Friday, September 14, 2018

Security Flaw in “Nearly All” Modern PCs and Macs Exposes Encrypted Data

Zack Whittaker:

Modern computers overwrite their memory when a device is powered down to scramble the data from being read. But Segerdahl and his colleague Pasi Saarinen found a way to disable the overwriting process, making a cold boot attack possible again.

[…]

It’s no secret that if you have physical access to a computer, the chances of someone stealing your data is usually greater. That’s why so many use disk encryption — like BitLocker for Windows and FileVault for Macs — to scramble and protect data when a device is turned off.

But the researchers found that in nearly all cases they can still steal data protected by BitLocker and FileVault regardless.

However, it sounds like the newer Macs with T2 chips are not vulnerable because the key doesn’t leave the Secure Enclave.

Comments RSS · Twitter

Leave a Comment