Use BitLocker, DMCrypt, FileVault or Truecrypt? Think you're protected?

I think you're taking this a bit out of context; the method for extracting the passwords for the majority of them is via grabbing the memory from RAM during a live running system [with the exception of the Bit Locker one].

How many laptops are stolen while the laptop is still running? hardly any. TrueCrypt and the majority of other encryption methods are still very much secure with that in respect.

This type of attack has been around a while, heck even PGP had a similar flaw not so long ago.
 
garyh said:
How many laptops are stolen while the laptop is still running? hardly any.
Click to expand...

Not at all. How many people suspend or hibernate their machines rather then shutting them down? More importantly, how likely are the people that do this end up being the numpties losing sensative data?

Burnsy
 
So if someone sprays liquid nitrogen on your pc just after it's been turned off via the power button they may be able to gain access to encryption keys stored in memory.... nothing to worry about then.

Pwned said:
Not at all. How many people suspend or hibernate their machines rather then shutting them down?
Click to expand...

The attack doesn't work on hibernated systems as the encrpytion programs wipe the key from memory before hibernating. I doubt it would even work on systems in standby, as programs like truecrypt wipe the keys from memory automatically when standby is initiated, the software developers have long taken measures to prevent this kind of attack.
 
Last edited:
I think you're oversimplying it - it challenges the view that disk encryption is 100% secure as long as the key is complex enough, which is valuable.

There's an easy way around it though, and that's to design RAM chips to lose their contents faster.
 
Pwned said:
Not at all. How many people suspend or hibernate their machines rather then shutting them down? More importantly, how likely are the people that do this end up being the numpties losing sensative data?

Burnsy
Click to expand...

Don't get me wrong, you do have a very valid post with regards to the flaws with certain encryption vendors products; however its hardly ground breaking stuff and has certainly been around a long time.

But all I'm saying is it would take a hardened thief to extract something useful from this type of method, the quickness at which the RAM fades would mean they would pretty much have to execute something like this 'on site' or in a location very near to the attack - something which would not be feasible for the majority of thefts - and if they were that close to the attack they could use a variety of other methods to extract useful information from a client also.
 
Caged said:
I think you're oversimplying it - it challenges the view that disk encryption is 100% secure as long as the key is complex enough, which is valuable.
Click to expand...

Brute force will break any encryption key, except for possibly one time pads. So there never was a view that encryption was 100% secure.
 
Caged said:
It depends on how many thousands of years you feel like waiting though.
Click to expand...

Brute force could guess the key on the first try, so there is no guarantee that encryption will even hold out for a long time. This is a old and well known about technique, it's not even newsworthy. It only applies to full disk and partition encryption systems, and even then it won't work if that encrypted data is on a ramdisk. The only practical purpose this attack has is on systems that are already running, even then you can't gain access the private data if it has been encrypted with something like winrar.
 
Last edited:
You must log in or register to reply here.
Back
Top Bottom