Home Random Sh17cast Forums

Cold Boot Beats Your Disk Encryption

Monday, February 25, 2008

Do you use Microsoft Window’s Bitlocker?   TrueCrypt?  DMCrypt?  Or whatever the hell Apple calls their disk encryption?

If you do.  Here’s something for you to think about.   That encryption key is more vulnerable than you probably realize.  It’s always going to be sitting somewhere in your ram while you’re logged onto your system.  If you put your machine to sleep, it’s going to be there.   Even if you completely power off your laptop/computer, it will still be sitting in that ram chip for at least a little while.

This video demonstrates an attack against Bitlocker:


Want to feel safe again?

  • Always shutdown your computer.  Not sleep,hibernate, or any other lowpower state.
  • Find a program to scramble your ram on shutdown.
  • Don’t use liquid nitrogen to cool your ram.
  • Reevaluate your encryption needs, because most likely you don’t need to encrypt the WHOLE disk.  If you’re using linux; look into setting up encryption per user per their home folder.

Discover and Share
posted by johntash at 6:47 pm  

No Comments

No comments yet.

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.

32 queries. 0.108 seconds.
Copyright © 2007-2010 http://www.thesh17.com