Last updated: 21st January 2005
Please note that this list of security flaws in the various On-The-Fly Encryption (OTFE) systems it covers should not be regarded as exhaustive.
The inclusion of any given package in the list below does not in itself imply that the package concerned is any less, or more, secure than other OTFE systems.
This page is only intended to give further details on some of the attacks outlined in On-The-Fly Encryption: A Comparison. It is highly recommended that you read through this comparitive review before reading this document.
Workarounds and fixes to security flaws mentioned are given where appropriate.
Security flaws found apply to those versions of the software packages mentioned. Later versions of the same software may incorporate fixes.
OTFE Volume Files, "Quick Create" Options, and Volume Initialization (verified to affect ScramDisk, SafeHouse, SAFE Folder and seNTry2020) A warning about OTFE volume file initialization and "quick create" options.
Sniffing the ScramDisk password cache (verified to affect v2.02h, v3.xx, and assumed to affect all previous versions) - Passwords can be easily taken from the ScramDisk driver. Includes demo with full source code.
Monitoring Keystrokes (affects all versions) - Using "KeyKey" to capture passwords as they are typed in. Even works while the RED SCREEN is being used.
ScramDisk Volumes Can Have Their Passwords "Reset" (affects v2.02h, and assumed to affect all previous versions) - ScramDisk volumes can have their passwords reset back to the original passwords used to create the volume
ScramDisk Volumes Can Contain Duplicate Information (affects v2.02h, and assumed to affect all previous versions) - Danger of ScramDisk volumes being correctly identified for what they are due to repeated information within them.
seNTry 2020 Volume Files Are Initialized to Containing Nothing But 0x00's - An attacker can tell how much information a volume has stored in it/how much use a volume has had.
seNTry 2020 Volume Files Are Excessivly Large - seNTry 2020 volumes may be easily recognised as such by an attacker; user's "plausible deniability" may suffer
StrongDisk Emergency Options: Volumes Secured with a Password Only - An attacker can tell how much information a volume has stored in it/how much use a volume has had.
StrongDisk Emergency Options: Volumes Secured with Both a Password and Keyfile - An attacker can tell how much information a volume has stored in it/how much use a volume has had.
Email me at: sdean12@sdean12.org
Return to the main page