Slashdot Mirror
Bootkit Bypasses TrueCrypt Encryption
mattOzan writes with this excerpt from H-online: "At Black Hat USA 2009, Austrian IT security specialist Peter Kleissner presented a bootkit called Stoned which is capable of bypassing the TrueCrypt partition and system encryption. The bootkit uses a 'double forward' to redirect I/O interrupt 13h, which allows it to insert itself between the Windows calls and TrueCrypt."
And, is it true we are screwed?
Like a city whose walls are broken down is a man who lacks self-control.
It sucks anyway.
So yeah, if someone is running live software on your machine then there isn't much you can do. If there is decrypted data then it's essentially available to anything on the machine.
I mean if you're going to do this you could just modify the TrueCrypt code (bootloader in this case) itself to do what you want.
Kind of "duh" story if you ask me.
The ratio of people to cake is too big
A trojan horse can compromise data, or encryption keys, possibly revealing them to a third party, if the trojan runs at a time that those keys are revealed to the system. Film at 11.
Nothing to see here, move along, move along...
Is this type of attack only limited to trucrypt or can it affect other product? And.. is there a way to prevent it?
TFA has a very good point -- unless you (cryptographically) trust the components of your system all the way down to the hardware itself, you can get pwned by an attack like this. You can regularly do all-the-way-to-the-firmware scrubs of your machine as damage-control, but the only real prophylactic is some form of trusted computing.
Of course, I'm not really dying to jump on the TPM bandwagon, given the sponsors, but it sure would be nice if there was an openly-audited trusted computing module.
CRap. Get out your tin foil hats, uncle sam is coming for you.
it's more of a "man in the middle" sort of thing and it by itself does not "break" the encryption.
Think of it as a keylogger for your hard drive.
No matter how complex and secure an encryption method is, if you can steal the password (or key), yea...you get the idea.
In that sense, the title, summary, and the title of the article in question is misleading as it doesn't really bypass any encryption but rather daisy-chains itself into the process (so once you enter a password/key, it can capture it).
I can't tell what's supposed to be interesting or spectacular about this. It's a standard rootkit with MBR support along with some special hooks for truecrypt. It won't let anybody read an encrypted truecrypt volume unless you enter the password... And if you do enter the password on an owned computer it's not like trucrypt is going to help you anywhere. If you unlock the volume any malware can grab all the data it wants through the usual calls and hooks. It doesn't seem especially advanced compared to many of the rootkits out there.
I don't recall TrueCrypt ever claiming to be a defense against malware. Hell, all a program would have to do is imitate the boot loader and fool you into typing your password.
If you're paranoid (and I don't mean that in a bad way) enough to encrypt your entire hard drive, you're probably not the type to run strange executables outside of a sandbox. And if you give black hats physical access to your hardware, well, you're screwed.
So some general advice for the paranoid:
* don't run strange executables
* don't give untrusted people access to your hardware
* reflash your BIOS and other firmware if you think someone's been messing around
* look inside your computer once in a while
* if you must leave your computer in untrusted hands, boot from a flash drive or something you *can* take with you
Where can I sudo get this?
>_>
The original :-)
How does this, in any way shape or form, "break" Truecrypt? Now maybe I misunderstand how it works, since the information is not presented in a clear manner and the author is letting ego get in the way of good writing, but more or less it looks like he has a way to get in to the system at a low level. Ok, great, that does NOTHING to break the encryption. I see nothing in here about managing to get data out of a Truecrypt drive/volume without knowing the key. So what's the big deal?
I mean yes, you could use said malware to log the password. Well guess what? If you've physical access to the system, you don't need software for that. A hardware keylogger would achieve the same thing, or maybe a camera over the shoulder or maybe a tempest attack. The point is if you have physical access to the system, there is little someone can do to keep you from bugging said system.
What Truecrypt is intended to deal with is someone nabbing your system and getting data, and I see no break in that regard. If you encrypt your laptop's harddrive to ensure that nobody gets your data, and somebody steals you laptop, this doesn't help them. For it to help them they'd have to get your laptop, bug it, get it back to you such that you didn't notice, wait for you to use it, then steal it again so they could get the password.
I just fail to see how this is news here. If there is something I'm missing, by all means I'd be interested in knowing.
As usual secrets are best kept in brain case as anyone who physically gets a hold of your truecrypt volume and machine can now insert the bootkit at their leisure and to their pleasure.
So we're back to physical control of memory to keep secrets.
Replacing software security with hardware security only moves the attacks from software to hardware. There's no such thing as perfectly secure code in hardware or software, just 'good enough' that it will deter most hackers for some finite period of time. Probably the biggest argument against hardware security like TPM is the fact that once it's broken, you pretty much have to replace the machine, since there's no way to go about software patching a broken chip. Meanwhile, software can be updated, new operating systems with less security flaws designed in can be written, and new encryption software schemes can replace flawed ones. See Nintendo's Wii, Microsoft's XBoxen (both of them), BluRay/HD-DVD and we could go on ad nauseum.
If you give your PC to someone, with the capability to modify the innermost workings of the boot sectors, and then log into the PC indiscriminately without verifying that the boot sectors, etc. haven't been modified, it's possible that the password you typed on the keyboard etc. could be captured and then used later (assuming the rogue software would also have the capability send that password to the attacker and/or for the attacker to AGAIN gain physical access to the PC after you've typed in the password as well) to decrypt the contents of the hard drive.
Yeah. And?
Avoidance techniques possible: Not a lot.
Avoidance techniques required: Don't log into a potentially (or, indeed, known) compromised PC, whether encrypted or not.
Where's the news?
"Stoned" was the first computer virus I ever had to deal with. Ah those were the days... small, efficient virii that overwrote the boot sector but were easy to fix. None of this nasty phone home, steal your credit card mess they have now-a-days.
Now git off my lawn, y'hear!?
there is a crack... there is a crack in everything. That's where the light gets in...
http://xkcd.com/538/
Just DONT encrypt your system disk, make an encrypted container file with a Virtual Machine, that also runs Full disk encryption. Wouldn't this put a stop to the bios level MITM?
People don't need 'physical access' at all. All the need is admin priveledges. This is just a 'trick' attack. You download Truecrypts source, change it a bit, and then overwrite the real truecrypt with a hacked one. Anyone can do this. Truecrypt does not attemp to prevent against this, why should it? If someone can run any software on your PC when truecrypt is already running, THEY CAN ALREADY READ ALL THE ENCRYPTED DATA. This point seems to totally miss him for some reason.
He says that truecrypt's code could be modified to not allow writes to the MBR. So what? Someone could load up another OS, or take the harddisk out or do whatever and overwrite the MBR. Infact you can even write software to hook around truecrypt if you have admin priviledges. His whole 'patch' suggestion is so stupid it boggles the mind, he actually still uses truecrypts drive to write to the MBR, so infact his bootkit is even weaker than I first thought.
The whole thing is pretty funny. I mean if you can take control of the TC PC, you can just read the rootkey right out of memory. Then you can just write to the MBR and by-pass the whole password entry screen. He doesn't even do that, and yet he calls the encryption bypassed, even though all the data is still encrypted and the user must still enter the key? O_o riiiight
This really does not defeat TrueCrypt. All it does is read the date after its decrypted and before it gets to the OS. It also can only read the data after the real key has been presented. I think the take away here is disk encryption is not a silver bullet. You can't sit there and say "My disk is encrypted my data is safe." Its not safe while the machine is on an in the unlocked state. Any other malware running on the system can send or leak data all over the place. You have to trust the entire stack or have defenses in place at every layer.
All disk encryption can accomplish is:
1. If someone steals the system while off or locked and does not already have the key they can't get the data
2. The system cannon be modified offline with out the key
It can't really do anything more than that. TC is not broken its just not a defense against other software that can get ahold of the disk layer.
Suppose I walk into a bank during hours after the manager has opened the vault. I point a gun at him, hand him a bag and tell him to start loading it up. I then leave with the money. The vault is not broken. Its just that it only protects the money while its closed. If I showed up in the middle of the night broken and got the goods then the vault would be broken; but a day light robbery is just exploiting another weakness in the system.
Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
That is, if the encryption key is loaded and the machine knows how to decrypt the data, it can of course be captured in various ways.
I see no indication here that anything can be bypassed save very early in the boot cycle, so that if the rest of the system is encrypted,
this beast will not decrypt it until someone enters the key.
That it can subvert the access controls and so on of an encrypted disk, or of any windows version, because it gets in early and
can alter what is seen is interesting. It does not mean however that with this, someone can walk up to your machine and
decrypt it without the encryption key.
It must be noted that a drive encryption that allows back doors (sometimes done for "enterprise" access) might be able to have that
kind of attack made with this tool, since that kind of system retains the ability for the machine to decrypt the disk without a user
entering the key..it has recovery keys built in. Systems like that (yes, there are some) are thus sitting ducks...
Get it? "Stoned"? Hahaha, 4:20 amirite?
I love writing software and then trying to think of the most juvenile title for it as possible.
Drugs are cool because being immoral is edgy and hip. Let's all get high and ignore reality hahahahahahaha.
Password protect the BIOS, disable post-boot BIOS flashing, and only boot from a CD that you carry with you at all times. That's a pretty effective way to get rid of software only attacks. Once the hardware is involved (which includes vulnerabilities that allow flashing the BIOS after it's booted or without a password), you're screwed.
That seems extremely far fetched for one, but then even if you believe it is the case, what good would it do to fix? When you talk about a government agency, you are talking about someone with essentially unlimited resources. So they have plenty of options. Like I said, there's tempest. They monitor your computer remotely. I've no idea how well it works enough in reality, but it works well enough in theory that intelligence agencies shield against it. Or maybe they simple rewrite the Truecrypt bootloader, and put that on the drive. The program that you run itself now logs the data they want.
If you are in the AFDB world where some all-powerful government is out to get you, there's very little you can do to stop it.
In terms of protecting against threats that, you know, actually matter and are actually realistic, Truecrypt does a great job near as I can tell.
Isn't full system encryption designed to prove its worth once physical control has been gained by the bad guys? If truecrypt doesn't protect the contents of a hard drive that has been stolen it is completely useless. Never trust a product when its creators are anonymous.
I wonder that myself.
So let me get this straight...if a program lodges itself into the bios and intercepts disk calls above an encryption layer and can intercept the data, that is in and of itself newsworthy?
Ok, I though it was like "The government can wiretap your phone by standing in your kitchen while you're talking."
Please....this is unworthy of any attention. Everyone knows that a compromised system is not secure. Was this ever in question? Take your 15 minutes of fame, and go....
Things like encryption are to protect against normal problem, like losing a device with important data, not to protect against a determined adversary that wants your particular stuff.
For example I have an encrypted USB stick who's function is to hold my passwords, in particular the ones I don't use a lot. It is a USB stick, since I don't want to keep something like that on my computer which is always networked. While I think I have good security, there's always a chance someone owns my computer and I don't notice. So, best not to keep passwords on it. It is encrypted in case I ever lose it, or it gets stolen. That way, the person who has it can stumble across the password text file.
That is what it is to protect against: Normal ways that someone might happen across my passwords. It is not a protection against everything. If someone really wanted my passwords, they could just hold a gun to my head, I'd give them what they wanted. Nothing I have is worth dying for. As such, no amount of protection would keep it safe. I don't bury my key in a hidden location, I don't keep its existence a secret, etc. Reason is none of that would matter since anyone willing to go to the lengths necessary to get at it, would be willing to go to the lengths to get at me and make me give up my passwords.
Full disk encryption isn't for universal protection, it is for protection against laptop theft. For example at work we used to have an idiot in charge of, among other things, issuing codes for the doors. Our doors have electronic keypad locks as well as physical locks. Ok so idiot didn't keep this data on the central servers. He didn't trust it there. He instead kept it on his laptop. Well, his laptop then got stolen, and the data wasn't encrypted. That was a lot of fun, we got to change all the door codes. Had he encrypted his disk, this wouldn't have been a problem. The crook wasn't trying to get our door codes, they were just stealing a laptop.
One of the first MBR-infecting virused was "Stoned".
Wikipedia entry.
Would a secure solution be to always boot from a USB flash drive? A microSD chip is pretty small and can be hid in one's walletï. Insert in a USB adapter, and run boot then decryption code from pocket flash drive.
This sure is a big hit on the Linux for Pedophiles distro.
What part of "insert itself between the Windows calls and TrueCrypt" did you miss?
RelevantElephants: A Somatic WebComic...
* If your laptop will be in the possession of someone else for a while, such as in airline baggage, take out the hard drive, wrap it with thin anti-static foam, and put it in your pocket.
You replied, off-topic, to the first off-topic post, which was also a troll, over ten minutes after this and this top-level ones, which coincidentally say the exact same thing as yours.
It didn't take ten minutes to type that, didn't it?
It's really sad that your karma whoring works.
I know of government agencies that use full-disk encryption (e.g. Safeboot) on all everyday work computers, yet still don't allow the computers to be taken on international trips for exactly this reason. They use temporary-use laptops that get wiped upon returning home.
Full-disk encryption is designed to stop a thief who steals a computer from getting more than the hardware, and it's designed to keep a misplaced laptop with important data from becoming a headline. It's not designed to be the first and last word in security.
The problem of physical compromise of a machine leading to data compromise isn't limited to Truecrypt; there is no particular weakness of Truecrypt being described. It's a fundamental problem of the way commodity PC's are designed, and physical access. Indeed, it may be intrinsic to ALL computers (but the commodity stuff is likely quicker to compromise, simply because it's a known quantity for which you can prepare).
There at least a few SAS drives on the market that use hardware encryption baked right in to the drive's on-board controller. Probably faster too but more expensive.
||| I still can't believe Parkay's not butter.
I like the $5 wrench applied to shins idea, but fortunately TrueCrypt can do entirely without passwords in the conventional sense. Just copy a couple k of junk from /dev/urandom to your USB flash drive and name it Fred. When you create a TrueCrypt volume, use keyfiles and point to the aforementioned Fred on the USB flash drive; you can leave the password blank or trivial. Be sure not to automate a turnkey system — you want to manually point at Fred each and every time you open your encrypted volume.
Don't lose the USB flash drive. In case of emergencies, smash it. The advantage is, you have NO idea at any time what your "key" is, but it's very good.
``Tension, apprehension & dissension have begun!'' - Duffy Wyg&, in Alfred Bester's _The Demolished Man_
...still protects against physical access. If you loose your computer and its encrypted with truecrypt, then how does this help the thief break the encryption if you are not around to give them the keys?
This sure is a big hit on the Linux for Pedophiles distro.
What part of "insert itself between the Windows calls and TrueCrypt" did you miss?
Maybe that's what he calls Windows?
The name just seems to show that Mr. Kleissner has a sense of history. One of the old MBR viruses that used to plague systems in the days of MS-DOS was known as the Stoned MBR and from reading the article it seems that Mr. Kleissner's technique operates much the way that virus once did, by gaining . The marijuana references come from the original virus, which contained the phrase 'Your PC is now stoned! Legalise marijuana!'
Qu'on me donne six lignes écrites de la main du plus honnête homme, j'y trouverai de quoi le faire pendre.
I'm somewhat surprised that there are no published timing attacks against TrueCrypt's AES implementation. Attacks against 128-bit AES are certainly easier, but there's a public attack that breaks Linux's dm-crypt in 65ms of testing and 3s of computation, and 256-bit AES shouldn't be immune.
Those attacks shouldn't require admin privileges.
I hereby place the above post in the public domain.
Dear Timothy, you've just confirmed that this site is no longer "News for Nerds" but "News for Clueless Idiots".
Any nerd/geek knows that root-level access or physical access means game over (no security).
The article headline says this bootkit 'bypasses' TC encryption, but it doesn't appear to do that at all, as far as I can tell? Am I mis-reading the article, or is this simply describing software that runs *along side* of truecrypt, and after the user loads truecrypt and provides the password to decrypt the hard drive to truecrypt, this software simply uses truecrypt to access the hard drive like *ANY OTHER PROGRAM*? It's like saying Microsoft Word "bypasses truecrypt encryption" because Word is able to access your unencrypted Word docs after you've decrypted them with truecrypt?
Truecrypt was never designed to stop malware/trojans/viruses from being able to be active with Windows, and I wouldn't expect it to be able to stop them. It's like blaming Truecrypt because you opened an email attachment called anna_kournikova_sex_video.exe and got infected with a keylogger or something.
Does this offer a backdoor opton for people who forget or lose their TrueCrypt password? In my early computing days, I once lost a PGP password -it was really good and of course never written down because that wouldn't be secure- and lost the affected files. That has made me wary of running TC at boot. Of course a back way in means it's not exactly secure.
Sig for hire.
Was TrueCrypt all of a sudden supposed to be a virus scanner or malware remover ?
Comment removed based on user account deletion
The only winning move is not to play.
How about a nice game of chess?
* Obviously you must take your hard drive out of your pocket when you go through security.
* Also, it is necessary to boot from a CD. I'd like to see more information about that. Is it possible to get normal Windows started when booting from a CD?
If you don't agree, please come up with some more convincing argument. Besides, they were not having some "issues", they never got where they wanted to get.