Linked by Thom Holwerda on Sat 31st May 2014 00:12 UTC, submitted by teo
Privacy, Security, Encryption

Over the past 24 hours the website for TrueCrypt (a very widely used encryption solution) was updated with a rather unusually styled message stating that TrueCrypt is "considered harmful" and should not be used.

Very odd story. Lots of little red flags going up all over the place.

Permalink for comment 589862
To read all comments associated with this story, please click here.
by Alfman on Sun 1st Jun 2014 05:09 UTC
Member since:

This is a very strange story, I hope we get some kind of press release with details, but who knows maybe the devs are intentionally going for mystique.

Interestingly enough Truecrypt is vulnerable, as is bitlocker and most likely all other encryption products to a pretty simple exploit:

Passware Inc., a provider of password recovery, decryption, and evidence discovery software for computer forensics, announced that the latest version of its flagship product, Passware Kit Forensic, has become the first commercially available software to break TrueCrypt hard drive encryption without applying a time-consuming brute-force attack. It was also the first product to decrypt BitLocker drives.

Of course stealing the keys from memory may be considered "cheating" except for the fact that a very common interface, firewire, allows one to do just that by design...
Researcher Adam Boileau, a consultant with Immunity, originally demonstrated the access tool at a security conference in 2006, but decided not to release the code any further at the time. Two years later, however, nothing has been done toward fixing the problem, so he decided to go public.

"Yes, this means you can completely own any box whose Firewire port you can plug into in seconds," said Boileau in a recent blog entry.
The attack takes advantage of the fact that Firewire can directly read and write to a system's memory, adding extra speed to data transfer. According to Boileau, because this capability is built into Firewire, Microsoft doesn't consider the problem a standard bug.

All of this is done by exploiting a "feature" of the Firewire spec (OHCI-1394) (PDF), namely that it allows read/write access to physical memory (via DMA) for external Firewire devices. Worse, as this is DMA, the CPU/OS will not even know what's going on. Even worse, this works regardless of whether you have locked your screen with a password-protected screensaver, or xlock, or vlock, or whatever. As long as the system is running, you're vulnerable.

I don't know if the information is still current. If I recall it still applied to firewire hardware sold in 2010, which was incapable of controlling access to ram from attackers. This is not a shortcoming of truecrypt, but it should never the less be of particular interest to it's users. Hardware that leaves a backdoor wide open to just about every security mechanism ever devised, what a lame design!

Edited 2014-06-01 05:12 UTC

Reply Score: 3