lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sun, 9 Mar 2008 23:36:33 -0400 From: "Larry Seltzer" <Larry@...ryseltzer.com> To: "Jacob Appelbaum" <jacob@...elbaum.net> Cc: bugtraq@...urityfocus.com, full-disclosure@...ts.grok.org.uk Subject: Re: Firewire Attack on Windows Vista >>You're mistaken in thinking that we're conflating sleep and hibernate modes. >>Microsoft's response of using two factor authentication is silly. It doesn't actually stop our attacks. In certain circumstances, it may shorten the window of attack for a specific type of user but it's mostly irrelevant. Consider a mail server with an encrypted drive, no proximity sensor or two factor authentication is going to help you. A seizure will still result in someone getting the keys that are in memory - unless you're using some sort of secure crypto co-processor (which no one is). >>From your own paper: > Microsoft ... recommends configuring BitLocker in "advanced > mode," where it protects the disk key using the TPM along with a password or a key on a removable > USB device. However, even with these measures, BitLocker is vulnerable if an attacker gets to the system > while the screen is locked or the computer is asleep (though not if it is hibernating or powered off). So in other words, hibernate does make a difference, especially if you follow their guidelines. Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blogs.pcmag.com/securitywatch/ Contributing Editor, PC Magazine larry.seltzer@...fdavisenterprise.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists