Just saw this come off the wire - from news.com on how disk encryption from Bitlocker and Apple's FileVault has been circumvented by a few researchers. If this is as simple as they make it sound, this is a bit worrisome. However, I am not ready to buy this fully, till I understand this a bit more.
For one, I was under the impression that Bitlocker protected against booting via an alternative OS (especially a system with a TPM chip on it) because it can perform bootup integrity checks. The article seems to claim this is one of the ways in... Hmm, not so sure...
Further questions:
Is this attack valid for all authentication scenarios such as TPM+Pin?
How easy is it to scan the RAM on a locked system?
There was another article recently in eWeek that talked about FDE not being sufficient protection. I personally think that we need defense against multiple scenarios - not sure if the defense-in-depth term can be used, but seems to fit the best...
Looking forward to understanding this a bit more...
For one, I was under the impression that Bitlocker protected against booting via an alternative OS (especially a system with a TPM chip on it) because it can perform bootup integrity checks. The article seems to claim this is one of the ways in... Hmm, not so sure...
Further questions:
Is this attack valid for all authentication scenarios such as TPM+Pin?
How easy is it to scan the RAM on a locked system?
There was another article recently in eWeek that talked about FDE not being sufficient protection. I personally think that we need defense against multiple scenarios - not sure if the defense-in-depth term can be used, but seems to fit the best...
Looking forward to understanding this a bit more...
