the shadow
2008-03-06 21:16:13 UTC
This is a quote from an article
(http://www.matasano.com/log/695/windows-remote-memory-access-though-
firewire/
"I think one of the small-but-cool things that came out of my work on
firewire memory access was the ability to recover plain text
real-mode-disk-crypto passwords (like PGP Wholedisk or similar) from the real
mode bios keyboard buffer. Of course, this is just one of the many treasures
that lies around in memory, but it¹s not the first thing you think of. You
boot your laptop, enter your disk crypto (or bios disk locker, or whatever)
password out in realmode, and it stays there, forever, because it¹s never
used again now you¹re in protected mode.
I thought it was neat, anyway."
There have been a few articles about Police agencies "cracking" passwords. I
wonder if this is how they did it.
I also wonder if this will allow you to bypass the PGP password for e-mail.
Hud
(http://www.matasano.com/log/695/windows-remote-memory-access-though-
firewire/
"I think one of the small-but-cool things that came out of my work on
firewire memory access was the ability to recover plain text
real-mode-disk-crypto passwords (like PGP Wholedisk or similar) from the real
mode bios keyboard buffer. Of course, this is just one of the many treasures
that lies around in memory, but it¹s not the first thing you think of. You
boot your laptop, enter your disk crypto (or bios disk locker, or whatever)
password out in realmode, and it stays there, forever, because it¹s never
used again now you¹re in protected mode.
I thought it was neat, anyway."
There have been a few articles about Police agencies "cracking" passwords. I
wonder if this is how they did it.
I also wonder if this will allow you to bypass the PGP password for e-mail.
Hud