| Subject | Re: Encryption |
|---|---|
| Author | Myles Wakeham |
| Post date | 2009-06-20T19:18:55Z |
Geoff Worboys wrote:
disk encryption, but I just heard that security consultant, Peter
Kleissner, in Switzerland has just completely cracked TrueCrypt (and
other disk level encryption) security by revealing a new virus/malware
variation called 'BootKit' (no, not RootKit - Bootkit) technology that
is to be revealed at this year's BlackHat conference (or maybe it was
DefCon - I can't remember).
Anyway from what I understand, this technology enables a virus to
install itself effectively underneath the OS Kernel (and it doesn't care
what the OS is - Windows, Linux, MacOSX, etc.), and therefore underneath
TrueCrypt and other encryption systems, rendering almost anything that
sits on top of it 'pwned' by the virus.
I was pretty shocked to hear about this, since I also place high value
on TrueCrypt and use it routinely for various encryption requirements.
But it looks like its not completely impervious to hacking or malware
from what I heard.
If you are interested, I heard about this on PaulDotCom, the security
podcast. The particular episode is:
http://pauldotcom.com/2009/06/episode-155-announcement---get.html
I guess what I'm suggesting here is that in lieu of FB doing the
encryption, relying on an OS solution might not always provide the
security blanket we are looking for here.
Myles
--
=======================
Myles Wakeham
Director of Engineering
Tech Solutions USA, Inc.
Scottsdale, Arizona USA
http://www.techsolusa.com
Phone +1-480-451-7440
>You have TrueCrypt (or whatever) mount the encrypted file asDon't want to bring anyone down regarding TrueCrypt's security for whole
>if it were a disk (drive X: or something - under NTFS you can
>even mount as part of a path). The operating system sees this
>mounted file as if it were a disk/volume.
>This is one of the beauties of using this solution; everything
>in your application stays the same, you just add encryption for
>those users that need it.
disk encryption, but I just heard that security consultant, Peter
Kleissner, in Switzerland has just completely cracked TrueCrypt (and
other disk level encryption) security by revealing a new virus/malware
variation called 'BootKit' (no, not RootKit - Bootkit) technology that
is to be revealed at this year's BlackHat conference (or maybe it was
DefCon - I can't remember).
Anyway from what I understand, this technology enables a virus to
install itself effectively underneath the OS Kernel (and it doesn't care
what the OS is - Windows, Linux, MacOSX, etc.), and therefore underneath
TrueCrypt and other encryption systems, rendering almost anything that
sits on top of it 'pwned' by the virus.
I was pretty shocked to hear about this, since I also place high value
on TrueCrypt and use it routinely for various encryption requirements.
But it looks like its not completely impervious to hacking or malware
from what I heard.
If you are interested, I heard about this on PaulDotCom, the security
podcast. The particular episode is:
http://pauldotcom.com/2009/06/episode-155-announcement---get.html
I guess what I'm suggesting here is that in lieu of FB doing the
encryption, relying on an OS solution might not always provide the
security blanket we are looking for here.
Myles
--
=======================
Myles Wakeham
Director of Engineering
Tech Solutions USA, Inc.
Scottsdale, Arizona USA
http://www.techsolusa.com
Phone +1-480-451-7440