On 01/14/2013 06:23 PM, Andri Rebentisch wrote:

fyi, Andri

-------- Original-Nachricht -------- Betreff: [Crypto Stick News] Vulnerabilities of Self-Encrypted SSDs Datum: Mon, 14 Jan 2013 17:14:51 +0100 Von: news@crypto-stick.com Antwort an: webmaster@crypto-stick.com, news@crypto-stick.com An: news@crypto-stick.com

Researchers found vulnerabilities of self-encrypted SSDs. From the abstract: "Self-encrypting drives (SEDs), such as Intel's SSD 320 and 520 series, are widely believed to be a fast and secure alternative to software-based solutions like TrueCrypt and BitLocker. [...] In this sense, hardware-based full disk encryption (FDE) is as insecure as software-based FDE. We also show that (2) there exists a new class of attacks that is specific to hardware-based FDE [Full Disk Encryption]. Roughly speaking, the idea of these attacks is to move an SED from one machine to another without cutting power, i.e., by replugging the data cable only. [...] Some machines are arguably more vulnerable when using SEDs." Watch the videos... [1]

This article: http://www.crypto-stick.com/node/74

[1] https://www1.cs.fau.de/sed

-- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech

Here is a german speech from the 29C3 in Hamburg, Germany, where the problems of SEDs are also mentioned: Unsecure SEDs Youtube <http://www.youtube.com/watch?feature=player_embedded&v=IzE2SKVP-MQ#%21> -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE