Backyard Aquaponics
A place to discuss aquaponics

Lots and lots of pre-requisites required Steve....

The so called disk encryption applications used are often a total misnomer....

They aren't/don't actually encrypt the data files stored on the hard drive.... they're merely "access" keys .... glorified "electronic" passwords, like the old password on a screensaver approach but applied to boot level and with a mathmatical algorithym applied ....

A refinement on the old boot bios level password setting that you can use to prevent people from booting your system.... of course this method is easily circumvented as are screensaver passwords.....

Most laptops now have an actual "fingerprint" recognition ability that prevents physical access, but not usually boot access ..... except for certain agencies and classified systems

Those that do encrypt all files as they're written and decrypt them on access... must load the encrytion key as stated... but they're widely known amongst certain circles.... and available.

Some of the other prerequisites require.... the particular bit memory reader/copier, a "pre-loaded" key finder application that searches for commonly known "encryption" keys with known memory addresses... old hackers method and tools...

The other pre-requisites are computer( usually) in "sleep/hibernation" mode or at password screensaver or login prompt...

Sleep/hibernation modes deliberately, by design map and retain the contents of system state on the hard drive and constantly/frequently reflush the memory contents..... so that it all magically "pops up" when you move the mouse, press a key etc....

All you'd have to do even if the system was off is dump/read the "hibernation" file off the hard drive anyway... as it is in itself a complete map of the dram... the "encryption" key would be held on disk in the file.... unless your system is set to flush the hibernation file at shutdown.

Then of course to run their little "bitmemory attacker from the usb drive requires that the bios be set to look/boot from such a device anyway.... not perhaps uncommon these days but still not a standard bios setting...

The "image" degradation demonstration was totally unconvincing... having removed the memory chip and laid it on the bench, I'd say the slow decay was actually the video card dram memory fading over time not the actual system dram.....

Removing a chip and placing it into another system might indeed allow for the memory to be mapped.... for a while....

In the demo where they boot from the usb drive with the bitattacker.... it's booting from an external source/bios and loading to a reserved location "memory" on the external device....

A normal system boot, boots from the bios (nvram) and loads a the boot loader into system dram..... effectively overwritting anything that may have previously been there.... other than reserved system memory addresses and "allocated" areas.... such as "boot" keys/encryption keys are allocated.... and whose memory locations are widely known. In fact all such encryption key locations must be declared to Federal authorities and in a sense certified for use .... that's why the feds can crack your gear easily.... they know exactly where to start looking and have pre-written "de-crypters"... probably like these guys used.

Wow Steve! Thats pretty cool! I wonder what the fingerprint is that they use to locate these keys!

True crypt does everything dynamically in ram so I guess it would make sense that the key would remain there.. As for microsoft products, I knew that they are all easy to break into. Truth is that if someone has physical access to your computer there is nothing you can do to prevent access. Computers are like door locks; a little knowledge and a couple tools and they are no more secure than an unlocked door with a sticky knob.

I have boot CD that I use here at work to recover passwords of people who have quit. It usually only takes 3 min and I have their passwords. BTW, we are always told use a password 8 charters longs with upper and lower case and numbers. That actually makes it easier to break with modern methods. The best you can do is make it as long as you can and use spaces and non alpha numeric symbols. However most programs including windows has a max charter count, after which longer keys are cut off.

Remember, Physical access = complete access

the paper up for peer review. more to come i guess.

i know that its caused a stir.

my understanding of the disk encription was that data was encryped on the fly for read writes hence all dada stored physically was encrypted.

the point is that a lappy can be stolen in the hibernation state (and yes the memory dump will be stored on the hdd but that should be encrypted too), or in stand-by, or in the running but locked state and encryption key retrieval from a removed ram chip (forget about doing it from an external usb drive) is possible.

Bottom line as DanD says ... "Remember, Physical access = complete access".

Given physical access, time and the right tools..... there isn't a system that can't be broken.



Humm... I'm not so sure about that one Steve.... "pre-fetch" files maybe... hibernation file I'm doubtful. And most systems don't flush or encrypt the pagefile as it's constantly accessed and totally dynamic.

And regardless... the clue and crux of it all.... is the "cold boot" pre-requisite..... they're booting an external bios loader that's loading to a reserved area not loading the normal boot loader to system memory.... or perhaps loading even to actual unreserved bios memory.

Removing the dram chip to another machine MAY enable the contents of the dram chip to be read, including the "encryption" key... but dram wont include the contents of the encyrpted hard disk data files.... they wouldn't fit....

So you end up with someones key in a memory chip from someelses system .... big deal.....

The only way to access the data stored on the hard drive would be to replace the dram in another system.... cold boot the system.... copy the dram contents.... either to the second systems hard disk or it's own dram... and attach the original hard drive....

Probably can be done... darn it surely is everyday by the authorities....

But like I say... it needs physical access, time and the right tools.

Anyone that paranoid about protecting their data would have done three things anyway..... one made a backup copy of the hard disk, and presumably secured it, made a backup copy of the encyrption key...

And three have setup an application that does a "zero fill" level format or a "wipedisk" partition deletion whenever the computer chassis is opened/broken..... and that stuff has been around since the old days of Nortons Utilites

i agree rope, regardless of any other arguments, physical access is the key.

point being that the more protection people have the more relaxed they are about it.

its doesn't have to be state secrets people are after, a high level exec of bhp probably leaves his lappy on the front seat when he goes to pay for petrol.

thats the point, that if your pc gets pinched then enycyption may not be "all that"

and if you have it off site then the ram swap method would be the best approach.

LOL, i missed a post on the last page.



no, freeze spray cools it to -50 (F most likely) and gives 10 minutes retention time at that temp (can be sprayed multiple times to keep it)

white paper states that a test was done in the 90's i think at -198C retention time was > 1 hr.

Yeah, picked that up when I actually watched the video..... to get to -198C you'd definitely have to use liquid nitrogen.... sneeze and your dram chip would be confetti

Yeah, all of the above is a concern ONLY if you have something to hide...
anything I have that I wish to keep private is hardcopy (or on other removable storage media), including credit card numbers etc.

hi guys . havent been able to visit for a while but my small system is now up and running, i have been trying to download a bit about the fresh water crayfish however i can not get anything to appear. any help would be great.

what are you trying to download Ray?

Want to see what a non-Windows-based operating system developed by Microsoft looks like?

If you are willing and able to sign a non-commercial, academic Shared Source license, look no further.

On March 4 Microsoft made the few-hundred-thousand lines of source code for Singularity Version 1 available for download from its CodePlex site.

Singularity is an operating system and set of related tools and libraries that is developed completely in managed code.

Singularity is not based on Windows; it was written from scratch as a proof-of-concept.

Can be downloaded from Here

It is so typical of Microsoft to try and cash in on the open source market LOL!

Hi all,

I've got a strange problem for you. I've finally got a new computer, set it up and all was running normal yesterday. I had CD's playing most of the day. Today I get on and I've got no sound! Where did it go?

I've checked everything I can think of several times and can't find any problems. It was fine last night when I shut it down because I'd forgotten I had the speakers on and it did the 'shut down' noise as it turned off.

Only thing I haven't done yet is re booted it, guess I'll have to try that.

Any other ideas?

Well rebooting it didn't solve the problem.

Now I'm totally out of ideas.

chuck it away and get a new one?