[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Brilliant attack "bypasses" bitlocker

To: "full-disclosure@xxxxxxxxxxxxxxxxx" <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: [Full-disclosure] Brilliant attack "bypasses" bitlocker
From: "Thor (Hammer of God)" <thor@xxxxxxxxxxxxxxx>
Date: Fri, 11 Dec 2009 13:28:45 -0800

http://www.theregister.co.uk/2009/12/05/windows_bitlocker_attacks/

This "method" is almost as bad as Dan's grammar ;)

"Among the methods discussed is what they call a "hardware-level phishing 
attack," in which a target machine is replaced with a counterfeit one that 
provides precisely the same messages and prompts that the original machine 
would have produced. The imposter machine captures user input and relays it to 
the attacker, who then uses it on the real machine."

I love the old, "replace the computer with an exact duplicate while they are 
not looking and get them to type in their passphrase" trick.   Certificates 
anyone?

t

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Brilliant attack "bypasses" bitlocker
  - From: Thor (Hammer of God)
- Re: [Full-disclosure] Brilliant attack "bypasses" bitlocker
  - From: Michal Zalewski

Prev by Date: [Full-disclosure] [ MDVSA-2009:259-1 ] snort
Next by Date: Re: [Full-disclosure] Brilliant attack "bypasses" bitlocker
Previous by thread: [Full-disclosure] [ MDVSA-2009:259-1 ] snort
Next by thread: Re: [Full-disclosure] Brilliant attack "bypasses" bitlocker
Index(es):
- Date
- Thread