| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <0273B67044957C41BD71D12EBA2E00AE252F5E@becca.LarrySeltzer.local> Date: Sun, 9 Mar 2008 23:36:33 -0400 From: "Larry Seltzer" <Larry@...ryseltzer.com> To: "Jacob Appelbaum" <jacob@...elbaum.net> Cc: "Tim" <tim-security@...tinelchicken.org>, <full-disclosure@...ts.grok.org.uk>, <bugtraq@...urityfocus.com> Subject: RE: [Full-disclosure] Firewire Attack on Windows Vista >>You're mistaken in thinking that we're conflating sleep and hibernate modes. >>Microsoft's response of using two factor authentication is silly. It doesn't actually stop our attacks. In certain circumstances, it may shorten the window of attack for a specific type of user but it's mostly irrelevant. Consider a mail server with an encrypted drive, no proximity sensor or two factor authentication is going to help you. A seizure will still result in someone getting the keys that are in memory - unless you're using some sort of secure crypto co-processor (which no one is). >From your own paper: > Microsoft ... recommends configuring BitLocker in "advanced > mode," where it protects the disk key using the TPM along with a password or a key on a removable > USB device. However, even with these measures, BitLocker is vulnerable if an attacker gets to the system > while the screen is locked or the computer is asleep (though not if it is hibernating or powered off). So in other words, hibernate does make a difference, especially if you follow their guidelines. Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blogs.pcmag.com/securitywatch/ Contributing Editor, PC Magazine larry.seltzer@...fdavisenterprise.com
Powered by blists - more mailing lists