This attack involves installing malicious boot code to
snoop on the bitlocker password while faking a boot.
The attack will not be successfuk unless all of the
following holds true:
1) The attacker must gain physical access to the
machine without leaving traces which could make the
rightful user suspicious
2) The machine must allow boot from an alternate
device
3) The rightful user must then use the compromised
machine and enter the bitlocker password (which is
then recorded in a private section of the disk)
4) The attacker must then AGAIN gain access to the
machine. Not it can be stolen and the password (and
thus the data) can be retrieved.
IBM Sponsored Resources
Resources from our Sponsor
- Oracle Exadata vs IBM: Netezza Compared
- Forrester TEI Report
- CIA Whitepaper
- Harnessing the Power of Advanced Analytics
- Tapping into Unleashed Business Potential with Advanced Analytics
- Unlock Analytic Performance with Revolution R for Enterprise and IBM: Netezza Data Warehouse Appliance
The best of ZDNet, delivered
ZDNet Newsletters
Get the best of ZDNet delivered straight to your inbox
