Cold Boot Attack Tool Released

Filed under Cryptography

Well, that didn’t take long…a tool to dump the memory and pull the encryption keys off of encrypted hard drives has been released. Like I said in a previous post, it was only a matter of time and the risk/threat vector of this vulnerability starts to change with the release of a tool.

On a related note, there was a good blog post over on Princess of Antiquity about some potential engineering solutions to this vulnerability you may be interested in reading about as well as some potential mitigations to this vulnerability that are being discussed. I actually like her quote at the end of her post:

“What we should remember is that no matter how strong your lock is, if you leave the key lying around, you might as well leave the door wide open.”

How true! 🙂

One Comment

  1. agent0x0 says:

    I saw another blog post about a statement from PGP that was posted about this vulnerability:

    Nothing really different to say but I am glad vendors are starting to become aware of the issue.

Post a Comment

Your email is never published nor shared. Required fields are marked *