New form of attacking encryptation...

[impar]

Greetings!

Cold boot disk encryption attack is shockingly effective

Since the encryption key for systems like BitLocker and FileVault lives in RAM, all an attacker has to do to get it is cool the RAM modules with the air duster held upside down, yank the DIMM, and insert it into another machine, where it can then be read to access the key. Of course, this assumes that you've already typed in your password, but check the video after the break to see how long bits in RAM stay written -- even if you've turned off your computer, there's a chance the key can still be read.

[impar]

Greetings!

Bootable flash key makes disk encryption attacks super-simple

... you remember that disk encryption attack that involved cooling off your target's RAM and yanking it to get a bitdump before the contents faded? Well, it looks like things just got a lot simpler for would-be attackers -- check out this USB flash key designed by security researcher Robert Wesley McGrew, which can boot your machine and dump the RAM to itself without altering its contents. That means you no longer need to actually pull the DIMMs or carry around an air duster; all an attacker needs is enough time to reboot your machine and copy the contents of your RAM.

[impar]

Greetings!

Windows passwords easily bypassed over Firewire
...
Unlike those disk encryption attacks we saw that required a reboot, Boileu's attack works while the target computer is running, tricking Windows into allowing full write access to RAM and then corrupting the password protection code. That's a little scary -- but other researchers say that it's not a traditional vulnerability, since direct memory access is a feature of Firewire.
...
Update: Apparently this has been demonstrated on OS X as well -- it looks like Firewire's direct memory access is the common vector here.


Moved to Software.

[Seawolf]

Hmm, don't think it'd work on Vista x64 what with ASLR.

[bardu]

.... those Linux things are amazing! I guess a PC is truly secure when it's well placed in a bank like vault!

[Seawolf]

Indeed, that's been true for a long time. Most people aren't going to be too worried about an attack that needs physical access.

[impar]

Greetings!

Source code released for canned-air FileVault/BitLocker hack

The same group of researchers that published a paper last February detailing how their team hacked into and recovered data from a group of supposedly secure laptops have now released the source code to the programs they used in their "cold boot" experiment. Such software could be useful to any law enforcement agency looking to take advantage of the group's research, as well as to any security vendor attempting to plug the hole.