mspencer712@programming.dev
on 25 May 10:24
nextcollapse
Wait, desoldering a chip and dumping contents makes an attacker “resourceful”? A sub-$50 hot air rework station (or $330-ish if you don’t want one that’ll burn your house down) and a $50 programming cable is … not a lot of resources.
well, isn’t security kind of about setting the “filter” for potential attackers? You can break a padlock with hammer, but it will keep out random people from wandering in. Having to rewire and program stuff to access this would keep many types of away. The kind of attacker who would want to go through all that trouble wouldn’t be kept away even with more secure methods most likely. Though I guess you could just take the drive and pay someone to deal with it, but still it would need at least some knowledge to even know what should be done with it.
Bro most people can barely heat up pizza rolls in the oven.
mspencer712@programming.dev
on 26 May 07:15
nextcollapse
I can’t tell if I communicated badly or I’m really just off the mark. But we already encrypt storage at rest, when we have valuable or sensitive data, because of the risk that thieves might read stolen data.
So take that a step farther. A thief can “know a guy” who spent a few hundred on soldering equipment and watched some tutorials on YouTube. We don’t consider sensitive data to be unavailable to thieves just because it isn’t readable via plug and play.
The opportunity to take you usb drive and copying its content real quick while you are distracted momentarily is eliminated. I can then decrypt it by calling the guy I know.
But I can’t call the guy I know with the $50 setup that can extract the data for me in that time. It’s not 100% unbreakable, but that doesn’t have to be the criteria…
threaded - newest
Wait, desoldering a chip and dumping contents makes an attacker “resourceful”? A sub-$50 hot air rework station (or $330-ish if you don’t want one that’ll burn your house down) and a $50 programming cable is … not a lot of resources.
well, isn’t security kind of about setting the “filter” for potential attackers? You can break a padlock with hammer, but it will keep out random people from wandering in. Having to rewire and program stuff to access this would keep many types of away. The kind of attacker who would want to go through all that trouble wouldn’t be kept away even with more secure methods most likely. Though I guess you could just take the drive and pay someone to deal with it, but still it would need at least some knowledge to even know what should be done with it.
Bro most people can barely heat up pizza rolls in the oven.
I can’t tell if I communicated badly or I’m really just off the mark. But we already encrypt storage at rest, when we have valuable or sensitive data, because of the risk that thieves might read stolen data.
So take that a step farther. A thief can “know a guy” who spent a few hundred on soldering equipment and watched some tutorials on YouTube. We don’t consider sensitive data to be unavailable to thieves just because it isn’t readable via plug and play.
What does any of that have to do with our pedantic argument about the use of the word “resourceful”?
The opportunity to take you usb drive and copying its content real quick while you are distracted momentarily is eliminated. I can then decrypt it by calling the guy I know.
But I can’t call the guy I know with the $50 setup that can extract the data for me in that time. It’s not 100% unbreakable, but that doesn’t have to be the criteria…
But I like how squishy and soft they are from the microwave…
Kinda cool idea;; but the key can’t be rewritten; so if something happens to your phone; it would be bricked.
So… not really that great??
Isn’t that arguably the nature of encryption, though? If you lose the key, you’re SOL by design.