Elcomsoft $300 decryption tool.
igb at batten.eu.org
Sun Dec 23 11:01:49 GMT 2012
On 21 Dec 2012, at 18:02, Ben Laurie <ben at links.org> wrote:
> On Fri, Dec 21, 2012 at 9:48 AM, Brian L Johnson
> <brian at thejohnsons.co.uk> wrote:
>> "This $299 tool is reportedly capable of decrypting BitLocker, PGP, and
>> TrueCrypt disks in real-time"
> Somewhat misleadingly labeled product - it is actually a key stealing tool.
And one which makes you ponder if they're still worrying about having to rewind VHS tapes before returning them to the video rental store. People who want to scare the money from the pockets of the gullible with talk of key-stealing attacks immediately invoke the fact that Firewire ports can do DMA all over memory. Firewire ports. On Windows. In 2012. What proportion of machines does that cover? And as for practical purposes no-one is using it, how hard would it be to either disable in the BIOS or fill with Araldite?
[[ Apple, quietly, have addressed this issue with the "destroyfvkeyonstandby" option to pmset --- combined with standby and hibernatemode 3 or 25, you use standbydelay to say "on closing the lid, go to sleep, but after standbydelay seconds turn off the RAM and destroy the Filevault keys". ]]
More information about the ukcrypto