From owner-freebsd-security@FreeBSD.ORG  Mon Mar 13 09:03:39 2006
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
X-Original-To: freebsd-security@freebsd.org
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 7269216A41F
	for <freebsd-security@freebsd.org>;
	Mon, 13 Mar 2006 09:03:37 +0000 (UTC) (envelope-from silby@silby.com)
Received: from relay03.pair.com (relay03.pair.com [209.68.5.17])
	by mx1.FreeBSD.org (Postfix) with SMTP id E09AD43D46
	for <freebsd-security@freebsd.org>;
	Mon, 13 Mar 2006 09:03:36 +0000 (GMT) (envelope-from silby@silby.com)
Received: (qmail 18031 invoked from network); 13 Mar 2006 09:03:35 -0000
Received: from unknown (HELO localhost) (unknown)
	by unknown with SMTP; 13 Mar 2006 09:03:35 -0000
X-pair-Authenticated: 209.68.2.70
Date: Mon, 13 Mar 2006 03:03:33 -0600 (CST)
From: Mike Silbersack <silby@silby.com>
To: Peter Jeremy <peterjeremy@optushome.com.au>
In-Reply-To: <20060130073935.GA702@turion.vk2pj.dyndns.org>
Message-ID: <20060313025812.S85735@odysseus.silby.com>
References: <drgdg9$1klu$9@nermal.rz1.convenimus.net>
	<20060129022943.GJ2341@turion.vk2pj.dyndns.org>
	<dri7ra$1ouq$1@nermal.rz1.convenimus.net>
	<20060130073935.GA702@turion.vk2pj.dyndns.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Cc: freebsd-security@freebsd.org
Subject: Re: Should I use gbde or geli?
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Mar 2006 09:03:39 -0000


On Mon, 30 Jan 2006, Peter Jeremy wrote:

>> If some burglar were to steal the
>> computer it most likely would be cut off from power.
>
> If I knew that the computer had sensitive information that would be
> lost to me if the computer got powered off, I would ensure that the
> computer didn't lose power whilst I was stealing it.  Maybe I can
> steal the UPS with the computer.  If not, I could try opening the
> case and paralleling my own supply.
>
> -- 
> Peter Jeremy

I know I'm coming in on this thread WAY late, but I thought I'd throw one 
more piece of info in here.  If I'm not mistaken, an easier way to recover 
the key would be to use firewire, if the server has a firewire port. 
Theoretically you should be able to make a custom FreeBSD kernel that 
will dump the contents of another machine's memory just by connecting to 
its firewire port.

But that's just info I've gleaned from skimming bugtraq, it could be 
wildly inaccurate.

> Actually, even though you haven't mentioned the company, someone with
> the resources to consider breaking AES would probably not find it too
> difficult to find the company's name.  You _have_ admitted that you
> are one of the people who knows the passphrase.

Hey, if we come up with a good attack plan, do you think those people 
would find us and hire us to do the attack? :)

Mike "Silby" Silbersack