Discussion:
Canned air hack?
(too old to reply)
Buzz Murdoch
2008-02-24 05:03:05 UTC
Permalink
Raw Message
http://arstechnica.com/news.ars/post/20080221-researchers-crack-filevault-bitlocker-with-canned-air-hack.html

"The paper describes algorithms for recognizing and extracting AES,
DES, RSA, and tweak key information from memory. The authors have also
turned these on most of the common encryption methods, including
TrueCrypt and dm-crypt, as well as Mac OS-X's FileVault and Vista's
BitLocker. "

Can anyone shed some light on this? Are products such has DriveCrypt
vulnerable?
nemo_outis
2008-02-24 06:14:54 UTC
Permalink
Raw Message
Post by Buzz Murdoch
http://arstechnica.com/news.ars/post/20080221-researchers-crack-filevau
lt-bitlocker-with-canned-air-hack.html
"The paper describes algorithms for recognizing and extracting AES,
DES, RSA, and tweak key information from memory. The authors have also
turned these on most of the common encryption methods, including
TrueCrypt and dm-crypt, as well as Mac OS-X's FileVault and Vista's
BitLocker. "
Can anyone shed some light on this? Are products such has DriveCrypt
vulnerable?
Extensively covered in alt.privacy & sci.crypt and on the Truecrypt
forums.

It's old news - I posted about it in alt.privacy in 2003. Moreover,
it's not really about OTFE software per se - it's about a general
hardware/physical security problem with RAM memory that can be used to
access/retrieve *all sorts* of memory data - but, yes, including OTFE
keys.

The problem, while real, is being overhyped, and there are workarounds.

Regards,

Loading...