Free drive encryption

Alex Sage

@BBigford LVM works well =P

RamblingBiped

I'm using self-encrypting drives on mobile workstations if/when they can be implemented. Otherwise I use Veracrypt.

RamblingBiped

I mean... You could always just bipass encryption altogether and rig your drives with thermite, a biometric lock, and a remote trigger.

bbigford

@RamblingBiped said:

I mean... You could always just bipass encryption altogether and rig your drives with thermite, a biometric lock, and a remote trigger.

I like that idea. I'm still curious to hear thoughts on Bitlocker, if it is indeed secure anymore... Because I know it was vulnerable to cold boot attacks, but there have been some articles stirring around about various tools that have been released to decrypt Bitlocker volumes.

Dashrender

@BBigford said:

I've read quite a bit about various tools available, that can decrypt Bitlocker. I found an article from elcomsoft and a few others. They are paid programs, but I can't find the articles I read a while back about Bitlocker not being extremely safe anymore. Is there any truth in that or am I just blowing smoke when I don't recommend Bitlocker right out of the gate for a highly secure Windows PC? I know "highly secure" and "Windows PC" shouldn't be in the same sentence... nonetheless.

well you already said the Windows and highly secure.. so moving on....

Some might say you can't use BitLocker because it's no open source and you have no idea if MS has installed an extra key in every instance that they can use to decrypt your data. that said, I don't think they have.

Personally, for the standard things we need to be concerned about - a stolen laptop that had HIPAA data or some such, Bitlocker is totally acceptable. If you're worried about the NSA, then no, you can't use it.

Dashrender

@RamblingBiped said:

I'm using self-encrypting drives on mobile workstations if/when they can be implemented. Otherwise I use Veracrypt.

There are reports that the drive manufacturers can unlock those self-encrypting drives.

bbigford

@Dashrender said:

Personally, for the standard things we need to be concerned about - a stolen laptop that had HIPAA data or some such, Bitlocker is totally acceptable. If you're worried about the NSA, then no, you can't use it.

It's more of a search for the "gotcha" in Bitlocker. There's so much controversy behind it, I'm just curious if there is a "see... it's crackable with <method x> or <software x>." I haven't found any solid evidence throughout the years aside from the cold boot vulnerabilities, so that's why I turned to the community.

Dashrender

@BBigford said:

@Dashrender said:

Personally, for the standard things we need to be concerned about - a stolen laptop that had HIPAA data or some such, Bitlocker is totally acceptable. If you're worried about the NSA, then no, you can't use it.

It's more of a search for the "gotcha" in Bitlocker. There's so much controversy behind it, I'm just curious if there is a "see... it's crackable with <method x> or <software x>." I haven't found any solid evidence throughout the years aside from the cold boot vulnerabilities, so that's why I turned to the community.

Exactly - and I'm betting you won't find any either. It's like this FBI thing and the bomber's phone. I'm not sure I believe that anyone actually cracked the encryption on the phone. Personally I think that's a lie so they could drop a case they felt they were losing and didn't want to have a precedent set against them.

bbigford

@Dashrender said:

@BBigford said:

@Dashrender said:

Personally, for the standard things we need to be concerned about - a stolen laptop that had HIPAA data or some such, Bitlocker is totally acceptable. If you're worried about the NSA, then no, you can't use it.

It's more of a search for the "gotcha" in Bitlocker. There's so much controversy behind it, I'm just curious if there is a "see... it's crackable with <method x> or <software x>." I haven't found any solid evidence throughout the years aside from the cold boot vulnerabilities, so that's why I turned to the community.

Exactly - and I'm betting you won't find any either. It's like this FBI thing and the bomber's phone. I'm not sure I believe that anyone actually cracked the encryption on the phone. Personally I think that's a lie so they could drop a case they felt they were losing and didn't want to have a precedent set against them.

So you're speculating that Bitlocker is ultra secure, or any material on it is just being smothered?

BRRABill

@Dashrender said:

Exactly - and I'm betting you won't find any either. It's like this FBI thing and the bomber's phone. I'm not sure I believe that anyone actually cracked the encryption on the phone. Personally I think that's a lie so they could drop a case they felt they were losing and didn't want to have a precedent set against them.

I actually believe it.

It was for an older model, and only applicable under certain circumstances.

It like we always say, if they have the device, they'll eventually have the data.

BRRABill

@Dashrender said:

There are reports that the drive manufacturers can unlock those self-encrypting drives.

I've had Wave (who makes the software that locks the Samung SSDs I use) enable an unlocked drive.

I forget exactly what we did, and data was basically wiped clean, but if they have access to do that, who knows what they can really do...

Dashrender

@BBigford said:

@Dashrender said:

@BBigford said:

@Dashrender said:

Personally, for the standard things we need to be concerned about - a stolen laptop that had HIPAA data or some such, Bitlocker is totally acceptable. If you're worried about the NSA, then no, you can't use it.

It's more of a search for the "gotcha" in Bitlocker. There's so much controversy behind it, I'm just curious if there is a "see... it's crackable with <method x> or <software x>." I haven't found any solid evidence throughout the years aside from the cold boot vulnerabilities, so that's why I turned to the community.

Exactly - and I'm betting you won't find any either. It's like this FBI thing and the bomber's phone. I'm not sure I believe that anyone actually cracked the encryption on the phone. Personally I think that's a lie so they could drop a case they felt they were losing and didn't want to have a precedent set against them.

So you're speculating that Bitlocker is ultra secure,

ultra? who's to say - but I do consider it secure enough for the common man to use. Again, Healthcare worker trying to keep their PHI (personal health information) away from prying eyes on a stolen laptop, it's more than likely fine, the average thug on the street will just format it if able and reinstall Windows and move on. But if you're talking about a targeted attack, say the FBI is trying - then I have no idea how good it is against them trying to crack into it.

or any material on it is just being smothered?

No idea what you mean here.

Dashrender

I'll say this another more direct way.

If you are not a criminal, and are just trying to keep you data away from someone who steals your stuff, like a laptop or phone - then Bitlocker is mostly likely plenty to keep you safe.

But if you are a criminal and are looking to secure your crimes away from the NSA, FBI, InterPol, etc - then no, you should probably go with something other than Bitlocker.

Dashrender

@BRRABill said:

@Dashrender said:

Exactly - and I'm betting you won't find any either. It's like this FBI thing and the bomber's phone. I'm not sure I believe that anyone actually cracked the encryption on the phone. Personally I think that's a lie so they could drop a case they felt they were losing and didn't want to have a precedent set against them.

I actually believe it.

It was for an older model, and only applicable under certain circumstances.

It like we always say, if they have the device, they'll eventually have the data.

yeah - this is what I'm not really sure of. The iPhone 5 (or was it the 5s?) didn't have a secure enclave. If the security company found a way to hack into whatever chip held the security key - then who knows.. it's possible they found a way to get the key out.

BRRABill

@Dashrender said:

yeah - this is what I'm not really sure of. The iPhone 5 (or was it the 5s?) didn't have a secure enclave. If the security company found a way to hack into whatever chip held the security key - then who knows.. it's possible they found a way to get the key out.

I mean at some level, someONE knows someTHING, right?

Ultimately security rests in keeping the secret service dedicated, and people like Snowden from saying anything. If someone with the "keys to the kingdom" decides to go rogue ... who knows what could happen?

Dashrender

@BRRABill said:

@Dashrender said:

There are reports that the drive manufacturers can unlock those self-encrypting drives.

I've had Wave (who makes the software that locks the Samung SSDs I use) enable an unlocked drive.

I forget exactly what we did, and data was basically wiped clean, but if they have access to do that, who knows what they can really do...

There are multiple options here. If the system works as most do, Wave would simply be resetting the SSDs version of a secure enclave and now that it's locked any longer would allow a new key to be enabled in the enclave (only known to the enclave) and the system would consider the data on the drive as not there, blank, and now with the new key in the enclave, you basically start over.

Another option would be that they actually were able to get the enclave to give up the key (horrible design) and then they used that key to wipe the drive - but that seems unnessary.

Steve Gibson has a good podcast that talks about how self encrypting drives typically work - might be worth a listen.

Dashrender

@BRRABill said:

@Dashrender said:

yeah - this is what I'm not really sure of. The iPhone 5 (or was it the 5s?) didn't have a secure enclave. If the security company found a way to hack into whatever chip held the security key - then who knows.. it's possible they found a way to get the key out.

I mean at some level, someONE knows someTHING, right?

Ultimately security rests in keeping the secret service dedicated, and people like Snowden from saying anything. If someone with the "keys to the kingdom" decides to go rogue ... who knows what could happen?

Why do you assume someone has to know something? I don't agree with that at all.

Let's look at modern iPhones with the secure enclave.

The first time the phone boots, the secure enclave activates and generates a random key. That key is used to write everything that is written to the drive on the phone.

Now currently there is no security, because there is no lock on the secure enclave. One of the first things the iPhone has you do (I assume as I've actually never set one up) is setup a password or pin. That pin is encoded and saved in the secure enclave along side the previously generated random key.

From this point forward, the secure enclave won't allow the system to pass encryption/decryption requests through the secure enclave if the password/pin hasn't been properly presented.

So now someone steals your phone. Assuming you have the ten try thing enabled, after they try ten bad codes, the secure enclave wipes itself - wiping out both the password/pin provided by the owner AND the random key used to encrypt/decrypt the drive.

Now that the key is gone, the data on the drive is more or less useless. when the phone resets, it starts over from the top by reinitializing itself with a new randomly generated key, starts encrypting everything written to the phone with the new key, and asked for a new password or pin, and we start this whole process over again.

In this situation, no one but the owner of the device ever has to know anything about what is on the phone.

BRRABill

@Dashrender

Didn't Apple say they COULD do it, but wouldn't?

My point is that it is doable.

If someone really wanted it, and the people who could do it defected from Apple for the right amount of money...

Is that really so outlandish to even consider?

Dashrender

What I understood Apple to be able to do was write a newer version of the iOS that could be updated on the phone that would remove the 10 try disable feature on the iPhone.

That is what they were refusing to do.

Dashrender

Also, even if disgruntled employees did decide to do this, they wouldn't get very far because they would need Apple Signing Certificate to sign the code along with a nonce from the phone itself.

The way the iphones update works as follows:

iphone checks update server finds an update
iphone sends nonce to Apple,
Apple cryptographically signs nonce and update package
phone verifies that signature matches known good Apple cert from local, on phone archive
assuming good, installs update.

If the ex-employees don't have Apple certificate - they can't get anywhere.