Slashdot Mirror


Bootkit Bypasses TrueCrypt Encryption

mattOzan writes with this excerpt from H-online: "At Black Hat USA 2009, Austrian IT security specialist Peter Kleissner presented a bootkit called Stoned which is capable of bypassing the TrueCrypt partition and system encryption. The bootkit uses a 'double forward' to redirect I/O interrupt 13h, which allows it to insert itself between the Windows calls and TrueCrypt."

2 of 192 comments (clear)

  1. Re:LFP is doomed by sopssa · · Score: -1, Redundant

    It's not like nobody knew this was possible. If you have physical access to the computer, you can plugin hardware keylogger to get the crypt keys, or you can get them in countless other ways. Same applies to software, if your system gets rootkitted you've screwed anyways and its obvious your keys can get stolen.

  2. Re:Do I need to prepare? by Anonymous Coward · · Score: -1, Redundant

    Dban all the cp before it is too late, pal!