Archive for the ‘Security’ Category

New security technology for 2.5-in encrypted hard disk drives

Monday, February 16th, 2009

There is a new security technology developed by Fujitsu Computer Products of America in order to make their 2.5 inch encrypted HDDs or hard disk drivers compatible with the Opal Security Subsystem Class. The Opal Security Subsystem Class is the latest storage security standard that was made known on the 27th of January 2009 by the Trusted Computing Group. This group is an international organization that is involved in setting the security standards for the new generation computing environments.

The Opal security subsystem class specifications of Trusted Computing Group has been assumed as an international standard with the main goal to create more secure IT work environments. When they are used in combination in supporting other application software the hard disk drivers which support Opal security subsystem class would enable sophisticated security solutions for a much wider array of computing platforms which also include notebook computers.

The Trusted Computing Groups has recently standardized the Opal security subsystem class specifications for advanced security solutions in the entire computing environments. Therefore as an active member of the Trusted Computing Group, Fujitsu has taken the initiative to led the formulation of the standard and they have even consequently developed the technology for their Opal based s2.5 inch hard disk drives feeding them with encryption features. Additionally, when this recently developed hard disk drier security technology is used in combination with some other application software that supports Opal security subsystem class would also enable superior security features such as secure partition and pre boot authentication.

The Pre-booth authentication feature in the computer basically performs authentications when starting up the PC. Therefore using the hard disk drives which supports the Opal security subsystem class standards would allows you to use the advanced authentication techniques like smart card authentication or biometric authentication. These features can even be use before starting up windows or any other operating system which makes it more possible to build an area that is more secure than previous ones which often rely on password input through keyboards.

The technology that enables the storage of hard disk drives is the secure partition that partitions it into a number of secure storage areas. Every partition can be protected under their own encryption key which would give access to just the valid owner of the partition and the users would be given access by their owners.  This for instance allows for content and its licensing data to be protected and stored in separate partitions so that different partitions can be used according to the nature of the data stored which enables intense secure data management. The Fujitsu Company is also currently working with an independent software dealer to implement all these new functions which would include Wave Systems, SECUDE, McAfee and WinMagic.

Vista security flaw exposed by ATI driver

Monday, January 12th, 2009

One of the unpatched flaw within the drivers, that too, from ATI goes on to create a means for smuggling malware-past improved ‘security defences’ in new-fangled Windows version and in to Vista Kernel. Right now, Microsoft is found working with ‘ATI’ with regards to an update that, as warned by the security watchers might not be that entire straight forward for rolling-out.

The presence of security-flaw within driver of ATI is reported to have come to light following the release of POC, i.e. proof-of-concept tool known as Purple Pill by Alex lonescu, a developer, which is said to have created a simplified way of loading and unloading unsigned, i.e. potentially malicious drivers with regards to Vista. Utility of this type has circumvented novel anti-rootkit defences that were constructed in to Vista by having turned off checks concerned with signed drivers.

Lonescu went on to pull utility hours (after release) after having realized that ATI driver flaw Purple is still left out, in terms of patching. Lonescu had picked this fact up during a presentation conducted by Joanna Rutkowska, a ‘Vista Kernel Expert’.

For the people who have no knowledge about ATI, let it be made clear that Purple Pill’s functionality is identical to Atsiv, i.e. a tool solely designed by Linchpin Labs, a developer of Australian origin. This design was considered to be a portion of research project concerned with driver signing. The response of Microsoft to Atsiv’s creation was by having revoked its certificate as well as classifying its utility in the form of ‘malware’, much to chagrin of ‘Linchpin Labs’. Technocrats would be surprised to know that Atsiv has gotten evolved in to a project which permits legacy hardware’s users to have used their kit with regards to Vista, that too, without any of the signed drivers.

Having followed an identical approach for ‘Purple Pill’ is not straight forward as mentioned above as such a thing piggybacks on the security certificate for hardware driver which has been installed in 50% of laptops.

As per the opinion of Ollie Whitehouse, one of the security researchers at Symantec, the above-mentioned situation can make just anyone associated with Microsoft start to weep. ATI would have to obtain a novel certificate, move ahead with signing fixed versions regarding the affected drivers, and release them through Windows Update. Just then Microsoft would get VeriSign for revoking the ‘signing certificate’.

All these things highlight broader problems in Vista’s code-signing. Atsiv has showed that getting an age-old code signed is very simple. As per the illustration of Purple Pill, signed drivers also have bugs. Symantec goes on to reckon design error occurring in driver of ATI as one of the ‘short-cuts’ designed for making the procedure of software development much more straightforward than ever before. Now, you can go on to imagine that such a thing has come about owing to one of the requirements for extending the core driver with many arbitrary modules with respect to design of ATI.