| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 08 Mar 2008 16:28:02 -0800 From: Jacob Appelbaum <jacob@...elbaum.net> To: Larry Seltzer <Larry@...ryseltzer.com> Cc: Tim <tim-security@...tinelchicken.org>, full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com Subject: Re: [Full-disclosure] Firewire Attack on Windows Vista Larry Seltzer wrote: >>> The funniest is using hibernate... >>> Did you perchance read: http://www.eff.org/press/archives/2008/02/21-0 > ?? > > Yeah, I made specific reference to that attack in my message. There's a > big difference between sleep mode and hibernate mode. In hibernate the > system is powered off. Even if the memory has some residual charge I'm > sure it's far less reliable than with sleep. > > Everything I've seen in descriptions of that attack tells me they are > unfairly conflating sleep and hibernate. > Hi, I've been watching this thread for a while and I guess it's time to chime in. You're mistaken in thinking that we're conflating sleep and hibernate modes. Furthermore, Microsoft's response of using two factor authentication is silly. It doesn't actually stop our attacks. In certain circumstances, it may shorten the window of attack for a specific type of user but it's mostly irrelevant. Consider a mail server with an encrypted drive, no proximity sensor or two factor authentication is going to help you. A seizure will still result in someone getting the keys that are in memory - unless you're using some sort of secure crypto co-processor (which no one is). Regards, Jacob Appelbaum
Powered by blists - more mailing lists