Nothing is safe anymore

Holy shit. Disk Encryption is cracked, and cracked nastily it is. You are not safe if you are using Windows, Mac or linux as all of them basically use the RAM to store the encryption key.

So currently the only way to fix this is to either use a new memory technology where the RAM is instantly lost on boot or use another place, rather than the RAM. Perhaps we could use an external key? Can DM-Crypt be modified to store the key in a usb-stick? Will that help? Techdirt also mentions that this does not work on disks that decrypt on boot but this is not said in the article…

In any case…ouch!


About this entry