Never knew spooks stayed up so late, it's a tropical island, its on flickr for the fishing expeditions by US personnel;, you would know that if they let you browse outside the firewall. For heavens sake the fishing maps and geosat photos are available on the web, the SW broadcasts are coming from the Yachts abusing "Ham to internet" links.

Do they ever let spooks out of bed or do they browse the internet all day.

Diego Garcia is a tropical island, unless you don't have acess to Google you can tan, catch fish and one of the bars was created on the surplus of beer according to the stationed persons own flickr album.

Unless this is sarcasm without comedic affect.

How did we get from "Security boffins unveil BitUnlocker" to arguing about the relative merits of Diego Garcia as a holiday destination?

Looks like you had one too many last night.

"Diego Garcia is a tropical island" - It's an atoll. No civilian population, no families - just a military base with military staff plus a few contractors. The bars are crap and the beer is stale. And you can't pull a bird. No-one likes being stationed there.

"unless you don't have acess to Google you can tan, catch fish..." - So those activities are dependent on having Google? Do I have to apply in advance to the Googleplex, or should I take my chances? You can fish off a rock if you want, but that doesn't necessarily make it a decent place. You can also tan on the airstrip ..... for the five minutes it takes the MPs to see you, grab you and chuck you in the back of the van.

"Never knew spooks stayed up so late" - It's a special deal ... we were waiting up just for you. Then again, maybe we're in another timezone, such as Diego Garcia for instance.

"you would know that if they let you browse outside the firewall" - Who do you think posted the (dis)information in the first place? Now you're thinking, 'was he being serious' or not? I'll leave that up to you to decide.

"geosat photos are available on the web" - Not with the anything worth looking at, unless some colleagues have truly messed up, but I doubt it.

"SW broadcasts are coming from the Yachts abusing "Ham to internet" links" - You shouldn't drink and post online. That's how accidents happen.

"Do they ever let spooks out of bed or do they browse the internet all day" - See above comment.

There aren't actually any spooks on Diego Garcia - it's a plain ol' military base. But I suppose I would say that, wouldn't I?

Sleep it off, peter.

"screen locks, hibernate, sleep, switch user etc. should all dump/overwrite crypto keys immediately"

Isn't that what the Blackberry OS (supposedly) does?? Somewhere deep in the help files, it states that it combines public-key crypto with AES to do this feat: the device's password unlocks the private key. When you "lock" the device, the priv key is securely wiped from RAM, the process is shown by a small "lock" icon that closes when the process is complete. Any incoming info to the device after that would be "encrypted by the public key" (which I assume means "AES key generated, data encrypted, stored, AES key encrypted with public key which then is stored along with data???). Thing is, the method not only protects the device's data while locked, it protects *any new data the device receives while locked*, which really sounds very secure.

So it seems my Blackberry is impervious to this method ... as long as it gets nicked while in "locked" mode. ;)

ummm, this is such an old method of retreiving data - I remember back in the

strong Amiga days having to reboot the machine after playing a game and

then using a module ripper to grab the song out of the machines memory

(a great way to get a tune of graphic you liked out of a game). since nothing

wiped the memory you could easily regain the classic tunes out of SpeedBall 2

etc.

the only thing that never really worked was getting music from a lof of demo disks as they never used tracker formats - or had their own format or special compression

methods or prodedural methods to generate music and graphical patterns.

so yes, its obvious that you can pull code/keys/passwords from the hot memory

of the machine.

but should the system be so insecure as to allow the booting of 3rd-party

media, USB sticks, etc. basic BIOS protection comes in here.

need to take a piss.

1. put PC into hibernate.

2. wait 1 min.

3. bonus steps... chain RAM module to desk,

4. go take piss. Maybe I should just take the RAM with me?

Erm, 1 minute is plenty to power off a machine and power it on again? As soon as the powers back on the memory is refereshed again yes?

I have for some time longed for a tool that could pull dump data from the memory of a freshly rebooted PC. Would be very handy for rescuing work from a crashed/locked up machine. Even a simple prog that dumps it to a file/lan. Anyone know of such a boot disk? Or a way of forcing a locked up windows machine to write a full memory dump to disk?

Roger Heathcote

Some of the games for the TRS-80 Colour Computer that came on cassette tape had copy protection and were designed to be difficult to 'back-up' using audio dubbing. In one case, the copy-protected program tape would first load in an auto-executing loader (by over-writing live memory!) that would, in a clever series of steps, change the tape reader routine to non-standard settings and the tape was formatted to match.

It took me many hours of hitting reset and then searching the 32k of memory using a simple BASIC routine to extract the chunks of 6809 machine code. I'd rewrite each code block to load in the next block of the seemingly-endless series of ever-changing auto-loaders. Eventually, I got to the actual program software I was after. Then it was simply a matter of writing it out to a non-copy protected copy on tape.

I think that the ONLY thing that can ever stop a determined and reasonably skilled hacker is when they have children. Then they don't have time for this crap.

Yes, TrueCrypt does let you create an undetectable hidden partition within the encrypted partition. Unfortunately, that ability is too widely publicised to be of any real value at all.

If you do find yourself being tortured for your keys, a really good way to get your fingers removed with a pair of garden shears is to have forgotten to create that second, "hidden" partition. Just about anyone who knows about TrueCrypt is going to know about the mysterious second password, so why would they be satisfied with only one password which reveals only one set of data?

"I think that the ONLY thing that can ever stop a determined and reasonably skilled hacker is when they have children. Then they don't have time for this crap."

Unfortunately, the sort of hacker involved is extremely unlikely to have children, until such time as the various bits of kit advertised in down-market jazz mags are capable of being fertilised.

A picture of Miss Hilton as wallpaper should do it.

Truecrypt 5 offers complete machine encryption. So TrueCrypt5 your Host OS, install VMWare, Create a Guest OS, install Truecrypt on Guest (with a different password) and the most anyone can do with this technique is gain access to the Host.

Long ago I had build a simple OS to replace the crappy TOS on my Atari ST machine. I was designed to take advantage of the fact that after power down, the memory stayed live for about 8 seconds. If my OS gained control before 8 seconds expired, it would actually bring the system back up in exactly the same state as it was before power down.

Funny enough this was needed, since the Atari hardware was flawy and chip subsystems would actually crash while the CPU and memory remained functional. So, this OS saved me from a lot of lost data/work I did on the machine.

It is nice to see that technology nowadays is also designed with the knowledge that the computer hardware is simply unreliable :-)

i wonder how theyd fare with truecrypt on a bitlocked volume on one of seagates encrypting momentus harddrives... the worlds most secure porn stash?

the macbook air might have an advantage here - its soldered in ram will be a royal pain to get at let alone freeze...