Re: [Fed-Talk] Drive Encryption - Filevault - Step By Step Instructions To Break It
Re: [Fed-Talk] Drive Encryption - Filevault - Step By Step Instructions To Break It
- Subject: Re: [Fed-Talk] Drive Encryption - Filevault - Step By Step Instructions To Break It
- From: "Miller, Timothy J." <email@hidden>
- Date: Thu, 21 May 2009 09:49:45 -0400
- Acceptlanguage: en-US
- Thread-topic: [Fed-Talk] Drive Encryption - Filevault - Step By Step Instructions To Break It
On 5/20/09 4:37 PM, "Michael Pike" <email@hidden> wrote:
> This may have been covered here and I missed it, but someone (CNET) did a step
> by step procedure for breaking FileVault, it looks to have taken less than 5
> minutes. I found it very interesting... although they used OS X for the
> sample, it appears to also work with BitLocker and others.
It's a RAM persistence attack. It'll work to scrape data from *any*
application that uses main system memory, including Pointsec, S/MIME email
keys, SSL keys, etc.
Expensive countermeasure: Use a cryptoprocessor for key material. Duh. :)
Cheap countermeasure: Turn off the damn machine when not in use, traveling,
or in a situation where theft is a concern.
-- Tim
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden