Get more done with Windows Mobile
Latest Photo Galleries:
- Photos: Where the building is the network
- Images: Microsoft telescope puts universe on your desktop
- Photos: Microsoft previews 2008 Xbox games
- Photos: Top 10 reviews of the week
- Images: Satellites follow killer cyclone
- Images: How to make your car run on tequila (sort of)
- Images: A visit to 'negawatt' central
- Images: Riding the kiteboarding wave
- Photos: HTC's Touch Diamond phone
- Photos: Cracking open the Nintendo Wii Remote
How to bypass FileVault, BitLocker security
del.icio.us
Digg this
Step 1: The test
A team of security researchers on Thursday reported serious vulnerabilities in disk encryption products including Microsoft's BitLocker, Apple's FileVault, and the open-source TrueCrypt. Because memory contents are not deleted when the computer is rebooted, someone can gain access to the contents of the encrypted volume by restarting it and extracting the encryption keys. Another way to extract the keys is to supercool the memory--a can of compressed air held upside-down works--and transfer the RAM to another computer where it can be read.
We decided to put their claims to the test. Because I'm an Apple user, I wanted to see if they could extract the AES encryption key from a MacBook running Mac OS X Tiger. AES is, of course, the Advanced Encryption Standard used in innumerable security applications.
Step 1 involved creating a new password-protected account called "Breakme" with FileVault turned on and encrypted swap activated. I turned on the locking screensaver and presented Jacob Appelbaum, one of the researchers on the team, with the FileVault-protected laptop. To pass the test, Appelbaum needed to extract the 128-bit AES key used to encrypt the Breakme account.
Text by Declan McCullagh
Credit: Declan McCullagh/CNET News.com
More Galleries
Post a comment
TalkBack
Important question left unanswered
Westside guy
Feb 21, 2008, 10:54 AM PST
