Defeating Whole Disk Encryption

From Forensics Wiki
Jump to: navigation, search

PGP Whole Disk Encryption has the ability to generate a "temporary key". Normally the use of the temporary key leaves a trace on the disk being cracked. But according to a recent cyberspeak podcast, when this feature is used on a hard drive that has a write-blocker attached, it still works.

BitLocker: You can unlock a drive with the cscript command, leaving the master key in the clear by using these commands:

 cscript manage-bdg.wsf unlock c:
 cscript manage-bdg.wsf autounlock enable c: