|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Ansgar -59cobalt- Wiechers (bugtraq
planetcobalt.net)
Date: Mon Mar 10 2008 - 11:58:17 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 2008-03-09 Larry Seltzer wrote:
>>> WRT the DMA access over FireWire it's but a bad response since it
>>> doesn't get the point!
>>> 1. Drive encryption won't help against reading the memory.
>>> 2. The typical user authentication won't help, we're at hardware level
>>> here, and no OS needs to be involved.
>>> 3. The computer is up (and running; see above), no hibernate or sleep
>>> is involved here.
>
> So on a freshly-booted system with drive encryption you can read
> whatever you want on the disk?
Yes. Simply because the drive needs to be decrypted for the system to
boot. Without decrypting the disk there's not difference to a switched-
off box, because it's utterly unusable to anyone.
Regards
Ansgar Wiechers
--
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]