Monday, February 25, 2008
Do you use Microsoft Window’s Bitlocker? TrueCrypt? DMCrypt? Or whatever the hell Apple calls their disk encryption?
If you do. Here’s something for you to think about. That encryption key is more vulnerable than you probably realize. It’s always going to be sitting somewhere in your ram while you’re logged onto your system. If you put your machine to sleep, it’s going to be there. Even if you completely power off your laptop/computer, it will still be sitting in that ram chip for at least a little while.
This video demonstrates an attack against Bitlocker:
Want to feel safe again?
- Always shutdown your computer. Not sleep,hibernate, or any other lowpower state.
- Find a program to scramble your ram on shutdown.
- Don’t use liquid nitrogen to cool your ram.
- Reevaluate your encryption needs, because most likely you don’t need to encrypt the WHOLE disk. If you’re using linux; look into setting up encryption per user per their home folder.