DELETED_5350

Sin_Chase · 5 Sep 2011 at 19:02

It's easier to just use TrueCrypt and be done with it

Phil2008 · 5 Sep 2011 at 20:30

I was watching click yesterday and Spencer was on about this website that you register your pc at, or something like that. Then if your pc gets stolen, you report its stolen on this site, and as soon as your pc goes on line, the site tells you where its located at.

After watching that, I decided to use TrueCrypt on my main backup hdd, thats internally installed. So if pc does ever gets pinched, I know theres no info on pc worth having, without trying to get into the encrypted drive.

I have got a 2nd copy of my main backup aswel, if some ppl were thinking "why have your main backup in the pc"

Phil2008 · 5 Sep 2011 at 20:42

The beginning of this episode of click, tells you about the pc stolen site.

http://www.bbc.co.uk/programmes/b006m9ry

MagicBoy · 5 Sep 2011 at 20:52

neil_g said:
re bitlocker - an MS trainer recently told us of a lecturer at a seminar which cracked bitlocker in under 30 mins on stage. apparently it involved hibernate and the encryption keys being written to the hibernate file in plain text..

Hibernate dumps the contents of memory to a single file. It would stand to reason that if you knew where you were looking you could obtain/decode the bitlocker key from there. It would be interesting to find out if TPM equipped machines are also vulnerable to this attack.

Ev0 · 5 Sep 2011 at 23:34

Which is why when using FDE encryption don't hibernate/sleep, just shutdown

I think it also works on TPM equipped machines, I'd have to read up on it to confirm though.

Phil2008 · 5 Sep 2011 at 23:55

Ummm,,, As long as the hibernate file is disabled its fine, cos if pc is in sleep when the the power is killed for the burglar to take your pc, all info is lost from the mem anyway. Thats if your meaning a desktop pc

Rainagul · 6 Sep 2011 at 00:11

My friend had a similar issue, he opted for securing the hard disks securely (bolted in basically) to a drawer to his table that was locked by key. It was secure, but was a hassle every time he needed to move them. Bit of DIY encryption for you

rarryawn · 6 Sep 2011 at 00:31

Its not just Bitlocker that suffers from the hibernation key dump weakness. Truecrypt also does as it stores the key in memory. If the computer is running, with the key somewhere in memory (its not hidden at all, just sitting there somewhere) then all bets are off!

Bitlocker even has a software tool for authorities, which gets that key from memory for them.

Of course anyone trying to steal/seize your pc will probably just unplug so in all likelihood unless you have made yourself a target by posting a large sign saying "valuable information here" then its fine!

CaptainCrash · 6 Sep 2011 at 09:29

rarryawn said:
Of course anyone trying to steal/seize your pc will probably just unplug so in all likelihood unless you have made yourself a target by posting a large sign saying "valuable information here" then its fine!

Even if the PC is completely powered off, it's not necessarily secure if someone gets physical access without your knowledge and performs a successful "evil maid" attack (love that term!)... the encrypted data will be safe *until* the next time the system is launched and authenticated, at which time, bang, all your data are belong to us.

Not even BitLocker with TPM is safe, apparently (haven't read and digested it yet).

I suppose, again, it's technically more an exploitation of improper use rather than a weakness of the encryption itself, and it's unlikely that Delroy the Mouth Breather and his mates who turned over your gaffe would have the required... err... wherewithal to carry out such an attack.