Silk Road forums
Discussion => Security => Topic started by: vlad1m1r on May 24, 2012, 03:41 pm
-
Dear all,
Those of you lucky enough to live in a jurisdiction where an innocent citizen doesn't have to hand over their passwords or face prison time may or may not be familiar with the Cold Boot Attack :
https://citp.princeton.edu/research/memory/
For those that don't know, in simplest terms, this type of attack is a way of decrypting the contents of a person's hard drive when they have used a program like Truecrypt or PGP disk to protect it.
The attack exploits what is known as "memory persistence" in a computer's RAM chips whereby data is not erased immediately when a computer is powered down but lingers for a number of minutes (this can be extended if equipment is used to cool down the computer).
I'll let Princeton University explain the rest:
"Although DRAMs become less reliable when they are not refreshed, they are not immediately erased, and their contents persist sufficiently for malicious (or forensic) acquisition of usable full-system memory images. We show that this phenomenon limits the ability of an operating system to protect cryptographic key material from an attacker with physical access. We use cold reboots to mount attacks on popular disk encryption systems — BitLocker, FileVault, dm-crypt, and TrueCrypt — using no special devices or materials. We experimentally characterize the extent and predictability of memory remanence and report that remanence times can be increased dramatically with simple techniques. We offer new algorithms for finding cryptographic keys in memory images and for correcting errors caused by bit decay. Though we discuss several strategies for partially mitigating these risks, we know of no simple remedy that would eliminate them."
None of this is to suggest that using full disk encryption (FDE) is futile but this is a serious vulnerability and it's one you may not know about if you use FDE.
The likelihood of you being caught solely on the basis of the Police bursting down your door, spraying your laptop with liquid nitrogen and retrieving your encryption key is low but it's not a risk that can be ignored entirely so I have started this thread in order for us to discuss ways we can protect ourselves against this kind of attack.
My two cents for what they're worth(!):
==Shutting down your PC when you're not using it!==
Most modern laptops and computers have a "hibernate" mode - this is not nearly as safe as cleanly shutting down the machine as the computer's suspended state is stored in your RAM memory -including your encryption keys. At the very least you should dismount any encrypted containers/drives when you suspend the machine.
==Good Physical Security==
The data only lingers in RAM Chips for a short time. Even a delay of a minute or so could make the difference in this kind of attack. In an idea world you'd have a wire fence, several locked doors and steel safe in between your laptop and government grunts but the rest of us have to be more pragmatic. Locking your door is probably a good first step - this also prevents the "evil maid" attack whereby someone can install malicious software on your computer to record your password as you enter it.
==Storing the Encryption Keys elsewhere besides in RAM==
For the technically minded amongst us it might be possible to install your Bootloader and possibly some keyfiles to a USB stick which would make it more difficult to perform a Cold Boot attack although I do not think this would provide an absolute defence.
I have also been able to find a patch for the Linux Kernel named TRESOR which keeps encryption keys in your CPU, not the RAM. You can download it from : http://www1.informatik.uni-erlangen.de/tresor
This isn't for noobs as it involves modifying the Linux Kernel. Sad to say unless your processor supports encrypted devices, you're stuck with using 128 Bit encryption which isn't very secure. I'd be interested to hear some of our security gurus thoughts on this workaround.
Any other suggestions/comments would be most welcome.
V.
-
I thought there was a way to remove the contents of the ram on demand? Maybe I'm mistaken on that, or it wouldn't be helpful in this scenario.
-
The "Tails" bootable OS claims to defend against cold boot attacks, by filling the RAM with garbage data when you shut down the computer or remove the USB stick that the OS is installed on. From their documentation:
Protection against cold boot attacks
Due to how modern computing works, basically everything that you have done during a session is stored in the RAM. If an attacker has physical access to your computer when you are running Tails, it may enable her to recover everything that have been achieved during the session, from typed texts to saved files, including passwords and encryption keys. The more recent the activity, the more likely it is that it is still in the RAM.
Furthermore, it has been shown that the data present in the RAM might be recoverable for seconds or even minutes after the computer is powered off using a cold boot attack.
In both cases the RAM contents can be analysed in a computer forensics laboratory which might turn into a major disaster depending on what they find.
So, what should you do when you hear an attacker knocking at your door? You could just remove the USB stick or DVD you are running Tails from. It will start to wipe the contents of the RAM by filling it out with random junk, thus erasing everything that was stored there before, including the encryption key of the encrypted storage devices you might use and the traces of your session. Then you wait, possibly trying to buy valuable time by barricading your door.
As far as the authors know, cold boot attacks are not standard procedure within law enforcements and similar organisations anywhere in the world yet, but it might still be good to be prepared and stay on the safe side.
-
If you need to access SR. Boot from a ramdisk or USB, then 0-fill the drive when you are done. There are several utilities around that 0-fill, basically they write and re-write every sector (MBR and sector 0) enough times to make data irretrievable. An old DOS based version of Norton disk-doctor floating around is the best 0-fill utility going around, but you need a floppy drive to use it. It's the best because you can specify the number of writes.
Yes it's a PITA to re-install Tor and a lite linux and AES-twofish encrypt it every time, and the 0-fill takes about 2 hours on a 1gb drive, so its not something you can do in an emergency situation, but it may save your freedom if not your life.
CC
-
I thought there was a way to remove the contents of the ram on demand? Maybe I'm mistaken on that, or it wouldn't be helpful in this scenario.
It would seem that there's not a way using software alone to be certain of deleting your RAM. I think that the so-called Trusted Platform Module (TPM) offered users a way to erase their RAM but it would not seem to be 100% effective. I'm quite excited about this TRESOR patch personally but am interested to hear what other solutions people come up with - I imagine it'll be "prevention is better than cure" i.e look at ways you can browse the internet anonymously so you don't draw suspicion to yourself in the first place.
V.
-
The "Tails" bootable OS claims to defend against cold boot attacks, by filling the RAM with garbage data when you shut down the computer or remove the USB stick that the OS is installed on. From their documentation:
Protection against cold boot attacks
Due to how modern computing works, basically everything that you have done during a session is stored in the RAM. If an attacker has physical access to your computer when you are running Tails, it may enable her to recover everything that have been achieved during the session, from typed texts to saved files, including passwords and encryption keys. The more recent the activity, the more likely it is that it is still in the RAM.
Furthermore, it has been shown that the data present in the RAM might be recoverable for seconds or even minutes after the computer is powered off using a cold boot attack.
In both cases the RAM contents can be analysed in a computer forensics laboratory which might turn into a major disaster depending on what they find.
So, what should you do when you hear an attacker knocking at your door? You could just remove the USB stick or DVD you are running Tails from. It will start to wipe the contents of the RAM by filling it out with random junk, thus erasing everything that was stored there before, including the encryption key of the encrypted storage devices you might use and the traces of your session. Then you wait, possibly trying to buy valuable time by barricading your door.
As far as the authors know, cold boot attacks are not standard procedure within law enforcements and similar organisations anywhere in the world yet, but it might still be good to be prepared and stay on the safe side.
Thanks for this UKGrower, this sounds most promising! As you say I don't think it's a reason to skip the door as soon as they come knocking but it would seem to be an adequate defence - of course as they say this isn't a method used by Police at the moment to the best of our knowledge but you can't be too careful.
V.
-
A tails shutdown only takes about 15-20 seconds, from my observations, so if it does overwrite the RAM properly, this should be an adequate defense against this kind of attack.
Even if this ever does become common practice, I can't see LE having a guy with a can of liquid nitrogen taking point on a raid.
-
A tails shutdown only takes about 15-20 seconds, from my observations, so if it does overwrite the RAM properly, this should be an adequate defense against this kind of attack.
Even if this ever does become common practice, I can't see LE having a guy with a can of liquid nitrogen taking point on a raid.
Thanks UkGrower,
This sounds like an excellent solution. Perhaps I was being overly paranoid in mentioning this but I thought it mightn't be inconceivable some bright spark invents some kind of container to stash a person's laptop/tower until it can be analysed by the carbon blobs back in the safety of the forensics lab - glad to see TAILS takes this seriously.
V.
-
Not at all mate, all security stuff deserves a mention. I rushed my last post due to distractions, so it may have sounded more dismissive than I intended it to. What I meant was that the 15-20 second shutdown time of Tails should give adequate time to thwart the attack, since I doubt LE would rush the tech guys in first on a raid.
-
It isn't that low risk, specialized police do cold boot attacks all the time.
http://www.nzherald.co.nz/nz/news/article.cfm?c_id=1&objectid=10641927
hm there was a news article not that long ago where police were talking about internet drug scene using encryption, and how they are starting to train agents to get memory while it is still live, but I can't find it right now. They talked about several of their tactics for getting to encryption keys in memory though.
www.ncjrs.gov/pdffiles1/nij/219941.pdf
there is a LE guide for first responders on how to deal with memory in ways that maximize the chance of obtaining encryption keys
-
Also some other points:
A. They don't need to carry in a vat of liquid nitrogen they just need a can of compressed air held upside down
B. 128 bit encryption is very secure, most algorithms are designed for 128 bit security in the first place and then extended to 256. In some cases 128 is even more secure than 256 due to issues that arise with the key scheduling of 256 bits. 256 is more quantum resistant though. A classical computer is not going to pwn 128 bit any time soon though.
C. The best defense from a cold boot attack is to encapsulate the memory in some material that needs to be removed before they can dump it in a forensics laptop, and use chassis intrusion detection hardware that immediately shuts down into a memory wipe when they case is opened
D. If you are identified in the first place you are relying on your attacker being retarded, there are a billion ways to steal passphrases and keys and FDE is only going to protect you if your attacker doesn't know what they are doing
-
I have my OS drive TrueCrypt'd, which stores sensitive information. When I am away from my computer, I usually just log out of my windows account; should I be doing a complete shutdown? I am not sure if the 'Dismount All' button is valid for OS drives. (I am speaking in general, not specifically for a cold boot attack).
-
I have my OS drive TrueCrypt'd, which stores sensitive information. When I am away from my computer, I usually just log out of my windows account; should I be doing a complete shutdown? I am not sure if the 'Dismount All' button is valid for OS drives. (I am speaking in general, not specifically for a cold boot attack).
As I understand it if you dismount Truecrypt containers, the encryption keys are purged from RAM. Obviously while a computer using FDE is switched on this cannot be done as the keys will be needed to access the hard drive once you log back in again. I would suggest shutting down your machine when you're not there.
Thanks,
V.
-
Also some other points:
A. They don't need to carry in a vat of liquid nitrogen they just need a can of compressed air held upside down
B. 128 bit encryption is very secure, most algorithms are designed for 128 bit security in the first place and then extended to 256. In some cases 128 is even more secure than 256 due to issues that arise with the key scheduling of 256 bits. 256 is more quantum resistant though. A classical computer is not going to pwn 128 bit any time soon though.
C. The best defense from a cold boot attack is to encapsulate the memory in some material that needs to be removed before they can dump it in a forensics laptop, and use chassis intrusion detection hardware that immediately shuts down into a memory wipe when they case is opened
D. If you are identified in the first place you are relying on your attacker being retarded, there are a billion ways to steal passphrases and keys and FDE is only going to protect you if your attacker doesn't know what they are doing
It's reassuring to hear 128 Bit encryption is still sufficiently robust - as you say it seems more likely that an "evil maid" attack is more likely whereby your boot loader is infected by malware which records your password than your disk encryption being overcome in this way. I imagine you get around this problem by placing the boot loader on a USB stick and keeping it on you at all times.
You mention that chassis intrusion detection hardware can begin a memory wipe - I wasn't aware this was possible. How would it work independently of the machine being shut down?
V.
-
Dear all,
Those of you lucky enough to live in a jurisdiction where an innocent citizen doesn't have to hand over their passwords or face prison time may or may not be familiar with the Cold Boot Attack :
https://citp.princeton.edu/research/memory/
For those that don't know, in simplest terms, this type of attack is a way of decrypting the contents of a person's hard drive when they have used a program like Truecrypt or PGP disk to protect it.
The attack exploits what is known as "memory persistence" in a computer's RAM chips whereby data is not erased immediately when a computer is powered down but lingers for a number of minutes (this can be extended if equipment is used to cool down the computer).
My understanding is that the usual procedure is to invert a duster-can and spray the propellant onto the chips, to cool them down until they can beremoved and placed in liquid nitrogen. Once they are placed in liquid nitrogen, the contents can be preserved indefinitely. To help prevent this, some people have taken to using expoxy to glue their ram sticks in place, making them much harder to remove. People have also used Loctite thread fastener to ensure that the screws holding the case together cannot be easily removed.
Now, another technique used by the police in the seizure of equipment is to use a modified power strip/UPS made by Wiebetech:
WiebeTech HotPlug lets cops move desktops without shutting them down
By Nilay Patel posted November 6th 2007 1:19PM
We've seen some interesting computer forensics gear from WiebeTech before, like the Mouse Jiggler USB key that prevents a system from locking the screen
or going to sleep by subtly shaking the mouse cursor, and the company's latest addition to the investigator's toolkit, the HotPlug LT, solves an
equally basic problem: how to move a desktop without powering it down. The HotPlug allows cops to seize machines without powering them down by switching
power to a UPS, using some interesting power-management voodoo. The investigator simply plugs the HotPlug into the computer's powerstrip, and
then unplugs the strip and plugs it into the UPS -- and takes the whole system away. If the machine is plugged directly into the wall, WiebeTech
also has options for directly piercing the power cable or hijacking the outlet itself. Bottom line: the Man's getting your machine, like it or not.
Peep a vid of the HotPlug in action after the break.
http://www.engadget.com/2007/11/06/wiebetech-hotplug-lets-cops-move-desktops-without-shutting-them/
I'll let Princeton University explain the rest:
"Although DRAMs become less reliable when they are not refreshed, they are not immediately erased, and their contents persist sufficiently for malicious (or forensic) acquisition of usable full-system memory images. We show that this phenomenon limits the ability of an operating system to protect cryptographic key material from an attacker with physical access. We use cold reboots to mount attacks on popular disk encryption systems — BitLocker, FileVault, dm-crypt, and TrueCrypt — using no special devices or materials. We experimentally characterize the extent and predictability of memory remanence and report that remanence times can be increased dramatically with simple techniques. We offer new algorithms for finding cryptographic keys in memory images and for correcting errors caused by bit decay. Though we discuss several strategies for partially mitigating these risks, we know of no simple remedy that would eliminate them."
None of this is to suggest that using full disk encryption (FDE) is futile but this is a serious vulnerability and it's one you may not know about if you use FDE.
The likelihood of you being caught solely on the basis of the Police bursting down your door, spraying your laptop with liquid nitrogen and retrieving your encryption key is low but it's not a risk that can be ignored entirely so I have started this thread in order for us to discuss ways we can protect ourselves against this kind of attack.
No one is arguing that FDE is futile -- it just needs to be placed in its proper context. Your strongest defence is anonymity -- FDE is only a fallback measure, if your primary defence, anonymity, happens to fail.
My two cents for what they're worth(!):
==Shutting down your PC when you're not using it!==
Most modern laptops and computers have a "hibernate" mode - this is not nearly as safe as cleanly shutting down the machine as the computer's suspended state is stored in your RAM memory -including your encryption keys. At the very least you should dismount any encrypted containers/drives when you suspend the machine.
Agreed. It is always a good rule of thumb to NEVER hibernate your machine if you have anything sensitive on it. Always dismount your encrypted drives, then shut the machine down.
==Good Physical Security==
The data only lingers in RAM Chips for a short time. Even a delay of a minute or so could make the difference in this kind of attack. In an ideal world you'd have a wire fence, several locked doors and steel safe in between your laptop and government grunts but the rest of us have to be more pragmatic. Locking your door is probably a good first step - this also prevents the "evil maid" attack whereby someone can install malicious software on your computer to record your password as you enter it.
Data remanence typically lasts only about ten minutes at room temperature. In an emergency, given that shutting-down takes a few minutes that you might not have, what you might do is restart the machine by hitting the reset button; if your BIOS is set so as to self-test the RAM chips on system startup, this will help to destroy the contents. As Felten, et.al says in his paper:
4.1
Imaging tools
One challenge is that booting the system will necessarily overwrite some portions of memory. Loading a full operating system would be very destructive....."
In many jurisdictions, attempting to fortify a building, even one's own home, is a criminal offence in and of itself. (These measures were brought in to stop biker gangs from building fortified clubhouses.)
==Storing the Encryption Keys elsewhere besides in RAM==
For the technically minded amongst us it might be possible to install your Bootloader and possibly some keyfiles to a USB stick which would make it more difficult to perform a Cold Boot attack although I do not think this would provide an absolute defence.
You would most likely need a micro-SD card and adapter for that purpose. You would also need a decoy micro-SD card. Jacob Appelbaum has spoken of some of these techniques.
I have also been able to find a patch for the Linux Kernel named TRESOR which keeps encryption keys in your CPU, not the RAM. You can download it from : http://www1.informatik.uni-erlangen.de/tresor
This isn't for noobs as it involves modifying the Linux Kernel. Sad to say unless your processor supports encrypted devices, you're stuck with using 128 Bit encryption which isn't very secure. I'd be interested to hear some of our security gurus thoughts on this workaround.
Any other suggestions/comments would be most welcome.
V.
I believe you are mistaken when you say 128-bit enrcyption isn't very secure; that is the same bit-size used in symmetric ciphers contained in PGP like AES128, IDEA, and CAST5. You are perhaps confusing symmetric ciphers where the typical key size is 128-256 bits with asymmetric ciphers like RSA, where the typical key size is 2048-bits or higher.
Guru
Thanks Guru,
A most interesting post as ever, I was hoping to hear your thoughts.
I hadn't been aware of the Hotplug device before now, something for us all to bear in mind, and of course it underlines the importance of shutting down your machine while present.
You mentioned installing the bootloader to a micro SD card as well as having a decoy - I imagine you suggested this as it would be much easier to conceal and the dummy card would serve as a delaying tactic? I suggested using a Yubikey as a blind a few months ago for this purpose - I suppose its success would depend on how much time it bought you - leaving the dummy card prominently beside your computer might waste precious minutes.
With regard to TRESOR, I am very excited about the possibility of a patch which stores encryption keys in the CPU not the RAM. It doesn't concern me at all that it's for an older version of the linux kernel, nor that it uses 128 Bit encryption but I thought it might concern people in the know - I wonder if this were applied to a USB installation of a debian based distro like TAILS if it would increase one's security? As you can see UKGrower has said that TAILS automatically begins to purge the RAM when the corresponding USB stick / DVD is removed.
I am a member of the Linux Forensics group on Yahoo (I used to run a small home based business to help people recover their deleted / encrypted files) and I did see a post the other day about a hard drive that had been seized from an Ubuntu user whose home folder had been encrypted using 128 Bit AES - most posters did say that there wasn't much to be done about retrieving files allegedly saved to his download folder (the man's partner had apparently seen him do this), but a couple of posters said it was viable to crack 128 bit encryption - it seems from what you say they were talking through their hats, so many thanks for setting me straight!
You'll see below I say that dismounting encrypted Truecrypt *volumes* in fact does purge the encryption keys from memory to the best of my knowledge. For this reason I keep my Tor Browser / GPG software in a separate Truecrypt container inside an encrypted partition. I'd very much appreciate your thoughts on this as I don't want to give faux advice!
Cheers,
V.
-
It isn't that low risk, specialized police do cold boot attacks all the time.
http://www.nzherald.co.nz/nz/news/article.cfm?c_id=1&objectid=10641927
hm there was a news article not that long ago where police were talking about internet drug scene using encryption, and how they are starting to train agents to get memory while it is still live, but I can't find it right now. They talked about several of their tactics for getting to encryption keys in memory though.
www.ncjrs.gov/pdffiles1/nij/219941.pdf
there is a LE guide for first responders on how to deal with memory in ways that maximize the chance of obtaining encryption keys
Thanks for this article, it was most interesting!
I see that in this case this man Moore had a huge kiddy porn collection which he managed from an external hard drive. Some undercover police in NZ kept him busy chatting on IRC while his their buddies moved in. Moore desperately tried to switch off his machine but they restrained him in time.
I daresay none of us will shed a tear that there's one less CP distributor walking the streets but it seems Moore had poor physical security as he had flatmates and his girlfriend living with him at the time any one of whom could have let the investigators in - this would mean that he wouldn't have had the minute or so's warning that comes from hearing your door being battered down.
Interestingly enough he was originally tracked down by US Investigators - I can only assume he didn't Torify his connection to the IRC channels he managed?
Another blunder he seems to have made is stored details of further passwords on the external drive itself, which of course allowed them to unlock more of his files. It seems it only took five days for LE in New Zealand to retrieve incriminating information.
The logic of writing down a list of all one's passwords and protecting them with a single password seems to be that you can store passwords much longer than those you can remember in your head. My own solution which I posted about in a separate thread is to use an old school book cipher to protect your password list which would be impossible to crack without the associated key text and also doesn't have to be stored on your computer - I don't want to veer too far off topic but the above article is a clear example of why protecting all your passwords with a single one is a bad idea!
V.
-
I thought with FDE hibernate was secure? So that's certainly not the case?
-
I thought with FDE hibernate was secure? So that's certainly not the case?
My understanding is that if you set Truecrypt to dismount encrypted volumes e.g USB sticks, TC containers then the data contained is safe but in the nature of things if the computers suspended state is kept in RAM and your hard drive is encrypted ipso facto the encryption key is also stored in RAM and can be recovered.
The method used involves restarting the machine and booting to a malicious OS (on a USB drive or other removable media) which has been programmed to pull the entire contents of your RAM - the data degrades quickly once your computer has been shut down but while it's on... :)
V.
-
The likelihood of you being caught solely on the basis of the Police bursting down your door, spraying your laptop with liquid nitrogen and retrieving your encryption key is low...
Ya think?
;)
-
The likelihood of you being caught solely on the basis of the Police bursting down your door, spraying your laptop with liquid nitrogen and retrieving your encryption key is low...
Ya think?
;)
Note the use of the word "solely" :-)
V.
-
It isn't that low risk, specialized police do cold boot attacks all the time.
http://www.nzherald.co.nz/nz/news/article.cfm?c_id=1&objectid=10641927
My understanding is that this was the province of specialized units -- perhaps this technique has become more general in its application.
hm there was a news article not that long ago where police were talking about internet drug scene using encryption, and how they are starting to train agents to get memory while it is still live, but I can't find it right now. They talked about several of their tactics for getting to encryption keys in memory though.
www.ncjrs.gov/pdffiles1/nij/219941.pdf
there is a LE guide for first responders on how to deal with memory in ways that maximize the chance of obtaining encryption keys
I have long maintained that, if you can be identified/located, to the point that they are knocking on your door, then you have already failed. Anonymity is your primary defence; once that fails, everything else is a fallback position.
Guru
Well said Guru - disk encryption is only one layer of defence. My own opinion for what it's worth though is if it is to be the last layer, let's make it a secure one!
V.
-
It isn't that low risk, specialized police do cold boot attacks all the time.
http://www.nzherald.co.nz/nz/news/article.cfm?c_id=1&objectid=10641927
hm there was a news article not that long ago where police were talking about internet drug scene using encryption, and how they are starting to train agents to get memory while it is still live, but I can't find it right now. They talked about several of their tactics for getting to encryption keys in memory though.
www.ncjrs.gov/pdffiles1/nij/219941.pdf
there is a LE guide for first responders on how to deal with memory in ways that maximize the chance of obtaining encryption keys
Thanks for this article, it was most interesting!
I see that in this case this man Moore had a huge kiddy porn collection which he managed from an external hard drive. Some undercover police in NZ kept him busy chatting on IRC while his their buddies moved in. Moore desperately tried to switch off his machine but they restrained him in time.
I daresay none of us will shed a tear that there's one less CP distributor walking the streets but it seems Moore had poor physical security as he had flatmates and his girlfriend living with him at the time any one of whom could have let the investigators in - this would mean that he wouldn't have had the minute or so's warning that comes from hearing your door being battered down.
Interestingly enough he was originally tracked down by US Investigators - I can only assume he didn't Torify his connection to the IRC channels he managed?
Another blunder he seems to have made is stored details of further passwords on the external drive itself, which of course allowed them to unlock more of his files. It seems it only took five days for LE in New Zealand to retrieve incriminating information.
The logic of writing down a list of all one's passwords and protecting them with a single password seems to be that you can store passwords much longer than those you can remember in your head. My own solution which I posted about in a separate thread is to use an old school book cipher to protect your password list which would be impossible to crack without the associated key text and also doesn't have to be stored on your computer - I don't want to veer too far off topic but the above article is a clear example of why protecting all your passwords with a single one is a bad idea!
V.
Most likely he used some VPN solution, I never could find the anonymity solution that he was using though. He had CCTV cameras positioned outside of the flat in the hopes that he could spot the party van before the feds smashed his door down, but it didn't save the day for him because he was distracted on IRC. He should have had his doors and windows hooked up to an alarm system and configured his PC to shut down into a memory wipe as soon as a breach was detected. This is merely one case of police pwning someone with FDE, there are other cases where they actually did cold boot attack after the suspect had managed to shut down his computer, but not enough time had passed for the RAM to clear. You probably will not have anywhere near a minute after your door is battered down, LE can get access to the blueprints of your house and use various techniques to guess the room that your PC is in, so they pretty much know exactly where to go. Also they have adrenaline pumping and are going full speed and the door will be on the ground when the front runners hit it the first time if they use a battering ram and then the rest of the team can just keep running full speed into the home and to the location they are trying to get to. five to ten seconds after you hear the door hitting the floor is a more realistic amount of time imo.
-
Pedo's with a lot of sick porn should really take heed in this advice as it is the computer contents that will convict. Us dope fiends? Maybe not so much, but perhaps I'm being a bit naive...
IMO you are correct. FDE has applications and I always make sure to use it. But realistically it wont do much to protect me if the feds know I am using it and really want to get around it. And it would be much more useful for trying hide ten thousand CP pics, versus ten thousand grams of PCP. It is still an extra layer of security though, and it could always save the day in some cases.
-
properly done CCTV might be good for protecting from a sneak and peak keylogger being covertly installed, but that just knocks down the number of ways they can steal your encryption keys from 1,000,0000 to 999,999. You could have your house all set up with alarm systems and CCTV and have memory in encapsulation material and sit on a dead mans switch that wipes ram when the pressure is off of it and have a chassis with intrusion detection that wipes RAM when the case is opened and use an on screen keyboard and always work out of your basement with a laptop running off of battery in the hopes that it will shield adequately from a TEMPEST attack. That will make stealing your passphrase pretty difficult, but would be much more beneficial if you were hiding a bunch of CP versus trying to hide the fact that you are selling drugs.
-
I doubt you'll ever get TEMPEST or acoustic signature experts trying to steal your pass unless you're Al Qaeda or other target for the US military. Different keyboards and/or laptop have different emission characteristics (both acoustic and EM) and real world attempts to do a remote keylog would likely have a very low probability of success. Also, such hardware is not generally made available to law enforcement because the US military doesn't want it falling into the hands of other countries intelligence agencies.
RAM readers ARE available though... and an important thing to remember is that you don't have to get your computer ram zeroized, just get it shut down quickly. If you suspect there's cops going to break your door down just pull the plug, this will instantly power you off and from that point the clock is ticking.
Best case scenario you have a laptop or tablet with no removable RAM.... shut down, problem solved.
Some removable RAM will persist for quite a while, so flipping the switch won't help much if they come prepared to pull the ram and dump it to their machine. In this case you're best off ensuring they can't easily get that RAM out. They'll shit their pants when they open your computer only to discover that you epoxied your ram sticks in. This is doable and is commonly done on COTS hardware operating in high-vibration environments.
a good bet for Epoxy is Hysol EA9394 or EA9686, thoroughly clean the pins and connectors with a toothbrush and IPA. Dry with a heat gun on low heat, Coat the pins and connectors with epoxy, install the RAM, wiggle it back and forth and seat it well, then slowly apply heat and cure the epoxy at about 90C..... Hot cures make it much much stronger. Once it's cured nobody can pull that ram without causing damage to the delicate pins & traces.
The best epoxys will bond well to metals and to composites (fiberglass). If you can't find those aerospace types use the loctite plastic bond commercial epoxy.
None of this works if you leave your machine powered on, lock it, and walk away... but a power relay from ebay tied into a magnetic door switch can be configured to shut the computer off every time someone walks into the room... the trick is how do you keep it from resetting the machine every time YOU open the door. There are a variety of cheap-o ways to do that, unlabeled wall switches to enable/disable your system, or a smart arrangement of magnetic door switch(s) that you can bypass with a small handheld magnet. Or many other circumventions. That's the sort of thing nobody would expect (till they read this post).
Here's an idea, You guys know what a mercury switch or "mercury tilt switch" is??? I'd bet you young kids don't But all the old-timers out there have probably seen them inside the old style thermostats for home furnaces. go google it.. Stick one of these in your desktop to cut the power if it's moved.... Just don't break it. Mercury switch + epoxy = problem solved.
Best Regards
Bob
-
Absolutely fantastic post Vlad. I'm going to be doing a top-to-bottom inventory of all my security flaws and fix them soon. Thanks for the information.
Peace
Lain
-
Absolutely fantastic post Vlad. I'm going to be doing a top-to-bottom inventory of all my security flaws and fix them soon. Thanks for the information.
Peace
Lain
Hi Lain,
Thank you for your kind words.
As you'll see from the posts above, there's unfortunately no one, simple solution to this problem.
I've posted a link to Bruce Schneier's latest book "Liars and Outliers" in another thread, which talks about the issues of trust in society and how we use a number of methods to discourage defectors (outliers) - not all of whom of course are criminal. See what he has to say on issues like this:
"...There's one more problem: defenders are in what military strategist Carl von Clausewitz calls "the position of the interior." They have to defend against every possible attack, while the defector only has to find one flaw that allows one way through the defenses. As systems get more complicated due to technology, more attacks become possible. This means defectors have a first-mover advantage; they get to try the new attack first."
This summarises nicely the general sentiment I've seen so far in the thread. There are any number of possible defences against the cold boot attack but there are also any number of ways one of them can be overcome.
This doesn't make encryption useless - nor is your number necessarily up the instant the Police batten down your doors, it's just important to make sure you employ layers of security to try to make sure this doesn't become an issue in the first place. In the above example, the man in question accessed an IRC channel from a non Torified connection which may well have been all that was necessary to trace him to his home address.
I also mentioned poor physical security but as you'll see more experienced posters have mentioned that even if he'd had time to shut down his computer before the door was broken down, there would still be enough data remaining in RAM to make a cold boot attack possible, as LEO are trained to knock down locked doors and enter property very quickly.
Based on the links I posted above it would seem to take around ten minutes for data like encryption keys to fade irretrievably into RAM so if you can find a way to be certain you could shut down your machine and stop anyone from accessing it for at least that amount of time, please do share it with us!
It's also worth noting the other comments above, saying that there are other ways for the Police to obtain your passwords through coercion by resorting to legislation such as RIPA in the UK, through monitoring EM transmissions from your keyboard and also installing a modified bootloader on your computer to record your password as you type.
In any case, many thanks to everyone for your comments, I'm sure we'll have some food for thought.
V.