

$300 app can crack full-disk encryption on Macs, PCs - geekfactor
http://arstechnica.com/security/2012/12/cheap-app-cracks-pgp/

======
0x0
This looks to be the old firewire-DMA attack, with a similar thunderbolt-DMA
implementation as well. I was of the impression that these attacks no longer
worked since recent machines limit IO DMA access to RAM. Also, they would
require the computer to be running (or at least suspended) to have any chance
to work.

In short, sounds like a non-story.

------
GiraffeNecktie
The article claims that hibernation files are vulnerable when using Truecrypt,
but according to the release notes from version 7, July 19 2010:

"As Windows XP and Windows 2003 do not provide any API for encryption of
hibernation files, TrueCrypt has to modify undocumented components of Windows
XP/2003 in order to allow users to encrypt hibernation files. Therefore,
TrueCrypt cannot guarantee that Windows XP/2003 hibernation files will always
be encrypted. Therefore, if you use Windows XP/2003 and want the hibernation
file to be safely encrypted, we strongly recommend that you upgrade to Windows
Vista or later and to TrueCrypt 7.0 or later. For more information, see the
section Hibernation File. "

<http://www.truecrypt.org/docs/?s=version-history>

