Defeating Whole Disk Encryption

From Forensics Wiki
Revision as of 00:03, 15 October 2007 by Simsong (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

PGP Whole Disk Encryption has the ability to generate a "temporary key." Normally the use of the temporary key leaves a trace on the disk being cracked. But according to a recent cyberspeak podcast, when this feature is used on a hard drive that has a write-blocker attached, it still works.

Bitlocker: you can unlock a drive with the cscript command, leave the master key in the clear. Use these commands:

 cscript manage-bdg.wsf unlock c:
 cscript manage-bdg.wsf autounlock enable c: