Thursday, February 21, 2008

Laptop encryption broken

(photo by iowa_spirit_walker)

I guess it was too good to last. The contents of your laptop hard drive will no longer be safe if the person that wants the data has the right tools at his disposal.

Today eight colleagues and I are releasing a significant new research result. We show that disk encryption, the standard approach to protecting sensitive data on laptops, can be defeated by relatively simple methods. We demonstrate our methods by using them to defeat three popular disk encryption products: BitLocker, which comes with Windows Vista; FileVault, which comes with MacOS X; and dm-crypt, which is used with Linux.

Translation - your friends won't be able to read your data, but Big Brother will be able to. linky