Dave, The paper published today makes some pretty strong claims about the vulnerabilities of Microsoft's BitLocker, Apple's FileVault, TrueCrypt, Linux's dm-crypt subsystem, and similar products. So I put the folks behind it to a test. I gave them my MacBook laptop with FileVault turned on, powered up, encrypted swap enabled, and the screen saver locked. They were in fact able to extract the 128-bit AES key; I've put screen snapshots of their FileVault bypass process here: http://www.news.com/2300-1029_3-6230933-1.html And my article with responses from Microsoft, Apple, and PGP is here: http://www.news.com/8301-13578_3-9876060-38.html Bottom line? This is a very nicely done attack. It's going to make us rethink how we handle laptops in sleep mode and servers that use encrypted filesystems (a mail server, for instance). -Declan Jacob Appelbaum wrote:

With all of the discussions that take place daily about laptop seizures, data breech laws and how crypto can often come to the rescue, I thought the readers of IP might be interested in a research project that was released today. We've been working on this for quite some time and are quite proud of the results. Ed Felten wrote about it on Freedom To Tinker this morning: http://www.freedom-to-tinker.com/?p=1257

------------------------------------------- Archives: http://www.listbox.com/member/archive/247/=now RSS Feed: http://www.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com ------------------------------------------- Archives: http://www.listbox.com/member/archive/247/=now RSS Feed: http://www.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE