:51pm
Another vote for TrueCrypt. Excellent program.
Reply
Reply
post #22 of 23
7/23/08 at 9:36pm
Quote:
Originally Posted by DarkNWorn View Post
You got something to hide from the feds?
Heck no - I play very very nice and keep my nose very far away from things that could get me in trouble. But see below....
Quote:
Originally Posted by briancl View Post
Your nesting of encrypted volumes doesn't really decrease the effectiveness of the attack because all mounted volumes will have stored keys in RAM, but perhaps you were nesting for some other reason. As for the cold boot attack, the assumption is that the attacker has access to a system with a mounted encrypted volume. So to answer your question, the cold boot attack does not work if the volume is not mounted when the power is cut. This stuff is engaging for me, too, and that is fortunate because it is my job. However, most people find security discussions involving security professionals rather dull. Debbie Downer is not the worst thing I've been called following these kinds of conversations... Although not always actively, my brain is always figuring out the weaknesses of a system and the quickest way to subvert a system in just about any situation. And by system, I do not stricly mean computers or IT infrastructure. I do plenty of social and physical attacks, so my brain is wired for all kinds of potential evil.
Got it. Personality-wise, I've always been a strategist, and somethign of a geek, though that atrophied to other pursuits -- infrastructure security is natural for that type of mindset. When I was younger than ten I was writing crypto code in BASIC, went out and bought the compiler so I could deploy it. The coolest thing to me was that the code can be divulged and not compromise the cipher. Unfortunately I got out of that as I can't learn that kind of math by smell like those people do, and you need it. Maybe others do find it dull, but as an engineer my dull threshold is a little different than Joe and Jane's. You're in consulting, then? That sounds fairly thrilling, especially with the subtleties of social attacks. People are the weak link, eh? ~ Huntsman
Reply
Reply
post #23 of 23
7/24/08 at 4:36am
yeah i probably fall into the geek category by encrypting written essays for class. it does seem pretty tough for anyone to perform brute force attacks or crack codes considering even if theoretically possible the use of quantum physics is still far from being realizable, and its a lot easier to get information from a person than a computer. I mean quantum physics does englobe programming time loops onto computers and we are far from doing this. I'm refering to the time loop logic and novikov's self consistency thingy if you know what I mean.

of course One time pads are inconvenient as it gets but the principle behind them is astoundingly simple and efficient.
Reply
Reply
New Posts  All Forums:Forum Nav:
  Return Home
Styleforum › Forums › Lifestyle › Fine Living, Home, Design & Auto › Can you password protect a flashdrive? Hard drive?