Disk Encryption Cracked? | Where is My Data?

Apparently disk encryption for several well known products has been cracked, including BitLock (TPM), TrueCrypt, and HP.
According to MeriNews an Indian information security start up has, allegedly, discovered a new vulnerability, which allows attackers to steal computer boot passwords and bypass the security of disk encryption.
iViZ, the company which discovered this vulnerability has more detailed articles on its website
Jonathan Brossard, iViZ’s lead security researcher said that “”Surprisingly, this vulnerability has been existing for 25 years….Programmers unaware of this have coded boot password feature such that user password is not flushed properly leading to inadvertent text leakage and theft from memory. Even hard-drive encryption does not help here”.
A more detailed reading of the technical paper shows the decryption is not simple, may not always be possible, and the “attacker” would have access to the files anyway:
For example the Truecrypt technical paper states that:

Full Article on the new site Disk Encryption Cracked? | Where is My Data?.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: