Feeds

Germans devise attacks on Windows BitLocker

Industrial espionage drive decryption

Remote control for virtualized desktops

German researchers have devised five methods that determined attackers can use to bypass hard-drive encryption in recent versions of Microsoft operating systems.

The methods, laid out by a research team from the Frauenhofer Institute for Security Information Technology, can be used to access files protected by BitLocker drive encryption contained in Windows Server 2008 and pricier versions of Windows Vista and Windows 7. BitLocker prevents files or entire volumes from being accessed without a user password being entered first.

The researchers stress that the strategies are useful only for targeted attacks, such as those used in industrial espionage, where an attacker is willing to devote considerable effort to breaching a single individual's security.

They aren't of much use in opportunistic attacks, such as those when an attacker happens upon a lost laptop. Still, they said their findings are useful because they demonstrate the limits of the protection.

"Designers as well as users of disk encryption solutions should be aware of these attack strategies in order to realistically assess how much security they get out of trusted computing," they wrote. "The most important lesson to be learned is that even with trusted computing a system needs additional physical protection for good security."

Among the methods discussed is what they call a "hardware-level phishing attack," in which a target machine is replaced with a counterfeit one that provides precisely the same messages and prompts that the original machine would have produced. The imposter machine captures user input and relays it to the attacker, who then uses it on the real machine.

A Microsoft spokesman said the company is looking into the report (PDF). More from The H Security here. ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
Webcam hacker pervs in MASS HOME INVASION
You thought you were all alone? Nope – change your password, says ICO
You really need to do some tech support for Aunty Agnes
Free anti-virus software, expires, stops updating and p0wns the world
Meet OneRNG: a fully-open entropy generator for a paranoid age
Kiwis to seek random investors for crowd-funded randomiser
USB coding anarchy: Consider all sticks licked
Thumb drive design ruled by almighty buck
Attack reveals 81 percent of Tor users but admins call for calm
Cisco Netflow a handy tool for cheapskate attackers
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
prev story

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Website security in corporate America
Find out how you rank among other IT managers testing your website's vulnerabilities.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.