The InfoSec Blog

Not Microsoft’s fault?

Posted by Anton Aylward

Data can leak from partially encrypted disks

"Information is spilling out from the encrypted region into the unencrypted region"

Help me here. Why would you have an only partially encrypted drive? Yes, that's easy to set up with Linux where you have many partitions. In fact failing to encrypt swap is a classical mistake.

But with Windows you have to quite explicitly set up partitions and move stuff around. The 'out of the box' default is a single partition with the system, data and swap all in the one partition. Yes, I've set up "D:" partitions and moved the user data (desktop etc) there. I've also set up a partition for the swap file. It helps with matters like fragmentation and backup management. But it takes thought, planning and deliberate action.

So why might you be keeping only part of your hard drive encrypted? I don't know.

I can imagine a Windows user who has an encrypted USB drive and a clear (as in out of the box) main drive could hit this situation, but as data leakage goes I suspect this is small fry. The 'potentially huge issue' may not be that earth shattering.

Since this is being presented at Usenix HotSec later this month perhaps it is a Linux issue. Damned journalists - so vague ... Full-Disk Encryption Is Partial Protection, Analysts Say

Zemanta Pixie