[Hrgeeks] TrueCrypt and BitLocker cracked...
Matt Glaves
matt at glaves.org
Wed Mar 31 21:04:44 EDT 2010
I don't think we have to worry about those wily NC border patrol agents....
matt
On Wed, Mar 31, 2010 at 8:59 PM, Branson Matheson
<branson at sandsecurity.com>wrote:
>
> Well .. I am not condoning *what* he was doing .. more my concern is that
> that the border patrol feels like they have no 4th amendment restrictions.
> And considering we in HR are all with in 100 miles of the border .. we're
> all subject to that lack of restriction.
>
> On Mar 31, 2010, at 8:22 PM, Matt Glaves wrote:
>
> It's odd that you picked that facet of that guy's story as your moral...
>
> matt
>
> On Wed, Mar 31, 2010 at 8:15 PM, Branson Matheson <
> branson at sandsecurity.com> wrote:
>
>> Agreed ... however .. we've been looking at a product that allows one to
>> remove desktops w/o loss of power .. that plus this tool .. and if we impose
>> standard config on the desktops .. gives one the capability.
>>
>> Where previously someone might have assumed use of TC on their work
>> machine hid anything they didnt' want seen.. if I was a cagy IT Sec guy, I'd
>> wait to catch the guy at work and walk in with physical security and ask
>> them to step away from the machine.
>>
>> If the guy that busted at the border taught us all anything .. it's
>> shutdown before crossing.
>>
>> On Mar 31, 2010, at 7:35 PM, Adam Crosby wrote:
>>
>> > I think that article is sort of misleading. It uses DMA over firewire
>> to grab the in-memory decryption key for the bitlocker and truecrypt drives.
>> It doesn't ACTUALLY break the encryption. The computer has to be seized
>> while powered on. If the computer is powered off, you can no longer use the
>> product to get access to the crypto keys. Additionally, if you have
>> firewire disabled (or don't have firewire at all), the product is useless.
>> > I think someone locally is working on the equiv. for USB...should be
>> possible with anything that uses DMA...
>> > --
>> > Adam
>> >
>> > On Mar 31, 2010, at 5:02 PM, Branson Matheson wrote:
>> >
>> >> Hey all ...
>> >>
>> >> Since this has been the subject of much discussion and the topic of not
>> a few ISSA presentations lately.. I wanted to forward on this little gem. A
>> bit concerning.
>> >>
>> >>
>> http://www.net-security.org/secworld.php?id=9077&utm_source=feedburner&utm_medium=email&utm_campaign=Feed%3A+HelpNetSecurity+%28Help+Net+Security%29
>> >>
>> >> All your bits are belong to us.
>> >>
>> >> -b
>> >>
>> >> Branson Matheson
>> >> branson at sandsecurity.com
>> >> 757-320-4230
>> >>
>> >>
>> >>
>> >>
>> >>
>> >> --
>> >> _______________________________________________
>> >> HRGeeks mailing list
>> >> HRGeeks at hrgeeks.com
>> >> http://hrgeeks.com/cgi-bin/mailman/listinfo/hrgeeks
>> >> You are all sheep.
>> >
>> > --
>> > _______________________________________________
>> > HRGeeks mailing list
>> > HRGeeks at hrgeeks.com
>> > http://hrgeeks.com/cgi-bin/mailman/listinfo/hrgeeks
>> > You are all sheep.
>>
>> --
>> _______________________________________________
>> HRGeeks mailing list
>> HRGeeks at hrgeeks.com
>> http://hrgeeks.com/cgi-bin/mailman/listinfo/hrgeeks
>> You are all sheep.
>>
>
> --
> _______________________________________________
> HRGeeks mailing list
> HRGeeks at hrgeeks.com
> http://hrgeeks.com/cgi-bin/mailman/listinfo/hrgeeks
> You are all sheep.
>
>
>
> --
> _______________________________________________
> HRGeeks mailing list
> HRGeeks at hrgeeks.com
> http://hrgeeks.com/cgi-bin/mailman/listinfo/hrgeeks
> You are all sheep.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://hrgeeks.com/pipermail/hrgeeks/attachments/20100331/748fabe0/attachment.htm
More information about the HRGeeks
mailing list