01-13-2011, 04:15 PM
|
| |
 Re: TrueCrypt hack?
On Thu, 13 Jan 2011 11:48:35 -0500, casperian wrote:
> On 13 Jan 2011 12:18:29 -0000, Happy New Year wrote:
>
>> On 12 Jan 2011 23:08:11 -0000, Rooster <remailer@reece.net.au> wrote:
>>
>>>has anyone here taken a look at this website:
>>>
>>>http://www.legaltechtoday.com/2010/0...-kit-forensic-
>>>decrypts-truecrypt-hard-disks-in-minutes-prnewswire/
>>>
>>>"Passware Inc., a provider of password recovery, decryption, and
>>>evidence discovery software for computer forensics, announced that
>>>the latest version of its flagship product, Passware Kit Forensic,
>>>has become the first commercially available software to break
>>>TrueCrypt hard drive encryption without applying a time-consuming
>>>brute-force attack. It was also the first product to decrypt
>>>BitLocker drives."
>>>
>>>
>> October 23, 2009
>> "Evil Maid" Attacks on Encrypted Hard Drives
>>
>> Earlier this month, Joanna Rutkowska implemented the "evil maid" attack
>> against TrueCrypt. The same kind of attack should work against any
>> whole-disk encryption, including PGP Disk and BitLocker. Basically, the
>> attack works like this:
>>
>> Step 1: Attacker gains access to your shut-down computer and boots it from
>> a separate volume. The attacker writes a hacked bootloader onto your
>> system, then shuts it down.
>>
>> Step 2: You boot your computer using the attacker's hacked bootloader,
>> entering your encryption key. Once the disk is unlocked, the hacked
>> bootloader does its mischief. It might install malware to capture the key
>> and send it over the Internet somewhere, or store it in some location on
>> the disk to be retrieved later, or whatever.
>>
>> You can see why it's called the "evil maid" attack; a likely scenario is
>> that you leave your encrypted computer in your hotel room when you go out
>> to dinner, and the maid sneaks in and installs the hacked bootloader. The
>> same maid could even sneak back the next night and erase any traces of her
>> actions.
>>
>> This attack exploits the same basic vulnerability as the "Cold Boot" attack
>> from last year, and the "Stoned Boot" attack from earlier this year, and
>> there's no real defense to this sort of thing. As soon as you give up
>> physical control of your computer, all bets are off.
>>
>> Similar hardware-based attacks were among the main reasons why
>> Symantec’s CTO Mark Bregman was recently advised by "three-letter agencies
>> in the US Government" to use separate laptop and mobile device when
>> traveling to China, citing potential hardware-based compromise.
>>
>> PGP sums it up in their blog.
>>
>> No security product on the market today can protect you if the
>> underlying computer has been compromised by malware with root level
>> administrative privileges. That said, there exists well-understood common
>> sense defenses against "Cold Boot," "Stoned Boot" "Evil Maid," and many
>> other attacks yet to be named and publicized.
>> http://www.schneier.com/blog/archive...aid_attac.html
>
> wow.
>
> Would Tor help stop this?
NO...Tor would mean you are online and your ram is alive...
Evildoers can then get your keys...
THANKS
--
Tech, computer repair specialist (on the side), part time Tech
Pro poster to Wilders Security...home base...On usenet to help noobs
Not me...  |
Linear Mode
