Archive

Posts Tagged ‘Bitlocker’

Passware release Bitlocker/Truecrypt Decryption Tool

April 5, 2010 Leave a comment

Following on from my post “10 Things You Don’t Want To Know About Bitlocker”, “TPM Undressed” and “Firewire Attacks Revisited” it recently came to my attention that Passware, Inc. A feisty California company has released a version of their forensic software which will decrypt Bitlocker and TrueCrypt protected hard disks via the classic Firewire vulnerabilities.

A full write-up can be found on the Passware site, but simply, given a machine that’s running, but has encrypted drives (for example one using Bitlocker in TPM-only mode, or a machine which is suspended, not hibernated). As to how to do it, well they have implemented the exploit in a very neat and usable way:

Read more…

Advertisements

Cold Boot Attacks Revisited (again).

September 16, 2009 2 comments

Following my recent post on FireWire Attacks, I thought I’d follow up on that other classic Full Disk Encryption exploit, The “Cold Boot Attack”.

Back in February 2008 a group of clever Princeton students published their infamous paper “Lest We Remember: Cold Boot Attacks on Encryption Keys“. Though the retention of data in RAM chips has been known since their invention, and certainly since at least 1978, The “Princeton Paper” reminded us that when you turn a computer off, it does not mean all the data from memory is instantly gone, and of course, if something important remained, like an encryption key, then your computer security might be vulnerable. Read more…

10 Things you don’t want to know about Bitlocker…

August 28, 2009 18 comments

Nov 2015 Update – It seems bitlocker sans pre-boot has been trivially insecure for some time according to Synopsys hacker Ian Hakan, who found a simple way to change the Windows password and thus allow access to data even while Bitlocker was active. 

So, with the forthcoming release of Windows 7, the ugly beast known as “Bitlocker” has reared its head again.

For those of you who were around during the original release of Bitlocker, or as it was known then “Secure Startup”, you’ll remember that it was meant to completely eliminate the necessity for third party security software. Yes, Bitlocker was going to secure our machines against all forms of attack and make sure we never lost data again.

What happened?

Read more…