It looks like many disk encryption schemes are vulnerable if someone has physical access to your drive, thanks to researchers with Princeton University and the Electronic Frontier Foundation. They've discovered a flaw and published their findings...
The attack takes only a few minutes to conduct and uses the disk encryption key that's stored in the computer's RAM. The attack works because content as well as encryption keys stored in RAM linger in the system, even after the machine is powered off, enabling an attacker to use the key to collect any content still in RAM after reapplying power to the machine.
Sounds like it's best to use an encryption scheme that doesn't preserve anything in RAM once you shutdown... at least not in readable form.
Researchers: Disk Encryption Not Secure, Wired
Cold Boot Attacks on Encryption Keys, Center for Information Technology Policy, Princeton University
Update: RAM Hijacks, Security Now, Episode 137
Category: Security
| 
