Re: TrueCrypt broken



"Xavier Roche" <xroche@xxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:hpno6s$hk$2@xxxxxxxxxxxxxxxxxxx
Matt Mahoney a écrit :
http://www.storagenewsletter.com/news/security/passware-kit-forensic
Any idea how this works?

According to the site's description, it works on a live PC with a
truecrypt partition mounted, when the PC is "locked".

The technic claimed may exploit a firefiwre flaw (see for example
http://www.hermann-uwe.de/blog/physical-memory-attacks-via-firewire-dma-part-1-overview-and-mitigation),
and is supposed to be able to get the keys in the dumped memory.

However, the "password recovery algorithms" for encrypted files technic
is a bit vague and lacks description. Dictionnary attack, maybe ?

It may be useful in a few isolated cases, but for 99.9% of all
Truecrypt volumes (on powered down hard disks or flash disks) this will
be worthless unless the user encrypted with a weak password. In other
words: I'm not worried, I always log off when I leave my PC for any
length of time and I never leave it in standby mode. I currently don't
use Full Disk Encryption, but I keep thinking about it more and more
since it prevents someone from installing a keylogger on your machine.



.



Relevant Pages

  • [a.p] Passware Kit Forensic Decrypts TrueCrypt Hard Disks in Minutes
    ... Law enforcement organizations can easily access stored data from TrueCrypt hard disks of 'hot' computers ... Long believed unbreakable, TrueCrypt is a free open-source full-disk encryption software for Windows 7/Vista/XP, Mac OS X and Linux, that creates virtual hard disks with real-time encryption. ... In response to customer requests, especially from law enforcement organizations, Passware has enhanced Passware Kit Forensic to allow for memory acquisition of a seized computer over FireWire port, even if the computer is locked. ...
    (alt.privacy)
  • Re: How do I protect my "dump" sets against physical theft?
    ... I have a series of removable disks that I use to put ... As someone else mentioned you can use an encrypted file system. ... There are several solutions for automatic encryption of data written to the ... There are also hardware crypto devices you can get to offload the cost of ...
    (comp.os.linux.misc)
  • SecretDrive 1.0
    ... to create up to 8 encrypted virtual disks. ... strong "on the fly" data encryption by one of five ... hidden disks in an existing one, backup and restore secret disk ...
    (comp.software.shareware.announce)
  • Re: zfs-geli-zfs: opinions/suggestions
    ... have a freebsd 7.0-beta4 machine attached to an external disk enclosure and would like feedback on the following setup: have RAID-Z on 4 disks, ZFS volume that takes up entire RAID-Z, use ZVOL from volume for encryption via geli, use .eli device to make another ZFS pool. ... the idea being "no time/resources wasted doing fscks plus encryption sans hardware RAID". ... geli'ing the disks and creating a pool ontop of the encrypted disks (zpool create secure raidz ... i got a reboot while scp-ing some files to /a from another machine with the above setup. ...
    (freebsd-questions)
  • Re: How do I protect my "dump" sets against physical theft?
    ... I have a series of removable disks that I use to put ... "Passwords" implies encryption of some sort. ... If the dump is created as a file on the disk, ...
    (comp.os.linux.misc)