Biometrics, although less reliable and less consistent, is another. Requiring a strong password and, say, a USB key with a long, random authentication key on it BOTH required to boot into a volume is one way. Anyone worried about such attacks should ALWAYS implement some sort of multi-factor authentication. That idiom remains true regardless of whether or not your hard drives are encrypted.Įdit: now, there are ways to mitigate this vulnerability. Because it's every bit as valuable and vulnerable to someone who knows what they're doing. The rule is "treat your laptop as if it were a stack of cash". And this is why you never leave your laptop on your desk when you go home if you work in an office. In fact, this sort of attack ("evil maid"/"janitor" attack) is EXACTLY why even security amateurs know that it's best to put your laptop in your room safe if you're at a hotel if you're going to leave it in your room. For those that have repeated access, all it does is make data theft more difficult. The purpose of encrypted volumes is to disallow access to those who might STEAL your laptop or those who might try to access your data if you misplace your laptop, not those that have repeated physical access to it.
#TRUECRYPT OLD VERSION SOFTWARE#
Let me put this perfectly clearly: if you can boot into a software environment (doesn't even have to be an OS) that accepts input - be it from the network or from physical I/O ports on the machine - you are vulnerable to a keylogger attack. It was never designed nor has anyone in authority ever claimed that this sort of encryption is immune to a keylogger attack simply because that's not the sort of attack that it's designed to thwart. No, faulting TrueCrypt for being "vulnerable" to a keylogger or hardware attack IS foolish.
0 kommentar(er)
