Thread: RFC: Flaw in BitLocker, Apple's FileVault, TrueCrypt, and dm-crypt
View Single Post
  #3 (permalink)  
Old 02-24-2008, 05:06 PM
nemo_outis
Guest
  
Posts: n/a
Default Re: RFC: Flaw in BitLocker, Apple's FileVault, TrueCrypt, and dm-crypt
"Sebastian G." <seppi@seppig.de> wrote in
news:62dmloF23c4ijU1@mid.dfncis.de:

....
> I found a really bigger vulnerability: The keys are in memory while
> the computer is still powered on. One could simply connect some
> hardware to the memory bugs and read it out directly...
....

The "some hardware" is already installed on many computers: Firewire. If
Firewire is enabled, the computer is on (even with keyboard locked, etc.),
and I have a few minutes access, I'm in. I can read/write all RAM - I own
the machine. It's known as the iPod/Firewire attack (for reasons I will be
happy to explain). See, for instance:
http://md.hudora.de/presentations/fi...PacSec2004.pdf

Yes, even for Windows XP (I just have to mess a little with OHCI CSRs). I

Regards,

Reply With Quote
Sponsored Links