You can login if you already have an account or register by clicking the button below.
Registering is free and all you need is a username and password. We never ask you for your e-mail.
Even with perfect full disk encryption there is this. For absolutely perfect protection, you are going to have to rig a thermite charge with a battery backup and auto ignition criteria.
True however that was in very controlled circumstances. The RAM chips have to be either physically removed or very quickly chilled in order to extract the key. Possible yes, really feasible? Um no.
This works only if system was on in previous 3-5 minutes. And even then its not 100% effective. Keylogger, malware or social engineering might be more effective in most cases.
So the bootloader is a potential vulnerable spot then?
I wouldn't say it's vulnerable, but readable.
When you say bad for performance, do you mean it's not encrypted well enough? Or that it slows down the PC? What kind of bad are we looking at?
It slows down. Since every file read from disk has to be decrypted and only part of them remain cached in the RAM. So reading from disk is slow and uses CPU power.
Assuming you had a strong PC - say, one designed to be powerful enough to do some serious multitasking, and to run some demanding software - this would be less of an issue then, yes?
Thanks for answering all of my nitpicky questions, by the way. This is probably the last one. My curiosity is getting pretty satisfied.
view the rest of the comments →
[–] ImSureImPerfect [S] ago
So the bootloader is a potential vulnerable spot then? Interesting.
When you say bad for performance, do you mean it's not encrypted well enough? Or that it slows down the PC? What kind of bad are we looking at?
[–] Fuckery 0 points 2 points 2 points (+2|-0) ago
Even with perfect full disk encryption there is this. For absolutely perfect protection, you are going to have to rig a thermite charge with a battery backup and auto ignition criteria.
[–] ImSureImPerfect [S] 0 points 1 point 1 point (+1|-0) ago
Jesus. That seems like a little much, but I guess if we're talking about perfect protection it might be the only way.
I'm suddenly very glad that I don't need encryption so good that it's backed up by thermite.
[–] e0steven 0 points 1 point 1 point (+1|-0) ago
True however that was in very controlled circumstances. The RAM chips have to be either physically removed or very quickly chilled in order to extract the key. Possible yes, really feasible? Um no.
[–] VimTsar 0 points 1 point 1 point (+1|-0) ago
This works only if system was on in previous 3-5 minutes. And even then its not 100% effective. Keylogger, malware or social engineering might be more effective in most cases.
[–] xyzzy 0 points 2 points 2 points (+2|-0) ago
I wouldn't say it's vulnerable, but readable.
It slows down. Since every file read from disk has to be decrypted and only part of them remain cached in the RAM. So reading from disk is slow and uses CPU power.
[–] ImSureImPerfect [S] ago
Assuming you had a strong PC - say, one designed to be powerful enough to do some serious multitasking, and to run some demanding software - this would be less of an issue then, yes?
Thanks for answering all of my nitpicky questions, by the way. This is probably the last one. My curiosity is getting pretty satisfied.
[–] NinjaKitteh ago
You could have your /boot on a USB-stick, that way you can be sure it has not been tampered with.