Slashdot Mirror
Undocumented Bypass in PGP Whole Disk Encryption
A non-mouse Coward writes "PGP Corporation's widely adopted Whole Disk Encryption product apparently has an encryption bypass feature that allows an encrypted drive to be accessed without the boot-up passphrase challenge dialog, leaving data in a vulnerable state if the drive is stolen when the bypass feature is enabled. The feature is also apparently not in the documentation that ships with the PGP product, nor the publicly available documentation on their website, but only mentioned briefly in the customer knowledge base. Jon Callas, CTO and CSO of PGP Corp., responded that this feature was required by unnamed customers and that competing products have similar functionality."
... choose a different product. This also is against their product description so report them to trading standards and demand refunds. What about Seagate Momentus FDE drives? DO they have a bypass also?
http://www.rense.com/general79/wdx1.htm
Having replaced laptop motherboards for Raytheon that had the pgp whole disk encryption and asking them if there was a way around it to check the os and their response being there is no way around it, I wonder "who" the unnamed customer was?
Maybe they were unnamed because there is No Such Agency?
I don't need large brains to have a good time.
"encryption bypass" ?
That basically turns the entire thing into a physiological magic trick.
unnamed customers? there's no such agency.
Come on, why would you even consider using such a thing?
And if anyone else can enable it, then they already have access to your computer anyway.
Seriously, customers require this so IT staff can do remote support and reboot the machine remotely. It is only enabled for one reboot, and you must have cryptographic access to enable this feature. The only threat is if someone where to enable this, not reboot, and then have the machine stolen.
Why does crap like this make it to the front page of Slashdot?
ÕÕ
from the response:
"We call it a passphrase bypass because that is what it is. It is a dangerous, but needed feature. If you run a business where you remotely manage computers, you need to remotely reboot them."
and
"You cannot enable the feature without cryptographic access to the volume. If you do not have it enabled, you are not affected, either. I think this is an important thing to remember. Anyone who can enable the feature can mount the volume. It is a feature for manageability, and that's often as important as security, because without manageability, you can't use a security feature."
makes pretty good sense to me
I came to the datacenter drunk with a fake ID, don't you want to be just like me?
A customer with enough volume to demand such a 'feature' (myself I prefer to call it a bug) surely can justify the addition of a compilation flag as oppose to incorporating into general release. I am incline to think it's more likely to be brown nosing the current US administration.
ELOI, ELOI, LAMA SABACHTHANI!?
When it comes to encryption it is exactly for this reason why I use the "clunky", "hard to configure", "no GUI" Open Source!
I know what I have, and what I get, and what others cannot get... Not that I have anything to hide. Just that I like my privacy.
"You can't make a race horse of a pig"
"No," said Samuel, "but you can make very fast pig"
What is the point of encrypting the drive if it's automatically decrypted? (ie. the key would be stored plaintext somewhere on the drive) I just can't figure that out.
I don't like PGP in any case. I never have because all their stuff is proprietary. S/MIME, ASN.1, etc are all full blown public standards that do the things PGP does except using open interoperable widely adapted standards.
"We are not the only maNufacturer to have Such a feature -- All the major people do, because our customers require it of us.
Its not enabled by default, its a feature that makes sense for servers that sit in a datacenter or a remote location. The PGP exec is correct, other full-disk encryption vendors offer similar features. Its not some sort of evil backdoor for Phil Zimmerman to come laugh at your paltry collection of porn.
As usual, the poster got it wrong. It is not a "backdoor", and if the poster had actually read the response from PGP he would have realized that in order to use this, you already need to know the cryptographic passphrase, AND that it is only good for a single reboot. This is required for remote administration. What are the chances that someone will be sitting by the computer, just waiting for it to reboot so they can steal the disk drive? Because that is essentially the only way for this to be exploited.
According to TFA, the feature is off by default. To enable it, you must know the password. If someone else knows your password, you're screwed already. Why is this a big deal? I guess being undocumented makes it a bit shady, but the article doesn't say how long the feature has existed. It could simply be new. Anyone have better info?
Did you read the article or any of the comments before posting that?
Didn't think so...
No sig today...
This isn't a back door or some secret agenda by some shadowy government agency. It is simply an IT tool to allow remote access to the machine. It is enabled ONCE and you must have cryptographic access to the machine in order to enable it. It is NOT enabled by default, it is a conscious decision to enable the feature made ONLY WHILE you have authorized cryptographic access. Once the machine is rebooted your back to normal.
The OP made it sound more ominous than needed when he said "unnamed customers". Why is everything on Slashdot a giant consipracy??
RTFA.
Pretty Good Privacy. I'd rather have Absolutely Fucking Bulletproof Privacy.
This backdoor took a bit of time to figure out. The simple fact is that if I buy a product, I expect it it work correctly, in particular, I expect it to work as advertised. PGP says that your data is encrypted and safe. Obviously, it is not.
I prefer the "u" in honour as it seems to be missing these days.
If you RTFA you'd see this feature is needed for anyone who remotely-boots their encrypted drive. The feature is not a backdoor - it has to be enabled by someone with cryptographic access to the drive, and it only works once per setting - reboot, and it's disabled. The only way this could be a security issue is if it's enabled, and before the drive boots up again, the drive is stolen. Features like this are needed, as without them, the drive is useless for remote management, and people won't use encryption, which is obviously far more insecure than having this feature and using it correctly.
So, after you've read the article, you'll preserve YOUR integrity by apologizing for jumping the gun. Right?
Didn't read the article -- didn't see that you can only bypass it by enabling it for the next reboot after which it returns to normal.
If it's for-profit but free, you're not the customer -- you're the product (e.g., the Slashdot Beta's "audience").
There is an inherent flaw with many of the commercial laptop full-disk encryption solutions out there. I have the most experience with Utimaco's Safeguard Easy, but I know many of the other big players have the same fault -
The software has a feature called "Pre-boot Authentication", by which the encryption software is loaded after the bios, but before the (generally Windows) operating system. The user's password is used to generate the decryption key, so theorhetically not even the NSA could decrypt the laptop without the user's password.
Here's the flaw - the software has a checkbox to disable Pre-boot authentication. What this does is generate a default user with a random password, and then store this random password obfuscated but in clear-text in the same disk area decryption software. When you talk to the sales-people, they sell this as a feature, in fact about half of Utimaco's customers (so I'm told) run it in this mode because the encryption becomes transparent and it is much less intrusive on the user. (Basically the disk is automatically decrypted each time the laptop is booted, but you have to have a valid Windows login to get in.) Buried in the help documentation are warnings "For security reasons, you should Never disable pre-boot authentication". So the engineers and the company know the weakness of disabling pre-boot authentication, but they don't tell their customers when they sell the software.
Today it seems to break into these laptops with pre-boot authentication disabled you would need somewhat sophisticated tools and techniques, basically the same tools and techniques people commonly use to "crack" commercial software today. But I'm guessing that it won't be very long before someone takes the time to build this crack and releases it, rendering the laptop encryption useless to anyone who can Google for "Utimaco Crack", etc. Basically all the crack would need to do is grab the default user's password off the disk and use or duplicate the decryption algorithms that are also in clear-text on the disk.
I've talked to a number of IT security folks, and basically it seems like most people trust the sales folks and don't understand that its basically impossible to have strong encryption without having the decryption key stored off the disk (like on a smart card, or in the brain of the user.)
PGP is a hilarious company, these days. My company was going to do some consulting work for them, and they announced that we could not work with them unless we complied with their security "policy." We thought it would be no problem--our security is some of the best in the industry.
We read their "policy" and started laughing, however. It isn't a policy so much as a standard, which explicitly requires all computers run PGP Whole Disk Encryption. No other form of data protection is acceptable.
I'm inclined to send this message back to them and include "piss off" in my reply, but I don't know how much the potential contract was worth. But any way you look at it, PGP corp is a joke these days.
A slashdotter who didn't build his own computer is like a Jedi who didn't build his own lightsaber.
If people wanted Really Good Privacy, they should have purchase encryption from a company called RGP, not Pretty Good Privacy.
Seth
$5 / month hosted VPS on linux = awesome!
As others have said, some parts of the U.S. government has become completely lawless. The government is requiring access and requiring that access be kept secret. The Bush administration has become a dictatorship. I think U.S. citizens should demand impeachment and that Cheney and the Decider be tried for treason. Why should the really big criminals be allowed to break the law?
My experience of whoever it is who sells PGP is that there are other issues about they way they do business, too.
That's why open source encryption is so important. TrueCrypt supports Windows and Linux. Supports encrypted devices and encrypted folders, including hidden folders.
To encrypt a file, use the free open source Gnu Privacy Guard.
They can't do whole hard disk encryption, but they are at least honest.
With that understanding, I am developing a new data security system using heretofore unrealized technology, and plan to bring it to market in the near future: look for products from BHS in stores during the month of No-never.
This message brought to you by the unique folks at BHS. Black Hole Systems: we are defined by our singularity!
Sometimes I have to say to hell with it and just eat my jellybeans.
So which full disk encryption software does Slashdot recommend? Preferably FOSS and available for *Nix and Windows.
If you RTFA, you'll see that it's a feature that you can only turn on if you've already got access to the disk, and PGP did it so it only works once.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
So clearly the encryption system records the running password somewhere outside the encrypted volume if the auto-reboot is selected. One would assume that, upon reboot, the password gets overwritten.
We are constantly told that data that's only overwritten once on a magnetic drive is recoverable. So, if one could figure out which section of the drive gets the password written to it (an easy enough exercise given that the boot code that mounts the encrypted volume is in a fixed location and largely static) then one could steal a laptop and, assuming it had been auto-rebooted once before in its life, potentially recover the entire drive contents.
Beyond the capabilities of your average evil-doer but certainly possible.
CommentBot 0.7a running with args "-module irritate,disagree -target random"
How much do you want to bet that "unnamed customers" are synonymous with "various federal and state police agencies, DOD, and NSA"?
Takers?
Politics is the art of looking for trouble, finding it everywhere, diagnosing it incorrectly and applying the wrong fix.
There is No Such Customer (NSC).
The GPG program that you download doesn't do full-disk encryption; it's pretty purely a file/stream encryption program. I suppose you could use it for disk encryption, by streaming data through it on its way to and from a device, but that's not how it's normally used.
There is/was a program around that used GPG to do FDE, called GPGDisk. I'm not sure whether it used your installed copy of GPG to do the heavy lifting, or if it just included the same code, or worked using the same algorithms but had its own totally separate crypto engine. It was reasonably popular for a while, but I think a lot of people who were using it have now switched to TrueCrypt.
However, GPGDisk did offer some unique features, like the ability to encrypt a disk using a GPG key, and some fairly fine-grained access controls that you could set up for multiple users (IIRC). Every once in a while someone will mention it on the comments on Bruce Schneier's blog, so apparently it's still getting some use. But it doesn't offer some of the neater features that TrueCrypt does, like plausible deniability or containers-in-containers, I don't believe.
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
Seriously, it seems to me that this "loophole" just isn't.
Vista Bitlocker on the other hand, is not worth the disk space it consumes.
I have it on good authority from someone in the know (as in, it is in his job description) that cracking Bitlocker is easy. There is actually a course on "opening" bitlocked volumes, if you move in the right circles (think police forensics)
For my money I'd rather just use a good open source package.
http://www.writeitfor.us - Writing IT for the IT generation.
And we use a Post-it on the same door to remember the combination.
This dangerous, because it gives a false sense of security. Its an easy way to make full disk encryption have zero security benefit. Its might a feature that this feature is so obscure enough that security neophytes won't shoot their foot off. I'd be happiest if the feature automatically deleted the decryption key during the reboot. Thats enough to let IT do an unattended reboot and simultaneously discourage people from misusing the feature.
Even in a high-tech company, your engineers at remote offices may know operating systems better than routers, or the server may be locked in a closet with the PBX and LAN hardware, or the office may be a sales office where there's nobody technical enough to go drag a monitor into the server closet and plug it into the correct server.
If you've had a power hit at your retail store, once it's back up you don't want to wait half a day for an IT staff guy to drive or fly there and connect the console to type a password into it.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
But ... PGP has a peer review, open-source process. They're just a commercial product, too. [In other words, it violates the terms of service for you to compile their source code and use it without licensing it.]
libertarian: (n) socially liberal, financially conservative; neither left, nor right.
I don't understand that argument. Why is it necessary to have two passwords? An organization must have a database of user passwords, correct? A user may call and say he lost his password.
The only reasons I can imagine for having two passwords are convenience for IT, when they aren't fully automated, and secret government surveillance.
An organization with 1,000 users must manage 1,000 passwords, anyway.
What happens in an organization when a member of the IT staff leaves? The IT access special password, if there is one, needs to be changed on 1,000 computers.
It seems to me that there may be far better ways to manage that situation rather than having a global password.
Hmm, the FBI paid them for having this backdoor?
1. if i have a real (paying) customer who needs this, i will supply them (and only them) with a customised version.
2. or i fully document the feature.
Patents Drive Free Software as Hurricanes Drive Construction Industry
Yeah, it's a potentially dangerous feature - but some customers want it anyway, and at least PGP implemented it in a way that's less dangerous than it could have been. I'd have preferred to see some additional hardware involved, e.g. require input from a USB dongle or successful DHCP hit or something in addition to the disk-stored info, but it's hard to get that to work portably and reliably.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
I'd prefer to see the key stored somewhere other than the main disk drive, e.g. on a USB dongle that might not get stolen or kept. (Or get tricky and use an iPod Shuffle as the dongle, so the thief is more likely to separate the two
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
And what is the problem with that? If you have access to the machine and can unobserved alter the machine to boot different code, you could also trick users into entering their passphrase in a fake password screen. Whole Disk encryption is normally used to protect the data when the computer/drive is stolen and not against an attacker who has !UNOBSERVED! unlimited physical access to the drive in question.
Move Sig. For great justice.
Either you still don't understand the feature, or you are willfully misinterpreting it. Once again, you must know the passphrase in order to unlock the data on the disk. If you know the passphrase, you already have access to the data on the disk, with or without this feature. Hence it is NOT a backdoor. A backdoor would mean you didn't need to know the passphrase. Knowing the passphrase is the FRONT door.
Sheesh.
From TFA, it sounds like the documentation was added to their website recently, it wasn't there before. Also, the 'help' for the command-line tools doesn't display those options.
Read again, please.
GPG and PGP Or did I misunderstood you?
Let me just get it straight. It's easier for you to accept that PGP has a malicious backdoor than it is to accept that they have a sensible feature that is quite useful (if ill-documented, but apparently it's mentioned in the knowledge base)?
A small dose of paranoia is healthy, but we're talking about a feature that has to be activated by someone who actually has access to the keys to begin with, that is, supposedly, valid for only one reboot, and that has a very valid use case.
With propretary software, there's no way to know. It could have any number of malicious or ill-conceived/insecure features. Why risk it?
-- The act of censorship is always worse than whatever is being censored. Always.
So what they're saying is "Sorry you thought our product was secure. However, it's as least as secure as everybody else".
I don't understand what this post is about. This feature is fully documented on PGP's support website for customers. Saying this is only for big companies is not true in the least. On top of this you must know the password of the drive to even implement this feature. How is it a security risk? Your security is only as strong as your end user in this kind of scenario. An end user could just as easily give someone their password. We need to be careful in the security world when making allegations like this before knowing the truth. If you own a PGP product and have a support contract you can view the documentation here. http://support.pgp.com/
"... our kids will grow up in a Brave New World and the old world is never coming back."
A better world will be available to us if we get rid of the corrupters, weapons investors, and oil squeeze investors, and begin again insisting on the rule of law.
"Your proposed issues are only do [due] to lazy IT departments and would fail any real security audit."
Does that mean you agree? The only real reason to do things the PGP way is because of surveillance by the secret police?
I don't completely understand what you said, and the documentation of TrueCrypt is less than perfect (but still quite good).
I will experiment with the method you suggest. Sounds interesting.
Of course, TrueCrypt does not allow full hard disk encryption. The boot partition needs to be unencrypted, I think.
If I were to evaluate said product it's something I'd like to know, in advance and fully documented, not hidden somewhere. The whole purpose of documentation is, well, to document things not to leave them for someone surfing extra docs on their website.
If they'd been open about it wouldn't even have made Slashdot, so it's a bit of an own goal - now they have to go and explain it all against a tide of misunderstanding. On stuff like this full disclosure is the better path to take IMHO.
Insert
Oh please. Wish people would STFU about 'I can read the source, and know it's safe.' At best, it's a wrong statement. Who reads the source to everything they put on their system? Nobody, you just trust other people to look at it for you. Open source gives more the code more eyes to look at it, but wording it in such a way that makes it sound like you read every line so you know it's safe? Bullshit.
Now folks will question the integrity of the product and they've now got a potential liability issue on their hands because as sure as the sun rises in the west, some lawyer will figure out how to use this to shift the blame for the loss of employee/customer data that should have been encrypted that wasn't.
Mod me up/Mod me down: I wont frown as I've no crown
All I have to say is that my past experience with a big cooperation within IT it was possible to bypass PGP. But thats all I can really say about that.
I heard the software also lets you uninstall PGP. That would leave your disk WIDE OPEN. And they call that security. HAHAHA. What a piece of crap software. I hope PGP burns in hell.
Because a backdoor can just as easily be slipped into open source software, if not more easily since everyone's assuming "Oh it's open, someone else is looking for backdoors." On top of that, when things go south there's no one to point the finger at and no one to go to for support.
Look at all the security flaws that have popped up in Firefox over the past two years that could have led to a complete security breach on a user's machine. Most were probably just innocent mistakes, but what if they were intentional? How would we know? And who could we blame?
Putting a GPL license on something doesn't automatically make it pure and holy.
Maxim: People cannot follow directions.
Increases in truth directly with the length of time spent explaining them
It's a bypass. You've got to build bypasses! Besides, you should've made your protest months ago. These plans have been on display at the planning office now for a year.
Pompous or no, suddenly discovering a way to bypass my full-disk encryption, whether it be "only on the next boot" or not, makes me suddenly very leery of this closed-source software. What if they *DID* put in another backdoor? IMO, this gives PGP's credibility a fatal error.
As another poster stated, "In security software, any undocumented feature is a bug."
It feels to me very much like this "undocumented feature" was obfuscated by being not in the manual. I don't care if it's available if I jump through 17 hoops and happen to land in the right spot on their forums, it should have been documented from the get-go. It feels to me like they tried to hide it by burying it in the forums instead of coming right out and saying it in the manual. Preferably in BOLD TYPE.
As is commonly known, "Security through obscurity is not security."
--
My dogma ate my karma.
This work is licensed under a Creative Commons Attribution 3.0 Unported License.
It is unused by default. Short of modifying the PGP Boot Guard's binary, you cannot disable the feature permanently, which means any user--not just an admin-- can use this feature.
libertarian: (n) socially liberal, financially conservative; neither left, nor right.
Nope, but at least it means that you can check for malicious features if you want to.
Take PGP Whole Disk Encryption for example. There was a questionable feature recently and we can't look to see if there were more. If the source were published, someone considering the software could audit it to see if there are any other questionable features.
-- The act of censorship is always worse than whatever is being censored. Always.
I'm working for secure-co ..supposedly I work on my own secret project, but
..ahh...I seize the opportunity. ..I quickly unplug the network and remove the hard drive...boom I've
my boss has secret info that I want to know, but he always logs off when
ever he leaves...
One day when my boss is gone, I see his laptop
turn off automatically
got his info without anyone knowing, and better yet..no one is even around
because it's all done remotely. I steal the data, and recheck the automatic
authentication, and reconnect it back to the network and turn it
off....quietly slip out of the room..
Note...I never had to have access to his password..I just know that an
automatic reboot, means vulnerability.
Umm... I don't even know where to start to answer your question. I'm not sure what your question has to do with anything.
The best I can tell is that you think I am incorrectly saying that GPG is closed source. If that's what you're saying, I have no idea why you're saying it --I didn't even mention GPG. If that's not what you're saying, then I have no idea, so please enlighten me.
In the meantime, I'll elaborate. Phil Zimmerman created PGP and made it open source (though the term "open source" itself wasn't used at the time). PGP got sold to NAI, which stopped making it open source (ie. they added to the software and distributed binaries only without source). NAI sold the rights to PGP Corp.
Technically, it was NAI, not PGPCorp, that closed the source of formerly open source PGP. PGPCorp bought the ex-open-source PGP. Currently, PGP is not open source.
You can check http://www.fabianrodriguez.com/encryption/ for more info.
404555974007725459910684486621289147856453481154 in hex is "You sank my Battleship?"
[GPG key in journal]
What precisely stops you doing this with PGP ?
Their source is open to download and audit (just not Free for use/modification/etc.). They even state that their entire source control system is open for customers to audit:
"Customers can thus examine every check-in made to the sources by all its developers from 1997 to the present."
How could GPL make a difference to auditability ?
Still, can happen.
I did not say that somebody who DOESN'T have a passphrase could turn the feature on. RTFA and realize that any USER (get it? Not "admin") can use this feature, enabling the bypass. Sure, today, (again, you near-sighted idiot) the only way to use this is through the command line, but this is a crypto operation, not a connection to your mom's website, meaning there is no record of who makes crypto operations. It might be a trojan (which yes, I get it, it's got your passphrase), but imagine this: a worm like the storm worm gets modified to (in addition to the myriad of things it does) capture users' passphrases, add the bypass, and modify the PGP Boot Guard to not remove the bypass
And of course, (again I'll get enjoyment for calling you an idiot) an admin who uses this feature but has an adversary pick up the device PRIOR to the reboot happening and the oh so magical PGP Boot Guard removing the bypass
This guy gets it. Why can't you?
Now go say hi to Jesse and the twins for me.
libertarian: (n) socially liberal, financially conservative; neither left, nor right.
This is flamebait ... why??? Why can't there be a version with the feature and a feature without-- it's one component of an array of components. It's changing out a couple of binaries during the packaging process. That's it. What's wrong with that?
Besides, even if somebody disagreed that a fork was a good idea, it's one opinion on how to attempt that. Who has a vendetta for 'camperdave' and why choose to act on it at one of the most obvious times?
libertarian: (n) socially liberal, financially conservative; neither left, nor right.
Was it on the blue carbon triplicate?
Nice reference.
libertarian: (n) socially liberal, financially conservative; neither left, nor right.
Don't let the troll keep this post down. Just because the troll doesn't understand that there are threats involving this "feature" that really can expose data on disk without knowledge of the password, doesn't mean that the rest of us don't want to read this AC post.
libertarian: (n) socially liberal, financially conservative; neither left, nor right.
...is that you?b
"What kind of music do pirates listen to?" -Paul Maud'dib
"Yeeeaaarrrrr n' Bee!!" -Stilgar, Leader of Sietch Tabr
Just from looking at your post history it's like you refuse to RTFA and continue with your denial. What's in it for you? Worried about stock price or profit sharing or something? Or do you work there and this is your bad design/feature that's being ripped?
libertarian: (n) socially liberal, financially conservative; neither left, nor right.
the NSA requires backdoor access to all major operating systems and encryption products.
They're using their grammar skills there.
1) As someone else pointed out, you CAN audit the source
2) Being able to audit source code does nothing to prove that the binaries you're running are actually based on the source code. The backdoor might be put in by the compiler, and the compiler may put the backdoor in itself if it recompiles itself. Sound far fetched? It's already been done.
3) Even assuming you can prove that there's no obvious backdoors in the code, you're conveniently ignoring my point about Firefox: most every open source application has "bugs" in it that allow a serious security breach. ALL interesting software has a potential to have them. But what looks like a bug could just be a cleverly crafted backdoor. If I was putting a backdoor in my code, I sure wouldn't put comments around it saying "this is a backdoor", I'd make it look like a one-off error or buffer overflow and just depend on the fact that they can go undiscovered for years, even with Open Source software. So yes, you could theoretically audit the code and PROVE it's bulletproof, but good luck on that one, that's like solving halts().
Maxim: People cannot follow directions.
Increases in truth directly with the length of time spent explaining them
Those are all neat points. Someone makes them every time this discussion comes up. Here are some responses:
-- The act of censorship is always worse than whatever is being censored. Always.
Hmmmmm.....
I'll bet that "Unnamed Customers" means Big Brother and his minions.
Knowing Google's lust for data collection, the Soviet Union is still alive and well inside the psyche of Sergey Brin....
There appears to be a group of people who attack negative mention of the Bush administration. The parent comment was moderated to +4 for several days, and now it is down to 0. I'm guessing someone in the Bush administration has thousands of accounts, so that some will always have moderation points.
- This is a facility where someone who has accessed the disk using the keyes can set an option so that the next boot will not need a passphrase
- This only covers one boot, for remote startup, etc. The system resets to normal operation
- This only affects users who deliberately enable this feature
- Those users ar only affected if the PC is stolen after the feature is enabled and before the next boot
This is not some security hole, or government backdoor. It is a facility that some people need and most will never enable.Okay, so let me explain why I'm telling you the software doesn't work like this. Here's the key thing to remember: the pre-boot lockout is not the thing protecting data on the disk.
Here's a scenario:
1) Install PGP and encrypt the drive.
2) Reboot
3) Turn on the bypass for the next reboot
4) Shutdown
5) Remove the drive and stick it (or copy of the drive) in another computer as a secondary drive
6) Try to access the drive
From your posts, it appears you think you'll see all the files. The simple fact is that you won't. It will appear as an unrecognized volume. That's because the files are still encrypted. The operating system will not be able to access the files. You're screwed.
The whole bootloader is just another step of lockout. First there's bootloader, then there's the windows login. Again, the bootloader is not the thing that "turns off" encryption on the drive after you get past it.
I was already assuming this was how it works because to do it otherwise would be quite foolish. I thought back to the parallels of how Windows works when you turn on encryption for certain files. The delay in most post was because I wanted to check this out with the real product to make sure my assumptions weren't bad. And guess what? I was right. I tried this out in the real world with the real product and the volume was still encrypted even though the bootloader password was bypassed.
I really don't know why you're so full of vitriol towards me. You repeatedly stoop to ad hominen attacks and post multiple times calling me a troll and claiming I work for PGP (I don't). But the simple fact of the matter is that the theft wouldn't net you an unprotected hard drive. The hard drive would still be encrypted and you'd have to know the password to get the data off it. The preboot thing is just there as another level of protection, not as the main one. I lay it out step by step in this post. This should so you that your comment "Then a random theft (get it? by somebody who doesn't know squat about PGP WDE) has access to data whilst admins think all is safe." is just simply untrue.
So please, stop calling people names. It serves no purpose other than to drag down the level of discourse.
Just for completeness sake, I'll refer to my other post about why this attack will get you a useless (encrypted) hard drive.
The sad thing is that the much more obvious way you'd want to do this is through a hardware keylogger. This is especially true since the first thing you do after turning the computer on is enter the password. You'd just have to look for the first keystrokes after a power-on followed by enter. Simply stick the keylogger on and return the next night to copy the hard drive. Keyloggers are the real weakness in any of these encryption schemes. To get around that, they should create a graphical keyboard with all the keys randomly assigned around the screen. You'd then have to use the mouse or arrow keys to move to each letter in your password. This would defeat the keylogger, though it would make you more open to shoulder surfing (maybe make the letters really small and at the bottom of the screen).
"If you change your password, you only change the header."
Thanks for the information. The TrueCrypt web pages are poorly written. Now I realize that TrueCrypt is very much ready for large companies. I've found TrueCrypt to be perfectly reliable, and it is open source and free, so there are no other barriers.
Because..sadly..you are..wrong and are too stupid to understand the implications of what
you are doing...
It's like leaving the key under the rock outside your house and then claiming that's
not a security problem because you couldn't do it without having the key in
the first place.
So the problem there is the technician, not the technology. You could have just said "Friday: Technician faxes key to thieves, tells them where to break in and what to steal".
Ok, so imagine there's a piece of malware out there that doesn't do anything except look for PGP FDE... and turn this feature on. It doesn't necessarily even need to be "in the wild"... It gets sent to a specific user, using whatever delivery method - be it email, mailed software, hacking, or even just an autorun.inf on a thumbdrive (people will cheerfully stick unknown USB drives they found in the parking lot into their work pc, it's been done).
So now, every time the system boots, it skips the passphrase. The user doesn't think anything of it (if they even notice), and later in the week, or maybe even that night, their pc is stolen. Oops, good thing we're using FDE and no one can get to our data!
The next day, Bob's entire department starts getting emails from the thief, thanking Bob for leaving his disk unencrypted. Complete with those nasty photos he had hidden under "TPS Reports" in "My Documents". And all the details on the company's latest project, which he had under "Top Secret" in "My Documents".
Bob, you're fired.
No, I can think of a number of situations where this could be exploited... some of them without even leaving the corporate chain. For example...
Bob has angered Sally by turning down her offer of a dinner date. Sally, being emotionally unstable, decides to ruin Bob's life. Sally thinks of the security lecture they all got yesterday when someone left a floppy lying unattended on a table. the one where the boss said he'd fire the next person he found not following security policy and procedure to the letter.
Sally drops the aforementioned piece of malware on Bob's computer while he's off freshening up his coffee, and then goes and gets the boss. She points out to the boss that Bob is not adhering to company policy as pertains to the disk encryption, as his system does not ask for the FDE password when it boots up. Boss reboots Bob's computer, and lo and behold, there's no password.
Bob, you're fired.
The possibilities are endless. No, they don't all require someone getting mad at Bob, but it's more fun that way. Bob getting fired is just my way of saying that bad things happen.
--
You don't have to be crazy to post here, but it helps.
This work is licensed under a Creative Commons Attribution 3.0 Unported License.