Home Security
PC Matic
PC Matic VPN
More Products
Support Unlimited
Identity Theft Protection
PC Magnum
Threat Awareness
How PC Matic Protects You
SuperShield Whitelist
Compare PC Matic
Norton
McAfee
Avast
AVG
Business Protection
PC Matic Pro
PC Matic MSP
Solutions
Allowlisting
Script Enforcement
Device Control
Patch Management
Remote Tools
Integrations
Server Security
Learn More
Resellers
Affiliates
Resources
Case Studies
Compare PC Matic Pro
ThreatLocker
Airlock Digital
VMware Carbon Black
AppLocker
For Federal
Partner Programs
Managed Service Providers
Channel Partners
Affiliate Partners
OEM Partners
Resource Center
All Resources
Case Studies
Data Sheets
User Guides
White Papers
Blog Resources
PC Matic Blog
Business Security
Home Security
Cyber News
Scam Alerts
Customer Service
Home Support
Business Support
Learn More
Getting Started
Knowledgebase
Tech Support Scams
Fake Virus Scams
Tools & More
Ransomware Center
Internet Speed Test
PC Matic
About
Careers
Learn More
Industry Recognition
Leadership
Commercials
Stay Up-to-Date
Newsroom
Blog
Events
TechTalk Podcast
Home Customers
My Account
PC Matic App
Add a Device
Renew Subscription
Business Customers
Business Login
Business Support
Search

Popular Encryption Systems Cracked

by Lincoln Spector for Windows Secrets Newsletter

Popular Encryption Systems Cracked

Conventional wisdom has been that files protected with good encryption can’t be cracked.

But a new, $300, wizard-driven app can unlock BitLocker-, PGP-, and TrueCrypt-encrypted files, folders, and drives — no matter how strong a password you’re using.

It’s the sort of story that could keep you up at night. Last month, Elcomsoft released the Elcomsoft Forensic Disk Decryptor (EFDD; more info), a program that opens encrypted files without trying to guess your password or attack it with brute force (Wikipedia info). In fact, the actual password is effectively irrelevant. A long, random string such as bS2f#[voIT+?@=Uq3a,.B provides no better protection against EFDD than would “password” or “12345.”

That’s the bad news. The good news? EFDD works only within a limited set of conditions — and those conditions are actually fairly easy to avoid. And it’s not as if just anyone could put down $300 and use EFDD to quickly crack encrypted data. Although it’s wizard-driven, EFDD is not all that easy to use.

Encryption cracking without guessing passwords

First, it’s important to note that products such as EFDD serve a legal, legitimate purpose. If a user has forgotten his or her password, these forensic programs can restore access to otherwise lost data. If an employee purposely or accidentally locks a company out of its critical business files, password crackers are a perfectly legitimate recovery tool.

Other examples of legitimate uses for EFDD-like applications include Windows’ own Encrypted File System (EFS) — an encryption tool I don’t recommend. Windows automatically decrypts EFS-encrypted files when they’re opened (provided you’re properly signed in to the OS.) The process is so transparent, you can forget that you have encrypted files. Then, when your computer dies or you have to reinstall Windows, you suddenly discover your files are inaccessible. Microsoft provides a fix, but you need to have prepared for its use ahead of time.

Article continued here

This excerpt appears with permission from Windows Secrets Newsletter.

Stop Responding to Threats.
Prevent Them.

Get Protected

Want to get monthly tips & tricks?

Subscribe to our newsletter to get cybersecurity tips & tricks and stay up to date with the constantly evolving world of cybersecurity.

Related Articles

How to Fight a Malware War

malwar

A tip-filled conversation with Andrew Brandt, director of threat research at Solera Networks, reveals some of the ways hackers sneak malware into PCs.

Read More
March 25, 2013

Tech Support-call Cons

phonescam

“Hello. This is Microsoft Tech Support. Your PC has notified us that it has an infection.” The call is a scam — an extremely prevalent one. Here’s how it works and what you need to know to stay out of the trap.

Read More
March 1, 2013