9 posts in this topic

Posted

This is scary. I guess encryption with those applications is no longer useful.

Check this link out:

http://www.lostpassw...-decryption.htm

Share this post


Link to post
Share on other sites

Posted

What? It has been known forever that you can retrieve encryption keys if you dump the contents of memory (raw or hiberfil.sys while hibernated) but that relies on the computer being on and the encrypted filesystem being mounted.

No, this absolutely doesn't make truecrypt/bitlocker "useless" / "no longer useful".

Share this post


Link to post
Share on other sites

Posted

What? It has been known forever that you can retrieve encryption keys if you dump the contents of memory (raw or hiberfil.sys while hibernated) but that relies on the computer being on and the encrypted filesystem being mounted.

No, this absolutely doesn't make truecrypt/bitlocker "useless" / "no longer useful".

So they will not be able to break into an external hard drive that is encrypted then? A backup hard drive I mean.

Share this post


Link to post
Share on other sites

Posted

Nope, the latest truecrypt version fixed this

strong truecrypt key = virtually impossible breaking.

Share this post


Link to post
Share on other sites

Posted

So they will not be able to break into an external hard drive that is encrypted then? A backup hard drive I mean.

If for example you have an external HDD encrypted and lose the HDD they can't break in to it (without brute forcing, which would take millions of years if you have a decent encryption key).

The scenario in the video you posted would rely on the encrypted external HDD being connected to your computer, the encrypted volume being mounted, and a person having access to your computer so they can dump the memory to retrieve the keys. An encrypted HDD on its own would be useless to them.

Share this post


Link to post
Share on other sites

Posted

If for example you have an external HDD encrypted and lose the HDD they can't break in to it (without brute forcing, which would take millions of years if you have a decent encryption key).

The scenario in the video you posted would rely on the encrypted external HDD being connected to your computer, the encrypted volume being mounted, and a person having access to your computer so they can dump the memory to retrieve the keys. An encrypted HDD on its own would be useless to them.

Ah, I see...Interesting. I am new to this encryption stuff so I am curious about it. I find it very interesting how companies and groups like the folks that make TrueCrypt can make programs that not even the government with their sophisticated technology can break into. Amazing.

Share this post


Link to post
Share on other sites

Posted

Jesus, that's security 101. There are good practices to follow, read more here:

http://www.truecrypt.org/docs/?s=physical-security

In summary:

1. Hibernation is your enemy. You don't want a copy of your RAM anywhere.

2. Keys ARE purged when TrueCrypt can DISMOUNT the volume and that's what you should always do.

Share this post


Link to post
Share on other sites

Posted

does this guy work for the government? "they'll get you!!! not fearmongering but THEY'LL GET YOUUU!!! If you're a bad guy don't even bother!"

Share this post


Link to post
Share on other sites

Posted

does this guy work for the government? "they'll get you!!! not fearmongering but THEY'LL GET YOUUU!!! If you're a bad guy don't even bother!"

LOL...LOL...LOL

Maybe he speaks from personal experience. Maybe they got him at one point for being stupid!

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.