BitLocker or TrueCrypt can be decrypted in a matter of minute

Discussion in 'privacy technology' started by aigle, Dec 11, 2010.

Thread Status:
Not open for further replies.
  1. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
  2. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
  3. markedmanner

    markedmanner Registered Member

    Joined:
    Nov 1, 2009
    Posts:
    134
    Heard about this before... First off the story states that you have to have hibernate mode enabled for this to work. So basically if you don't have hibernate mode enabled their tool will not work in decrypting tc or bitlocker. Because basically their program does not "crack" the encryption. It simply finds the encryption key in the hiberfil.sys file and uses it. So to defend against this attack simply disable hibernate. (which I hate anyway) and delete c:\hiberfil.sys
     
  4. chiraldude

    chiraldude Registered Member

    Joined:
    Jul 3, 2010
    Posts:
    157
    Kind of an old thread but...
    If you are using Truecrypt (V7.0 or higher) and full disk encryption then hiberfil.sys is encrypted. As far as I can tell, Bitlocker system encryption has always encrypted hiberfil.sys as well.
    Other ways exist to access an encrypted system (cold boot, evil maid bootkit, firewire DMA, etc..) but these require a running machine and/or a reboot with the correct password.
    Why do these bogus claims of broken encryption keep showing up?
     
  5. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    I never use hibernate i just turn it off :D
    PC is fast enough :rolleyes:
     
  6. Carver

    Carver Registered Member

    Joined:
    Feb 5, 2006
    Posts:
    1,827
    Location:
    USA
    I use Windows XP SP3 and I haven't used hibernate yet. Having your computer on hibernate is for the people who can't wait the time it takes the computer to fully load normally, my computer is fast enough :isay: .
     
  7. cm1971

    cm1971 Registered Member

    Joined:
    Oct 22, 2010
    Posts:
    727
    The same here. I personally don't see the need for it.
     
  8. chiraldude

    chiraldude Registered Member

    Joined:
    Jul 3, 2010
    Posts:
    157
    I often need to use hibernation because I work with complex design software that takes forever to load. If I am working on batteries and running low on power I will hibernate because it takes 3 minutes to resume from hibernation. If I save then shutdown then reboot then launch cad then load project it takes about 10 min. Even if I had the fastest machine possible I expect it would take 5 min to reboot and reload everything.
    If I were just browsing the web and sending email I would agree that shutdown and reboot is fine.

    The initial point I was making is that it doesn't matter if you hibernate or not. If hiberfil.sys is encrypted then only the correct password will get you back into the system.
     
  9. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    Because it makes good headlines. Non-techies will think "wow AES-256 has been cracked," when in fact nothing special happens in these sorts of attacks other than finding the keys in memory somewhere.
     
Loading...
Thread Status:
Not open for further replies.