Disk encryption easily cracked, researchers find

Network World ^ | 21 February 2008 | Network World Staff

[sarasota]

A local Mac guy also pointed out that he’s seen customers who have lost their files by using file vault. So I stopped using it. Good idea?

[Swordmaker]

A local Mac guy also pointed out that he’s seen customers who have lost their files by using file vault. So I stopped using it. Good idea?

The only ones I've heard of who lost their files were those who forgot their password... if they can't remember the password, they are NOT getting their files back.

[TChad]

That essentially means someone would have to steal a laptop that is still running to get the key. I’m not sure how big of a vulnerability this is in the real world.

From here:

Laptops are particularly vulnerable to this attack, especially when they are turned on but locked, or in a "sleep" or "hibernation" mode entered when the laptop's cover is shut.

Plenty of laptop users use hibernation.

[sarasota]

That makes sense. Another mystery to me is the key chain. I have no idea what it is and how it works so I never use it and hope I never have to!

[antiRepublicrat]

Felten’s good at finding vulnerabilities. Still, this is a pretty esoteric hack.

[TChad]

And thus a new occupation is born, the “Field Data Recovery Specialist.” Armed with his power screwdriver, cans of compressed air looped onto his belt, battery-powered “memory preserver” in his backpack, when the cops break down the doors the intrepid FDRS follows close behind.

[TChad]

Peter Biddle, the guy in charge of Microsoft's Bitlocker security program, says that this is not a new attack, and that Bitlocker, properly configured, defends against its use on a hibernating laptop. Moreover he says that Bitlocker in Vista SP1 will defend even better against it by permitting use of both a boot PIN and a USB dongle.