>From a Computerworld blog.
--Jerry
When encryption doesn't work
By Robert L. Mitchell on Wed, 07/26/2006 - 12:00pm
In my interview with Ontrack Data Recovery this week (see
Recovery specialists bring data back from the dead:
http://www.computerworld.com/act
ion/article.do?command=printArticleBasic&art
icleId=112460),
quite a bit hit the cutting room floor, including these
three bananas by
Mike Burmeister, director of engineering for data recovery:
Encrption can be broken
I was surprised to learn that Ontrack regularly recovers
encrypted data
on systems where the user has lost the key. "There's
only a couple of
technologies where we would run into a roadblock [such as]
some of the
new laptops that have passwords that are tied to the media
and to the
BIOS," says Burmeister. That raises the question: if
they can do it, who
else can?
On encrypted systems that are more difficult to crack,
OnTrack also has
a secret weapon. "Certain situations involve getting
permission to get
help from the manufacturer," he says.
Broken CDs still yield data
Ontrack can also reassemble and recover data from CD-ROM
discs that have
been broken into pieces. If you're using CDs for backups of
sensitive
data, it's probably best to shred them.
Tapes work. People fail
Among the tape problems Ontrack sees most often are those
related to
human errors, such as accidentally erased or formatted
tapes.
"Formatting the wrong tapes is the most common
[problem] by far. The
other one is they back up over a tape that has information
on it. The
general thing is they back up the wrong data. We'll get the
tape in and
they'll say, 'The data I thought was on this tape is not
on it.'"
While those failures can be attributed to confusion, another
failure is
the result of just plain laziness. "People run these
backup processes
and they're not simple anymore. They run these large,
complex tape
libraries and they call that good enough. They don't
actually go through
the process of verifying [the tape]," Burmeister says.
The result:
disaster strikes twice: once when the primary storage goes
down and
again when the restore fails.
For more on how the technical challenge of recovery have
raised the
stakes and what you can do to protect your data, see the
story above.
Filed under : Security | Software | Storage
Robert L. Mitchell's blog
James Earl wrote:
It's really too bad that ComputerWorld deems to edit these
explainations. Especially when you consider its all
ELECTRONIC paper.
Posted on Thu, 07/27/2006 - 4:12pm| reply
Security Skeptic wrote:
CDs (and DVDs) are very effective targets for recovery,
because they
have massive error correction and the data is
self-identifying because
of the embedded sector IDs. It's quite possible to recover
a CD that has
been shredded, not just broken.
A few years ago, there was academic research describing
automated
reassembly of shredded documents by scanning the bits and
matching the
rough edges of along the cuts. I'm sure that technology has
improved,
too.
The moral of the story is that physical destruction is hard.
Grinding to
powder and heating past the Curie point are pretty reliable,
but short
of that, it's tough. You're better off encrypting, as long
as the key
actually is secret.
Posted on Thu, 07/27/2006 - 4:44pm| reply
Security Skeptic wrote:
Computer BIOS passwords: easy to recover by resetting or
other direct
access to CMOS. You can do this at home.
Disk drive media passwords: hard to recover, but possible by
direct
access to flash memory on the drive. This is tough to do at
home, but
probably a breeze for OnTrack.
Disk drive built-in hardware encryption (which as far as I
know is only
a Seagate feature so far) should be essentially impossible
to recover,
unless Seagate has built in a back door, has fumbled the
implementation,
or the password is simple enough to guess. Same is true for
software-
based full-disk encryption: it can be invulnerable in the
absence of
errors. Use it properly, and you'll never have to worry
about your data
if the computer is lost or stolen.
Posted on Thu, 07/27/2006 - 4:54pm| reply
Iain Wilkinson wrote:
Surely it's far more common to use the BIOS to prevent a
hard drive
being mounted in another device that to encrypt it.
As one of the other commentators says, the BIOS is pretty
easy to get
into if you know what you are doing. Basing an encryption
system on this
would inherit all its weaknesses.
Posted on Fri, 07/28/2006 - 7:53am| reply
------------------------------------------------------------
---------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe
cryptography" to majordomo metzdowd.com
|