Encrypted harddisks are not safe
... at least not as safe as assumed
The harddisk encryption is only defense against simple theft.
A spy can install a tool on Alice's unattended computer and get to know the password for her encrypted disk.
Afterwards the spy Bob knows the password and can boot Alice's computer with its encrypted harddisk or can copy all the unencrypted disk data.
The so called "Evil Maid Attack" by Joanna Rutkowska replaces the boot code on disk to sniff Alice's password and continues with boot afterwards.
If the boot is protected by BIOS, Bob has to connect the encrypted disk to an own computer to install the tool.
If the encryption is hardware based there might be possibilities to hack the BIOS for a password sniffer. But this kind of encryption is much safer because Bob has to know a lot specifics about Alice's computer. Bob might run out of time doing his work without getting nabbed by Alice.
Mmh. I've to check the laptop of our team. I'm interested in how safe its encryption is ;-)
A spy can install a tool on Alice's unattended computer and get to know the password for her encrypted disk.
Afterwards the spy Bob knows the password and can boot Alice's computer with its encrypted harddisk or can copy all the unencrypted disk data.
The so called "Evil Maid Attack" by Joanna Rutkowska replaces the boot code on disk to sniff Alice's password and continues with boot afterwards.
If the boot is protected by BIOS, Bob has to connect the encrypted disk to an own computer to install the tool.
If the encryption is hardware based there might be possibilities to hack the BIOS for a password sniffer. But this kind of encryption is much safer because Bob has to know a lot specifics about Alice's computer. Bob might run out of time doing his work without getting nabbed by Alice.
Mmh. I've to check the laptop of our team. I'm interested in how safe its encryption is ;-)