More in the truecrypt 5.0 saga
Bruno Wolff III
bruno at wolff.to
Wed Feb 27 05:00:29 UTC 2008
On Tue, Feb 26, 2008 at 12:44:40 -0500,
Javier Perez <pepebuho at gmail.com> wrote:
>
> Can they defeat a Cold Boot attack ?
I am pretty sure that Truecrypt was specifically mentioned as being vulnerable
to this.
> http://citp.princeton.edu.nyud.net/pub/coldboot.pdf
>
> Is there a solution yet for this?
That depends on what your threat model is. If you aren't worried about
no knock raids or laptops being stolen out of your hands, you can power
off the machine and keep it under supervision for a few tens of minutes
and at that point recovering keys from the dram will be a lot more
tricky.
More information about the fedora-list
mailing list