Full Disclosure mailing list archives

Brilliant attack "bypasses" bitlocker

From: "Thor (Hammer of God)" <thor () hammerofgod com>
Date: Fri, 11 Dec 2009 13:28:45 -0800

http://www.theregister.co.uk/2009/12/05/windows_bitlocker_attacks/

This "method" is almost as bad as Dan's grammar ;)

"Among the methods discussed is what they call a "hardware-level phishing attack," in which a target machine is 
replaced with a counterfeit one that provides precisely the same messages and prompts that the original machine would 
have produced. The imposter machine captures user input and relays it to the attacker, who then uses it on the real 
machine."

I love the old, "replace the computer with an exact duplicate while they are not looking and get them to type in their 
passphrase" trick.   Certificates anyone?

t

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Brilliant attack "bypasses" bitlocker Thor (Hammer of God) (Dec 11)
- Re: Brilliant attack "bypasses" bitlocker Thor (Hammer of God) (Dec 11)
- Message not available
  - Message not available
    - Message not available
    - Message not available
    - Message not available
    - Re: Brilliant attack "bypasses" bitlocker Thor (Hammer of God) (Dec 11)
- Re: Brilliant attack "bypasses" bitlocker Michal Zalewski (Dec 11)
  - Re: Brilliant attack "bypasses" bitlocker yaroslav (Dec 11)
  - Re: Brilliant attack "bypasses" bitlocker bugtraq (Dec 12)