Joanna Rutkowska, virtualization and security researcher, has released a Proof of Concept malware that allows an attacker to steal software encryption passwords. Her current version is designed to attack TrueCrypt software encryption, but can be evolved to attack any other software encryption product, and even BitLocker on a TPM-enabled machine.
The attack works like this:
1. you leave your computer in your hotel room while you go to the gym to work out.
2. the maid enters the room, and inserts a bootable USB flash drive or bootable hard drive into your computer.
3. the maid boots your computer, which boots of the USB drive.
4. the drive installs low-level malware into your computer, modifying the TrueCrypt loader and master boot record.
5. you come back from the gym and boot your computer, and enter your software encryption password.
6. the malware logs your password and stores it on the computer.
7. the next day, the evil maid can steal your laptop, or use another bootable tool to extract your password and decrypt your computer.
One of Joanna’s suggested workarounds was to lock your laptop up when you leave it in your room, or to never leave your laptop unattended, even if turned off.
I suggest that a better approach might be to store your important information on a hardware encrypted IronKey USB device. It’s small enough to take with you to the gym, and it’s even waterproof so you can take it into the shower!
Similar Posts:
- UK Man Jailed for Not Divulging PGP Encryption Password to Investigators – RIPA Part III Section 49
- Health Department Warns 133,000 of Breach
- Monday Morning News Kick Off: 500 Million Sensitive Records Breached Since 2005; Worst U.S. Military Breach and Much More
- BP Loses Personal Information of 13,000 Claimants
- Will Carbonite back up my portable hard drive as long as it is attached to my computer?
