TrueCrypt Not So Secure

A handy free and open-sourced disk encryption program I use called TrueCrypt has been cracked by a BootKit by the name of Stoned. Injecting itself into the MBR of an encrypted drive, it works as a man-in-the-middle attack by placing itself between the operating system and the drive.

The BootKit offers not only TrueCrypt bypassing, but a gateway for any trojan, malware or pretty much anything else you wish to run. Even worse is that it is (currently) undetectable by any AntiVirus software and is only thwarted by Intel's EFI technology which is essentially an OS for your BIOS.

The attack only works on a 32bit OS and requires administrator privileges or physical access, but if the feds have your machine, guess what?
Next PostNewer Post Previous PostOlder Post Home