[Hrgeeks] TrueCrypt and BitLocker cracked...

Matt Glaves matt at glaves.org
Wed Mar 31 20:22:12 EDT 2010 

It's odd that you picked that facet of that guy's story as your moral...

matt

On Wed, Mar 31, 2010 at 8:15 PM, Branson Matheson
<branson at sandsecurity.com>wrote:

> Agreed ... however .. we've been looking at a product that allows one to
> remove desktops w/o loss of power .. that plus this tool .. and if we impose
> standard config on the desktops .. gives one the capability.
>
> Where previously someone might have assumed use of TC on their work machine
> hid anything they didnt' want seen.. if I was a cagy IT Sec guy, I'd wait to
> catch the guy at work and walk in with physical security and ask them to
> step away from the machine.
>
> If the guy that busted at the border taught us all anything .. it's
> shutdown before crossing.
>
> On Mar 31, 2010, at 7:35 PM, Adam Crosby wrote:
>
> > I think that article is sort of misleading.  It uses DMA over firewire to
> grab the in-memory decryption key for the bitlocker and truecrypt drives.
>  It doesn't ACTUALLY break the encryption.  The computer has to be seized
> while powered on.  If the computer is powered off, you can no longer use the
> product to get access to the crypto keys.  Additionally, if you have
> firewire disabled (or don't have firewire at all), the product is useless.
> > I think someone locally is working on the equiv. for USB...should be
> possible with anything that uses DMA...
> > --
> > Adam
> >
> > On Mar 31, 2010, at 5:02 PM, Branson Matheson wrote:
> >
> >> Hey all ...
> >>
> >> Since this has been the subject of much discussion and the topic of not
> a few ISSA presentations lately.. I wanted to forward on this little gem.  A
> bit concerning.
> >>
> >>
> http://www.net-security.org/secworld.php?id=9077&utm_source=feedburner&utm_medium=email&utm_campaign=Feed%3A+HelpNetSecurity+%28Help+Net+Security%29
> >>
> >> All your bits are belong to us.
> >>
> >> -b
> >>
> >> Branson Matheson
> >> branson at sandsecurity.com
> >> 757-320-4230
> >>
> >>
> >>
> >>
> >>
> >> --
> >> _______________________________________________
> >> HRGeeks mailing list
> >> HRGeeks at hrgeeks.com
> >> http://hrgeeks.com/cgi-bin/mailman/listinfo/hrgeeks
> >> You are all sheep.
> >
> > --
> > _______________________________________________
> > HRGeeks mailing list
> > HRGeeks at hrgeeks.com
> > http://hrgeeks.com/cgi-bin/mailman/listinfo/hrgeeks
> > You are all sheep.
>
> --
> _______________________________________________
> HRGeeks mailing list
> HRGeeks at hrgeeks.com
> http://hrgeeks.com/cgi-bin/mailman/listinfo/hrgeeks
> You are all sheep.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://hrgeeks.com/pipermail/hrgeeks/attachments/20100331/3087823f/attachment.htm

More information about the HRGeeks mailing list