Images: How to bypass FileVault, BitLocker security

« Previous Image

Step 9: Release the code
Applebaum, pictured here, says that the team of security researchers plans to freely release the utilities they developed so that other programmers can develop privacy-protecting countermeasures.

They seem to be operating on the theory that, after their demonstration of encryption key extraction, police and intelligence agencies will rush to develop their own memory forensics. A public release of "keyfind" and the memory-transfer program merely will level the playing field between open-source researchers and companies like Guidance Software (that sells EnCase forensics software used by the FBI and other police agencies).

Because we know police agencies are keenly interested in computer forensic techniques, that's not a bad assumption. As early as 1984, the FBI Laboratory began developing computer forensics tools.

They're also interested in ways to bypass encryption. In the Scarfo case, the U.S. government used a key logger to find a reputed mobster's PGP passphrase. More recently, the Drug Enforcement Administration obtained a court order allowing them to implant a key logger into a suspect's computer, and the Justice Department is trying to force a defendant to divulge his PGP passphrase.

Talkback
Most Recent of 17 Talkback(s)

Thread View
Flat View

Bit Locker: It seems to me that the problem resides in the TPM. I do not use it. I store my password on a memory stick whereas using TPM stores it in the RAM. If the password is not on the computer to begin with it can't be hacked.... (Read the rest); Posted by: cobra96ds@... Posted on: 02/25/08 You are currently: a Guest | Log in | Terms of Use