One thought on “Disk encryption hack discovered

  1. Uhmm.. ok. Yeah. This is nothing new. The only “inovative” thing is using a freeze can and boot loader to quickly access the ram in a device after a reboot to get the data. The same this is possible if your device has a reset button or a hard-kill power switch.

    If you’re leaving encrypted volumes mounted while in susspend or hibernate mode it’s vulnerable to a number of attacks. If you’re using encrypted material, you should do so on a mounting as-needed basis, and be sure to unmount and wipe the key from memory before walking away from it.

    TrueCrypt (FYI) has a feature that does just that, so I think the ad is a little misleading in showing it as a “crackable” item. Once you unmount a volume, it stores values over the memory allocated for the key by the driver before releasing it back to the system. So as long as you unmount the drives, you’re good.

Comments are closed.