On CBS MoneyWatch: Warning: Swine Flu Scams Spread
BNET Business Network:
BNET
TechRepublic
ZDNet
Step 6: Testing

Step 6: Testing
How can we tell whether Applebaum is actually able to glean the encryption key from the MacBook?

The answer is simple: an Apple utility called "hdiutil" can display the AES key for a FileVault volume as long as the passphrase is typed in first. If Applebaum's able to find it on his own, he's discovered a way to bypass FileVault--at least when the computer is turned on or is in sleep mode.

To use hdiutil, I logged out of the Breakme account, meaning the FileVault volume would be automatically unmounted. Then I made a copy of the breakme.sparseimage file and extracted the AES key by running hdiutil and typing in the passphrase. The key turned out to be: dd6a242a3a90ee1f60a8c53db59a4133.

The length of the AES key in OS X Tiger is 32 hexadecimal characters, or 128 bits. While FileVault in OS X Leopard can use a 256-bit AES key, the extraction process would be the same.

  • Talkback
  • Most Recent of 17 Talkback(s)
Bit Locker
It seems to me that the problem resides in the TPM. I do not use it. I store my password on a memory stick whereas using TPM stores it in the RAM. If the password is not on the computer to begin with it can't be hacked.... (Read the rest)
Posted by: cobra96ds@... Posted on: 02/25/08 You are currently: a Guest | | Terms of Use
Supercooled memory?  Eriamjh | 02/21/08
Millions at stake in corporate espionage ...  terry flores | 02/21/08
re: back doors  CobraA1 | 02/21/08
Clearing memory at reboot would not work.  ye | 02/22/08
RE: Supercooled memory?  bfilipiak@... | 02/22/08
A few things to note  CobraA1 | 02/21/08
Careful there  georgeou | 02/21/08
hdiutil was simply used to show successful crack  terry flores | 02/21/08
RE: (Images: How to bypass FileVault, BitLocker security)  d1g1tal_ph3r3t | 02/21/08
RE: (Images: How to bypass FileVault, BitLocker security)  riverab0@... | 02/22/08
Addition  riverab0@... | 02/22/08
Cox  CassidyJames | 02/22/08
I would like to see this tried with Firmware locked  duane@... | 02/22/08
Info still unencrypted in RAM...  robert.rohr@... | 02/22/08
Bit Locker  cobra96ds@... | 02/25/08
Encyption Law  benjaminwright75205 | 02/22/08
This is freaky  John Musbach | 02/24/08

What do you think?

advertisement

More ZDNet Photo Galleries

  • Smart Tech Expert advice on innovations in healthcare and the green technologies that make it happen. Find out more
  • Smart Business Discussion and advice on management issues that revolve around making your world smarter and more useful. More Smart Advice
  • Smart People The best and worst moves in the management and strategy trenches. Learn More