[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <6C132B0A14EEDED8922119F1@utd59514.utdallas.edu>
Date: Wed, 25 Oct 2006 14:20:10 -0500
From: Paul Schmehl <pauls@...allas.edu>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Putty Proxy login/password discolsure....
--On Wednesday, October 25, 2006 15:18:10 -0400 Matthew Flaschen
<matthew.flaschen@...ech.edu> wrote:
> Sorry, I shouldn't have implied that was only true of Windows. However,
> you CAN'T access encrypted data with physical drive access.
>
Not even that is true. You can always *access* the data. Depending upon
the type and complexity of the encryption, it may take a while to decrypt,
but once I have physical access, I have both the data and the time to do
just that. *Most* of the "encryption" schemes for things like passwords
that used to be stored in plain text (until somebody pointed it out) are
fairly trivial and easily broken.
Even if they're not, I may be able to use the program itself to decrypt the
password and then capture it in plain text in memory.
Again, once you have physical access, it's game over, plain and simple.
Paul Schmehl (pauls@...allas.edu)
Senior Information Security Analyst
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/
Content of type "application/pkcs7-signature" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists