FITUG e.V.
Förderverein Informationstechnik und Gesellschaft
FITUG e.V.Förderverein Informationstechnik und Gesellschaft |
|
[Da freuen sich vor allem die Strafervolgungsbehoerden, da es jetzt bei beschlagnahmten W2000-Kisten mehr auszuwerten gibt. --AHH]
------- Forwarded message follows ------- From: pgut001@cs.auckland.ac.nz (Peter Gutmann) To: cryptography@c2.net Subject: Windows 2000 "Save plaintext passwords and encryption keys to disk" facility Send reply to: pgut001@cs.auckland.ac.nz Date sent: Fri, 3 Mar 2000 12:01:13 (NZDT)
Windows 2000 includes a very dangerous feature as part of its power management interface which saves the current system state to disk before putting the system into hibernate mode. Unlike the (already considerable) problems with a swapfile, which creates the risk that encryption keys, passwords, and other sensitive data will be written to disk, the hibernate feature *guarantees* that this data will be written to disk since the entire RAM contents are written to the hibernat.sys file before the machine switches to low-power mode. Exact details on this are very sketchy (http://www.microsoft.com/hwdev/onnow/), but it appears that this is a fixed file like a swapfile.
Result: Anything which can read this file (insert any one of dozens of "... remote users can read files on the machine" security holes here) can grab your passwords, PGP keys, and anything else which is sitting there in plain view.
Although this feature has been present on various laptops for awhile (eg Thinkpads, Toshiba's), the fact that it's now built into the OS (firmware- based hibernation which saves to files doesn't work with NTFS or HPFS partitions) and that your keys get saved as a standard file (as opposed to being squirrelled away on some hidden partition or whatever) makes it somewhat more serious. The only real fix for this would be to encrypt the data as it's being saved.
Peter.
------- End of forwarded message -------