[FYI] (Fwd) Windows 2000 "Save plaintext passwords and encryption ke

["Axel H Horns" <horns@t-online.de>]

[Da freuen sich vor allem die Strafervolgungsbehoerden, da es jetzt 
bei beschlagnahmten W2000-Kisten mehr auszuwerten gibt.       --AHH]


------- Forwarded message follows -------
From:           	pgut001@cs.auckland.ac.nz (Peter Gutmann)
To:             	cryptography@c2.net
Subject:        	Windows 2000 "Save plaintext passwords and encryption keys to disk" facility
Send reply to:  	pgut001@cs.auckland.ac.nz
Date sent:      	Fri, 3 Mar 2000 12:01:13 (NZDT)

Windows 2000 includes a very dangerous feature as part of its power
management interface which saves the current system state to disk
before putting the system into hibernate mode.  Unlike the (already
considerable) problems with a swapfile, which creates the risk that
encryption keys, passwords, and other sensitive data will be written
to disk, the hibernate feature *guarantees* that this data will be
written to disk since the entire RAM contents are written to the
hibernat.sys file before the machine switches to low-power mode. 
Exact details on this are very sketchy
(http://www.microsoft.com/hwdev/onnow/), but it appears that this is a
fixed file like a swapfile.

Result: Anything which can read this file (insert any one of dozens of
"... remote users can read files on the machine" security holes here)
can grab your passwords, PGP keys, and anything else which is sitting
there in plain view.

Although this feature has been present on various laptops for awhile
(eg Thinkpads, Toshiba's), the fact that it's now built into the OS
(firmware- based hibernation which saves to files doesn't work with
NTFS or HPFS partitions) and that your keys get saved as a standard
file (as opposed to being squirrelled away on some hidden partition or
whatever) makes it somewhat more serious.  The only real fix for this
would be to encrypt the data as it's being saved.

Peter.


------- End of forwarded message -------