Educause Security Discussion mailing list archives
Re: Recommendation of a good secure Flash drive?
From: Dexter Caldwell <Dexter.Caldwell () FURMAN EDU>
Date: Tue, 20 Oct 2009 16:24:15 -0400
There's always this method too: http://xkcd.com/538/ The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> writes:
Noted.� If nothing else, it serves to further underscore the fact no matter how secure you try to make things, there's someone who has figured out a way around it. � Christopher"Doty, Timothy T." <tdoty () MST EDU> 10/20/2009 12:07 PM >>>It’s a proof of concept, there isn’t a specific weakness of TrueCrypt that is being exploited. The weakness is in someone still having the ability to inject code. Anything relying on hard drive boot strap is vulnerable to an identical attack. If someone can alter the bios, they can do even more. If someone has physical access they can do most anything – TPM is about the only solution that comes to mind that even starts to address this problem. But their scenario is this: 1.� � � � � � Laptop is left where someone has unmonitored access to it and is turned off* 2.� � � � � � The boot process is modified by leveraging physical access** 3.� � � � � � User boots laptop, enters password 4.� � � � � � Laptop is again left where someone has unmonitored access * the attack requires a boot, if the system was hibernated/locked rebooting might well alert the owner ** which access depends on complicity of the bios (e.g., boot order, TPM not enabled, etc.) With the same requirements there are other ways to get the same results. You can do it better (no physical access required to obtain the password) with a slightly greater investment in equipment. There is no reason for this to “send a shiver” down the spine – scenarios that allow unmonitored physical access make almost anything possible. Which is just a reminder that maintaining physical control is important. Also note this was raised (in this thread) with respect to stolen laptops. The attack is useless if the laptop is stolen as it requires someone with knowledge of the password to type it in so that it can be recorded. The “compromise full disk encrypted laptop in less than a minute” is typical of attention getting fodder and not particularly accurate. Tim Doty � From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Christopher Jones Sent: Tuesday, October 20, 2009 12:04 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Recommendation of a good secure Flash drive? � That's quite true.� The notable thing about this particular the "Evil Maid" exploit is that it checks for and hooks into TrueCrypt. � Christopher Jones"Doty, Timothy T." <tdoty () MST EDU> 10/20/2009 9:16 AM >>>Someone with physical access who can install a key logger will always be a problem. This isn’t a weakness in TrueCrypt, it is a problem of physical security. Tim Doty � From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Christopher Jones Sent: Tuesday, October 20, 2009 11:08 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Recommendation of a good secure Flash drive? � I think TrueCrypt is a great solution, as well.� However, it was a little disconcerting to read an article on ThreatPost this morning that showed how it can be defeated in a minute.� Yikes. � Christopher Jones IT Security Administrator University of the Fraser ValleyGina Mieszczak <gmieszcz () IIT EDU> 10/20/2009 7:35 AM >>>I second that.� Truecrypt is a great product.� Easy to work with. Gina Gina Mieszczak Network Security Administrator Email: gmieszcz () iit edu Phone: 312.567.3879 Fax: 312.567.5968 -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Durfee, Jeff Sent: Tuesday, October 20, 2009 9:21 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Recommendation of a good secure Flash drive? We also like IronKey drives, which are great, but pricey. If you don't need all the built-in features of IronKey, I'm recommending TrueCrypt (www.truecrypt.org). Its free, flexible and very user-friendly. Once we place it on a drive, all the user has to do is plug it in and enter their password when prompted. After that, their secure volume appears to them just like a normal drive. When the drive is removed from the PC, it is fully encrypted and protected. It will work with pretty much any removable drive. ~Jeff Jeff Durfee Director, IT Security Univ. of North Florida jdurfee () unf edu Voice (904) 620-2820 **************************************************************************** ******* From: The EDUCAUSE Security Constituent Group Listserv on behalf of David Grisham Sent: Mon 10/19/2009 6:50 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Recommendation of a good secure Flash drive? We are looking IronKey for flash drives.� But we really need a broader solution.� Has anyone implemented an endpoint encryption product that covers the scope of NIST 800-111?� Health Care entities are going to be trying to implement encryption on flash drives, laptops, CDs, DVDs, etc. in a way that doesn't bring down our ability to provide patient care.� Cheers.-grishScott Dier <dierx002 () UMN EDU> 10/19/2009 4:53 PM >>>I really like the ironkey line.� Cross platform support, a read only mode, and autorun.inf checking are key features.
Current thread:
- Re: Recommendation of a good secure Flash drive?, (continued)
- Re: Recommendation of a good secure Flash drive? Christopher Jones (Oct 20)
- Re: Recommendation of a good secure Flash drive? Valdis Kletnieks (Oct 20)
- Re: Recommendation of a good secure Flash drive? Dexter Caldwell (Oct 20)
- Re: Recommendation of a good secure Flash drive? McCrary, Barbara (Oct 20)
- Re: Recommendation of a good secure Flash drive? RL Vaughn (Oct 20)
- Re: Recommendation of a good secure Flash drive? RL Vaughn (Oct 20)
- Re: Recommendation of a good secure Flash drive? Doty, Timothy T. (Oct 20)
- Re: Recommendation of a good secure Flash drive? Christopher Jones (Oct 20)
- Re: Recommendation of a good secure Flash drive? Doty, Timothy T. (Oct 20)
- Re: Recommendation of a good secure Flash drive? Allison Dolan (Oct 20)
- Re: Recommendation of a good secure Flash drive? Dexter Caldwell (Oct 20)
- FW: Recommendation of a good secure Flash drive? Carroll, John (Oct 21)
- Re: Recommendation of a good secure Flash drive? Richard Hopkins (Oct 21)
- Re: Recommendation of a good secure Flash drive? Paul Keser (Oct 21)
- Re: Recommendation of a good secure Flash drive? Nate Henne (Oct 21)
- Re: Recommendation of a good secure Flash drive? Chris Green (Oct 26)
- Re: Recommendation of a good secure Flash drive? Ken Connelly (Oct 26)
- Re: Recommendation of a good secure Flash drive? Bret Ingerman (Oct 26)