Linked by Thom Holwerda on Sat 31st May 2014 00:12 UTC, submitted by teo
Privacy, Security, Encryption

Over the past 24 hours the website for TrueCrypt (a very widely used encryption solution) was updated with a rather unusually styled message stating that TrueCrypt is "considered harmful" and should not be used.

Very odd story. Lots of little red flags going up all over the place.

Thread beginning with comment 590214
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[2]: Vulnerability
by Alfman on Thu 5th Jun 2014 15:02 UTC in reply to "RE: Vulnerability"
Alfman
Member since:
2011-01-28

Soulbender,

I tend to believe press-releases by security companies as much as a believe in Santa Clause and the Toothfairy.


Sure, but the point of my link was intended to be educational since many end-users probably don't realize they are vulnerable to such a trivial & highly effective attack.

And it still is. Stealing the key by abusing DMA and using custom hardware is pretty clever but they still haven't broken truecrypt.


They haven't broken truecrypt's encryption itself, but arguably they have broken one of it's use cases. You don't even need custom hardware, just an ipod will do. It's not adequate to simply lock the computer or shut the lid when you leave (ie for a short bathroom break).
http://www.wilderssecurity.com/threads/truecrypt-standby.246757/

Edit: I've not used it, but apparently "Rohos Disk" is designed to protect against the "wake up from sleep" attack:
http://www.rohos.com/2011/11/timeout-feature-for-rohos-disk-encrypt...


Even taking security out of the equation, it's poor to give external devices free reign over host ram from a robustness point of view too. The solution to this is so obvious I don't know why it wasn't engineered into the firewire spec from version 1: only allow external devices to perform DMA against memory buffers allocated by the host. Ie a video camera should only have access to it's own video buffers and nothing else.

Edit: For the sake of completeness, I should mention that memory is vulnerable to another process by which running DRAM can be chilled and physically transferred to another device to copy it's contents, however this is less reliable due to the sensitive nature of the operation and the existence of CPU caches, etc. Not to mention such an attack would much more obvious from a physical perspective.

Edited 2014-06-05 15:20 UTC

Reply Parent Score: 2