Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
Ask HN: SafeBoot
3 points by ErrantX on July 15, 2009 | hide | past | favorite | 11 comments
Im having an argument with a client; hopefully HN can make sure I am the sane one.

He's basically lost the password to his laptop - the issue is he has lost the SafeBoot password. Which is full disk encryption as I am sure you know.

So, I tell him this and say "sorry I am not going to waste my cluster time trying to break AES encryption" :)

But he claims that it can be done because another consultant says there is a dictionary attack tool going about.

Now I am not completely stupid but I cant find and have never heard of such a tool. Finding naughty programs like that is not usually a problem but my usual resources turned up blank

I had a minor play with the SafeBoot boot sectors (argh, hacking that stuff is fun for some I know, but bah!). I also gave it a bit of cluster time (after tracking down a reasonably performing AES256 implentation) but no joy (tbh I think my "solution" test was wrong).

So. Sanity check: I am right in saying no such tool exists?



I have no comment on the tool you're talking about, but some obvious facts come to mind...

I am not familiar with this product and may be wrong...but it seems as though this password is entered before the OS is booted. The only code that runs before that point is in the MBR (http://en.wikipedia.org/wiki/Master_boot_record). The maximum length of code is 446 bytes. Disassembling this amount of code should be trivial for a hacker.

Additionally, it makes no sense to break AES256 as other have pointed out, but there is no reason to do so. Presumably, the encryption software must know the key to decrypt the drive in order to boot (I'm assuming). So the key has to be in long-term storage (ie. on the hd itself) in some form or another.

If one were so inclined, it would seem that the easiest approach would be to disassemble to MBR to determine where it finds the key, and then use the key to decrypt the hd.

I'd love to hear comments if I'm way off. This sounds kinda fun.


You will never perform a brute force attack against an AES256 key. You might be able to brute-force his password, depending on how strong it is and what key derivation function SafeBoot uses.


yup, that's the problem. None of that information seems to have been researched - it's definitely possible to take that approach but he's not paying us enough for me to reverse engineer SafeBoot and do it :)

Just checking there really was no tool/research already.

EDIT: I did find some brief info on which files it moves, and I think i might have some sectors with data in that we can verify. But nothing on the key algorithm - which is crucial.


Sounds like he's the kind of guy who might use super simple passwords. Ask him what kind of pw it was -- if it was a single word, etc. He may have some fuzzy memories, which could help you out.

You could brute force his password if it's simple. But you'd have better luck going to a hypnotist to enhance his memory.

Sorry.


If he has no idea of the rough form of his password then perhaps it isn't his in the first place.

Or perhaps he wants you to go back and tell that it is impossible so that he can be sure that full disc encryption really is secure.

Sorry if any one finds that overly cynical.


welcome to my catch22. Not crossing the line is really difficult - there have been times when a laptop turns up that is obviously nicked... (for whatever reason). From reputable sources too.

This is above board though (long term trustworthy customer - who is also totally dopey with computers).

We sent him it back in the end :) the "consultant" is giving it a shot.. he quoted 24hrs, £2,000, half up front :o


Here's an idea: Full-disk encryption software should disable itself as soon as it detects that your backups are not up to date. Of course, if you have no backups it should refuse to encrypt your disk in the first place.


Let him get the other consultant to do that work then.


well that's the plan :) but he's not a one off client so if I am insane and there is a way I'd rather not let another guy show us up (my boss would hang me out :P)


If there are some implementation-specific ways to recover the pw, then it'd be possible. But if he had a reasonably-complex password, then I wouldn't waste my time trying to break it.


It's probably fairly possible (just for background we have quite a big decryption cluster and a python/c based infrastructure for me to work with) but it's reverse engineering SafeBoot to make sure we get it right that's a pain - I cant find any research into that either.

AFAIK SafeBoot moves the data that would be simplest to use to identify the decryption success (i.e. the standard stuff at the start of the disk) so picking the right bits to test would be the hardest part.

Also not sure what their key generation mechanism is (and cant find research into that) so we would probably need to test the full 256 bit key (rather than a shorter password).

= painful.




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: