Vista bitlocker cryptanalysis with ramdumps.
dex_poet wrote: Why not have another key for different accounts? Or another key for default/genaric things like the GUIā¦ Also RAM should be pretty empty, they could make a ton of false keys.
Actually, why use Vista? New video games? Have any major companies actually switched to Vista?
All very valid questions. I don't know honestly, but it seems to me like a classic case of stupidity. I mean, apple and linux both have hard disk encryption software, and presumably they did things as you describe. They are still vulnerable to a RAM dump attack after login though.
About filling RAM with false keys, I doubt that would have much effect. How many keys could fit in RAM? I don't know. Even if an attacker had to try 10 000's of possible key stored in RAM, it would be relatively easy.
I don't use vista, but I bet quite a few government organizations do. And the attack isn't vista exclusive, it's just more vulnerable.
Actually, the idea of freezing and dumping RAM is quite interesting to me. I bet you could get a lot of other information that way. Of course, most times physical access is trivial anyway.