Cold Boot Encryption Hack - Follow Up

There’s an interesting follow up piece to the blog I wrote a couple of days ago about the disk encryption hacks. Read it here. Russ Humphries argues a case as follows

— The attacker would have to have physical access to the machine.

— The laptop would likely have to be in “sleep” mode, rather than in “hibernate” mode or powered off.

— The person who finds/steals the laptop must be knowledgeable and interested enough to execute the attack.

“I would posit that the opportunistic laptop thief is somewhat unlikely to carry a separate laptop on which they will have installed tools that allow them to reconstruct cryptographic keys, or for that matter have a can of compressed air handy,”

There’s some further comment along similar lines here. In particular, the quote (again from Russ Humphries) that the thing to keep in mind here is the old adage of balancing security, usability and risk.

It’s all good points and I don’t disagree. However, there are many instances where individuals want to be assured that they are using secure products to protect very sensitive data. There is now an element of doubt and, more to the point, there is an exploitable vulnerability – albeit one that’s technically difficult (for most, at the moment) to exploit.

So, while the opportunist thief is unlikely to be interested in anything other than the hardware, there are a number of scenarios where pre-meditated attempts to gain access to sensitive data make this a very real risk.