×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Undocumented Bypass in PGP Whole Disk Encryption

Zonk posted more than 6 years ago | from the seems-to-defeat-the-purpose dept.

Security 316

A non-mouse Coward writes "PGP Corporation's widely adopted Whole Disk Encryption product apparently has an encryption bypass feature that allows an encrypted drive to be accessed without the boot-up passphrase challenge dialog, leaving data in a vulnerable state if the drive is stolen when the bypass feature is enabled. The feature is also apparently not in the documentation that ships with the PGP product, nor the publicly available documentation on their website, but only mentioned briefly in the customer knowledge base. Jon Callas, CTO and CSO of PGP Corp., responded that this feature was required by unnamed customers and that competing products have similar functionality."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

316 comments

Fine by me.. (1, Interesting)

JackMeyhoff (1070484) | more than 6 years ago | (#20854227)

... choose a different product. This also is against their product description so report them to trading standards and demand refunds. What about Seagate Momentus FDE drives? DO they have a bypass also?

Re:Fine by me.. (0, Flamebait)

JackMeyhoff (1070484) | more than 6 years ago | (#20854271)

They also just lost credibility. Something that one needs in this kind of business. They shall now be treated as DISHONEST. Lets hope their unnamed big customer can afford to keep PGP in business as they lost mine. They can pay for my business PGP lost. Lets hope they are actually big enough.

Re:Fine by me.. (3, Insightful)

idontgno (624372) | more than 6 years ago | (#20854657)

They also just lost credibility.

Oh, I don't know. From the start, all the promised was Pretty Good Privacy. Not like Fort Knox, more like a combination padlock on an open-backed locker.

I find myself wishing more and more that Phil Zimmerman hadn't sold to NAI.

Does GPG have a full-disk mode? I think I could trust something with open source and reliable software freedom.

There was GPGDisk (4, Interesting)

Kadin2048 (468275) | more than 6 years ago | (#20855117)

The GPG program that you download doesn't do full-disk encryption; it's pretty purely a file/stream encryption program. I suppose you could use it for disk encryption, by streaming data through it on its way to and from a device, but that's not how it's normally used.

There is/was a program around that used GPG to do FDE, called GPGDisk. I'm not sure whether it used your installed copy of GPG to do the heavy lifting, or if it just included the same code, or worked using the same algorithms but had its own totally separate crypto engine. It was reasonably popular for a while, but I think a lot of people who were using it have now switched to TrueCrypt.

However, GPGDisk did offer some unique features, like the ability to encrypt a disk using a GPG key, and some fairly fine-grained access controls that you could set up for multiple users (IIRC). Every once in a while someone will mention it on the comments on Bruce Schneier's blog, so apparently it's still getting some use. But it doesn't offer some of the neater features that TrueCrypt does, like plausible deniability or containers-in-containers, I don't believe.

"Unnamed Customers" (3, Interesting)

WED Fan (911325) | more than 6 years ago | (#20854981)

How much do you want to bet that "unnamed customers" are synonymous with "various federal and state police agencies, DOD, and NSA"?

Takers?

Re:Fine by me.. (4, Insightful)

Dogtanian (588974) | more than 6 years ago | (#20855025)

They shall now be treated as DISHONEST. Lets hope their unnamed big customer can afford to keep PGP in business as they lost mine. They can pay for my business PGP lost. Lets hope they are actually big enough.
From everything that's been said, it seems that the worst that PGP can be accused of is not making clear the security implications of a feature that should have been better documented. And that's arguably quite bad- the worst case is a clueless user turning it on and feeling more protected than they should.

However, the feature isn't enabled by default. It requires cryptographic access *and* knowledge of its existence to turn it on. And if you already have cryptographic access, then the whole issue is academic.

You pompously declaring it "DISHONEST" in capital letters smacks of the typical random-geek's kneejerk first post on a messageboard thread. And FWIW, I don't know how much your oh-so-important business with them is worth anyway; I suspect that the other client probably *was* worth more. (Of course, it's quite plausible that the views of *many* smaller clients who disliked the feature would be a serious counterweight. However, if you're going to act like your *individual* view carries so much weight, expect scepticism).

Re:Fine by me.. (-1, Redundant)

Anonymous Coward | more than 6 years ago | (#20855035)

Lets hope their unnamed big customer can afford to keep PGP in business as they lost mine.

Unless you have a $3,000,000,000,000 per year budget, that sentence of yours is moot.

Re:Fine by me.. (5, Informative)

illegalcortex (1007791) | more than 6 years ago | (#20854563)

RTFA or at least TFComments (though that might be difficult in your rush to be first post). As many have pointed out, to turn on the feature, you have to already get past the encryption. It's not a "backdoor" in any sense. Someone who doesn't already know the passphrase can't use it to get access to the drive. Plus, this feature is turned off by default so the user has to actively enable it. You enter the passphrase, reboot the computer and on THAT boot, it doesn't ask you for a passphrase. Next reboot it does.

This actually DOES sound like a very good feature and I would hope other products have it, too. Wish the editors would RTFA, too...

Re:Fine by me.. (1)

paganizer (566360) | more than 6 years ago | (#20854615)

Have to admit, after RTFA, that I'm less inclined to worry about it.
Does anyone happen to know if this applies to the non-commercial versions, like 6.02i, or 6.5 user compiled? or is it only the commercial releases?

Re:Fine by me.. (0)

Anonymous Coward | more than 6 years ago | (#20854677)

so the user has to actively enable it

Or someone or something on the machine has to convince PGP that the user has actively enabled it.

Re:Fine by me.. (3, Insightful)

illegalcortex (1007791) | more than 6 years ago | (#20854711)

Or someone or something on the machine has to convince PGP that the user has actively enabled it.
And that "someone or something" has to already know the encryption passphrase to do this. Please think these things through.

Re:Fine by me.. (1)

cez (539085) | more than 6 years ago | (#20854915)

This feature of PGP notwithstanding, there is the age-old problem of shoulder surfing for the boot passphrase.


Personaly, I like boob surfing for the booty. Maybe a little motorboating while I'm at it.

Not turned off by default (0, Flamebait)

A non-mouse Coward (1103675) | more than 6 years ago | (#20854925)

The feature [blogspot.com] is there. It's not turned off in the sense that at every boot, the PGP Boot Guard is checking for the existence of the ("backdoor" or whatever noun you wish to use) account and attempting to decrypt the Volume Master Key with a static passphrase of hex x01.

It would be "disabled by default" if that function call did not exist in every customer's installation, until enabled later.

Interesting... (2, Interesting)

Paden (828815) | more than 6 years ago | (#20854251)

Having replaced laptop motherboards for Raytheon that had the pgp whole disk encryption and asking them if there was a way around it to check the os and their response being there is no way around it, I wonder "who" the unnamed customer was?

Re:Interesting... (0)

Anonymous Coward | more than 6 years ago | (#20855297)

1) Why are they sending the laptops with the Hard Drive's still in them? 2) Why do you need access to the OS? If the problem is with the motherboard and not the OS, don't you have a liveCD (or variant thereof) that'll let you do the diagnostics?

unnamed customers (5, Funny)

underwhelm (53409) | more than 6 years ago | (#20854255)

Maybe they were unnamed because there is No Such Agency?

And People Wonder Why Open Source! (3, Insightful)

SerpentMage (13390) | more than 6 years ago | (#20854317)

When it comes to encryption it is exactly for this reason why I use the "clunky", "hard to configure", "no GUI" Open Source!

I know what I have, and what I get, and what others cannot get... Not that I have anything to hide. Just that I like my privacy.

Re:unnamed customers (0)

kyofunikushimi (769712) | more than 6 years ago | (#20854523)

What do you mean "there is No Such Agency"? This sounds _exactly_ like something the NSA would--ohhhhhh... Yeah, over here at MY place of business we write in workarounds that defeat the entire purpose of our software... based soley on the whims of a couple of our customers. Happens all the time.

Random Example Bank or Retail would want this (2, Insightful)

billstewart (78916) | more than 6 years ago | (#20854933)

It looks very much like the kind of feature that a random bank or retail store would want - if the power goes out at a store, you want the system to be able to come back up and run the cash registers even though there's nobody technical enough to trust to press the "reboot" button much less connect a console and type in passwords.


If you RTFA, you'll see that it's a feature that you can only turn on if you've already got access to the disk, and PGP did it so it only works once.

Re:unnamed customers (4, Insightful)

moderatorrater (1095745) | more than 6 years ago | (#20854609)

A backdoor that's documented, although poorly, that you can disable and requires access to the unencrypted disk beforehand? If it were the NSA they wouldn't have allowed it to be documented and you couldn't disable. However, I can think of several large corporations that would require something like this and would have contracts large enough to justify changing the product for. Paranoia doesn't seem to be justified in this case.

Huh? (3, Insightful)

CoffeeIsMyGod (1136809) | more than 6 years ago | (#20854257)

"encryption bypass" ?

That basically turns the entire thing into a physiological magic trick.

Worse (0, Flamebait)

Valdrax (32670) | more than 6 years ago | (#20854579)

All of the performance penalty -- none of the security benefit.
It's purely crapware at this point. It eats CPU cycles to do nothing useful.

Never mind; mod me down. (2)

Valdrax (32670) | more than 6 years ago | (#20854633)

Didn't read the article -- didn't see that you can only bypass it by enabling it for the next reboot after which it returns to normal.

Re:Huh? (0)

Anonymous Coward | more than 6 years ago | (#20854709)

> That basically turns the entire thing into a physiological magic trick.

I certainly hope you meant psychological.

unnamed (1, Funny)

Anonymous Coward | more than 6 years ago | (#20854263)

unnamed customers? there's no such agency.

Re:unnamed (2, Funny)

Anonymous Coward | more than 6 years ago | (#20854461)

> unnamed customers? there's no such agency.

Once upon a hard drive bare
I pinged a host that wasn't there
It wasn't there again today
The host resolves to NSA.

- Burma Shave

why (-1, Redundant)

Anonymous Coward | more than 6 years ago | (#20854269)

What use is encryption if there is a backdoor?

closed source encryption software??!! (2, Insightful)

hxnwix (652290) | more than 6 years ago | (#20854281)

Come on, why would you even consider using such a thing?

Re:closed source encryption software??!! (2, Insightful)

moderatorrater (1095745) | more than 6 years ago | (#20854455)

Whoever modded that post flamebait is completely ignorant of the standards in the security agency, that commonly used security tools be completely open so that people can point out security flaws. With regards to this article, it sounds like the bypass feature was able to be turned on or off, and if they had documented it and let people know, then they could have taken the necessary steps to use it or not, depending on whether you were their unnamed customer.

In other words, the parent's point is perfectly valid.

Re:closed source encryption software??!! (2, Insightful)

dgatwood (11270) | more than 6 years ago | (#20854891)

This is not uncommon, though the lack of documentation is.... Most such encryption products offer the ability to specify a master encryption key across an organization. The way that works is that your individual crypto key protects a copy of the drive-specific crypto key, which then protects the drive. The company you work for has a master crypto key which is also used to encrypt the drive-specific crypto key. (Usually the latter part is done with PK crypto so the employee can only encrypt contents with what he/she has, not decrypt it.) The purpose for such a "back door" is that if an employee leaves the company, you aren't screwed.

Is there a reason to worry that there might be a secret NSA/FBI/CIA/KGB/Russian Mafia/Rush Limbaugh/Gary Coleman back door? Depends on whether you trust the security vendor. That said, I don't trust security software unless I can see the source code. If you and others can't inspect the code, then for all you know, the security could be nothing more than a little startup app that asks for a password and checks it against a cleartext string in BIOS before performing ROT13 on any data read from the partition. Security software is one of the few places where closed source software simply can never be trusted, and if you do, you are not paranoid enough.

Flamebait? I think not. (0)

Anonymous Coward | more than 6 years ago | (#20854743)

The parent is hardly flamebait. This particular scenario was predicted over 10 years ago on the Cypherpunks list.

Anyone remember the Clipper chip? This strikes me as version 2.0 of that failed venture.

And it's a pity, as PGP Inc's credibility completely.

The only people to enable would know about it (3, Insightful)

Anonymous Coward | more than 6 years ago | (#20854285)

And if anyone else can enable it, then they already have access to your computer anyway.

Did anyone read the response? (5, Interesting)

duplicate-nickname (87112) | more than 6 years ago | (#20854289)

Seriously, customers require this so IT staff can do remote support and reboot the machine remotely. It is only enabled for one reboot, and you must have cryptographic access to enable this feature. The only threat is if someone where to enable this, not reboot, and then have the machine stolen.

Why does crap like this make it to the front page of Slashdot?

Re:Did anyone read the response? (0)

CoffeeIsMyGod (1136809) | more than 6 years ago | (#20854355)

Why does crap like this make it to the front page of Slashdot?

Because there is only one page...

Re:Did anyone read the response? (3, Informative)

chill (34294) | more than 6 years ago | (#20854749)

No, there isn't. There are stories that only make it into category pages, like Games or Apple, but don't make it to the front page that everyone sees.

Re:Did anyone read the response? (1)

morgan_greywolf (835522) | more than 6 years ago | (#20854375)

Why not just ensure that the IT staff have, or at least have access to, the keys? Why the need for a backdoor?

Re:Did anyone read the response? (4, Informative)

Lothsahn (221388) | more than 6 years ago | (#20854605)

They do have access to the keys. That's the point.

They need to do unattended automated reboots of thousands of computers. These are enterprise customers.

They have the encryption key, and they want to apply security updates and reboot the computers. When the employees come to work in the morning, they expect the computers to be on and operational, as they left it.

If you don't use the feature, then it poses no risk. If you need to apply unattended updates to computers on a large scale, going to each computer and typing in the passphrase is not practical.

This is a non-issue, and a FUD article. You need to have UNLOCKED access to the encrypted volume to enable this feature.

Normal users using PGPDisk and not using this feature are at no greater risk for it existing.

Re:Did anyone read the response? (1, Insightful)

Anonymous Coward | more than 6 years ago | (#20854755)

What is it with everyone assuming NSA backdoor without spending the 2 seconds necessary to understand the simple concept at play here?

Some want to be able to boot their encrypted disks without having to enter a startup password. Its that simple. Yes its a stupid idea but some may have perfectly reasonable reasons for wanting it.

1. There is no backdoor.
2. The feature must be explicitly enabled.

Anyone claiming that a trojan can bypass it by setting the encryption password is wrong for two reasons:

1. If a trojan has that level of access to your system how do you intend to stop it from sending all of your data over the network, fetching your decryption key from memory structures or decrypting your whole disk without your knowledge while you sleep? If #1 is ever raised as a concern the game is already over and you have lost/0wned!

2. You need to know the decryption password to enable the feature.

Re:Did anyone read the response? (0)

Anonymous Coward | more than 6 years ago | (#20854577)

Actually, this is a reasonable feature to have. The problem is, not documenting this feature anywhere makes it impossible to properly audit security in an organization. Procedures for handling data security should have this kind of thing in mind.

For instance, an admin says "I'll enable this feature and tell the user to reboot their laptop at their convenience". User turns off his laptop, goes home, gets mugged and has his laptop stolen, and now the data is out there -- because nobody knew enough about the software to include a note in the procedure that says "don't let the user run off with the laptop while this is enabled".

It's just bad practice.

to put out some of the flames (4, Insightful)

trybywrench (584843) | more than 6 years ago | (#20854297)

from the response:

"We call it a passphrase bypass because that is what it is. It is a dangerous, but needed feature. If you run a business where you remotely manage computers, you need to remotely reboot them."

and

"You cannot enable the feature without cryptographic access to the volume. If you do not have it enabled, you are not affected, either. I think this is an important thing to remember. Anyone who can enable the feature can mount the volume. It is a feature for manageability, and that's often as important as security, because without manageability, you can't use a security feature."

makes pretty good sense to me

Re:to put out some of the flames (4, Interesting)

MalleusEBHC (597600) | more than 6 years ago | (#20854417)

Also, from his wording, it sounded like it is not enabled by default. In other words, you can actively choose to sacrifice a bit of security in order to make it work properly in your environment. Sounds like a nice feature to me.

Re:to put out some of the flames (5, Insightful)

mritunjai (518932) | more than 6 years ago | (#20854737)

You're missing the point!

Yes, it is a nice(TM) feature and might be useful, but that is not the problem.

The problem is that the feature is fricking undocumented. There is absolutely no way to know it is there and how to look out for it. It also means that you can't just know how many of these backdoors are in there. Is it only the first undocumented backdoor ? How many more of the convenience features are in there by customer demand ? How do they affect me ?

When it comes to security software or hardware any and all undocumented features are BUGS! It's a principle, not a convenience!

Re:to put out some of the flames (2, Insightful)

Rogerborg (306625) | more than 6 years ago | (#20855063)

Calm down, Sparky. It's documented to their customers, i.e. the people who actually need to know about it.

Re:to put out some of the flames (1)

Qzukk (229616) | more than 6 years ago | (#20854817)

Anyone who can enable the feature can mount the volume.

The million dollar question: If the volume is mounted, can anyone enable the feature, or do you need to re-enter the passphrase?

Re:to put out some of the flames (1)

Opportunist (166417) | more than 6 years ago | (#20854819)

I follow you this far. But care to explain why it is appearantly undocumented? A potential security risk in a software, no matter how sensible to exist, MUST be documented so a user not wanting this security hole to exist can plug it. Especially when there are simple switches in place to plug it.

Re:to put out some of the flames (1)

CastrTroy (595695) | more than 6 years ago | (#20854903)

Couldn't a virus or other program running enable this "feature" without the user knowing? Basically you could set up the virus to enable the feature on shutdown, and then steal their laptop afterwards. Then when the thief boots it up, no password required. I would probably be difficult to pull off, but people using whole disk encryption would probably have some interesting data to steal.

Re:to put out some of the flames (0)

Anonymous Coward | more than 6 years ago | (#20855091)

If you have a virus, you have most likely already passed safe and secure into the not quite safe, not quite secure area and encryption most likely won't save you.

There's a word for that. (0, Flamebait)

morgan_greywolf (835522) | more than 6 years ago | (#20854299)

It's called a 'backdoor'. If you're building backdoors into your disk encryption product, I don't want it. This is just another example of where free / open source software shines: you can know there are no backdoors in the tool because you have the source and can verify it for yourself.

Why is he modded down? (1)

WindBourne (631190) | more than 6 years ago | (#20854539)

This backdoor took a bit of time to figure out. The simple fact is that if I buy a product, I expect it it work correctly, in particular, I expect it to work as advertised. PGP says that your data is encrypted and safe. Obviously, it is not.

Re:Why is he modded down? (3, Informative)

Racemaniac (1099281) | more than 6 years ago | (#20854691)

well, read the other replies. apparantly it is a feature you have to enable yourself, which is useful in some cases, and is no security danger (unless you do stupid things with it). the entire story seems to be a non-issue... it's no real backdoor, just one you can enable for certain uses.

Lack of security, new product proposal (2, Funny)

sktea (692457) | more than 6 years ago | (#20854821)

I RTFA and the comments, and I realize that this constitutes a glaring security hole: even the owner of the data can gain access to it! For a REALLY secure system, I would expect to be barred access to any actual data I put in.

With that understanding, I am developing a new data security system using heretofore unrealized technology, and plan to bring it to market in the near future: look for products from BHS in stores during the month of No-never.

This message brought to you by the unique folks at BHS. Black Hole Systems: we are defined by our singularity!

Re:Why is he modded down? (4, Informative)

PylonHead (61401) | more than 6 years ago | (#20854877)

Because he failed to read the article correctly.

There isn't a backdoor. If you encrypt your hard drive, then lose it, nobody can read it.

If on the other hand, if you've encrypted your boot disk, and you want to remotely reboot your machine, you're going to need someway to feed the password to it before it can bring up the OS (and the networking layer).

This feature allows you to store a password for 1 time use. Then you reboot the machine, and when it comes up, it reads the password and erases it.

It's a useful feature. Doesn't effect you if you don't use it. Even if you do use it, you'd have to set the password then forget to reboot for it to be a problem.

Basically this whole story is a non-issue. The moderation on the grandparent is a reflection of his failure to reason through this.

Re:Why is he modded down? (1)

Iam9376 (1096787) | more than 6 years ago | (#20854955)

He was modded down because, like you, he did not RTFA which states this has to be explicitly enabled by the end user, it is not the default behaviour of the software and moreso it's not a backdoor, its a required feature for those who must do remote management.

PGP or not so PGP? (-1, Redundant)

192939495969798999 (58312) | more than 6 years ago | (#20854303)

I can't believe anyone would bother with a whole-disk encryption that had a back door password/etc... This would violate any sort of security requirements about sensitive data. The whole point is that if someone steals the pc, it becomes a useless brick, not that they can magically "recover" all the millions of SSN's on there or whatever else isn't supposed to be there in the first place.

Did you read the article? (1)

Joce640k (829181) | more than 6 years ago | (#20854465)

Did you read the article or any of the comments before posting that?

Didn't think so...

Re:PGP or not so PGP? (4, Informative)

dave420 (699308) | more than 6 years ago | (#20854541)

If you RTFA you'd see this feature is needed for anyone who remotely-boots their encrypted drive. The feature is not a backdoor - it has to be enabled by someone with cryptographic access to the drive, and it only works once per setting - reboot, and it's disabled. The only way this could be a security issue is if it's enabled, and before the drive boots up again, the drive is stolen. Features like this are needed, as without them, the drive is useless for remote management, and people won't use encryption, which is obviously far more insecure than having this feature and using it correctly.

Optional, right? (0)

Anonymous Coward | more than 6 years ago | (#20854309)

Sound like it is just temporarily storing the passphrase on the disk?
If it isn't stored, then there is no problem, right? It's not like
anyone can grab the disk and just turn it on.

Unlikely to be telling the truth (1)

Lead Butthead (321013) | more than 6 years ago | (#20854311)

A customer with enough volume to demand such a 'feature' (myself I prefer to call it a bug) surely can justify the addition of a compilation flag as oppose to incorporating into general release. I am incline to think it's more likely to be brown nosing the current US administration.

We all knew it was over (0, Redundant)

Deagol (323173) | more than 6 years ago | (#20854343)

When Phil sold out and went commercial with PGP. He may have saved face by leaving shortly thereafter, but it was too late. With monied interests involved, everyone knew the product's integrity was in question from the first day of the announcement. This just proves that you cannot trust a proprietary product for something as important as encryption.

Re:We all knew it was over (1)

illegalcortex (1007791) | more than 6 years ago | (#20854617)

So, after you've read the article, you'll preserve YOUR integrity by apologizing for jumping the gun. Right?

Re:We all knew it was over (0)

Deagol (323173) | more than 6 years ago | (#20854849)

What? Firstly, it wasn't documented initially, so they lost trust there. If a company introduces *any* circumvention into a product, they lose trust. I don't care if corporate execs or IT head honchos aren't comfortable with the inconvenience of using good crypto, but any back door is bad. Period. This is just another notch against PGP's reputation. When they introduced a master password to decrypt PGP-encrypted email a few years back (for corporate interests, of course), that was a bad thing. This is just as bad, and, from a true security standpoint, is unacceptable.

One of the trade-offs of using encryption is not having access to data which is encrypted (unless you have the password/key of course), as well as losing some functionality of the system it is installed on (as illustrated by this hack of a "feature" introduced to facilitate remote administration). If you're willing to punch holes into a a crypto system, then your data isn't worthy of that much protection. If you mis-trust your users to the point forcing a master password to unlock their data w/o their presence or consent, then you have no business trusting them with the data to being with.

They are going to fix this (0)

Anonymous Coward | more than 6 years ago | (#20854345)

By renaming it PNGP or Pretty Not Good Privacy.

What's the point? (1, Insightful)

Anonymous Coward | more than 6 years ago | (#20854359)

What is the point of encrypting the drive if it's automatically decrypted? (ie. the key would be stored plaintext somewhere on the drive) I just can't figure that out.

I don't like PGP in any case. I never have because all their stuff is proprietary. S/MIME, ASN.1, etc are all full blown public standards that do the things PGP does except using open interoperable widely adapted standards.

Heh (2, Funny)

jayhawk88 (160512) | more than 6 years ago | (#20854369)

"We are not the only maNufacturer to have Such a feature -- All the major people do, because our customers require it of us.

Re:Heh (3, Funny)

ch0ad (1127549) | more than 6 years ago | (#20854573)

"We are not the onlY manufacturer tO have sUch a feature -- All the major people do, because our cusTomers requIre iT of us."

Re:Heh (0)

Anonymous Coward | more than 6 years ago | (#20854847)

John Nash is that you?

What's the big deal? (1, Troll)

kismet666 (653742) | more than 6 years ago | (#20854377)

Its not enabled by default, its a feature that makes sense for servers that sit in a datacenter or a remote location. The PGP exec is correct, other full-disk encryption vendors offer similar features. Its not some sort of evil backdoor for Phil Zimmerman to come laugh at your paltry collection of porn.

Poster got it wrong (again) (1)

linuxgurugamer (917289) | more than 6 years ago | (#20854407)

As usual, the poster got it wrong. It is not a "backdoor", and if the poster had actually read the response from PGP he would have realized that in order to use this, you already need to know the cryptographic passphrase, AND that it is only good for a single reboot. This is required for remote administration. What are the chances that someone will be sitting by the computer, just waiting for it to reboot so they can steal the disk drive? Because that is essentially the only way for this to be exploited.

Re:Poster got it wrong (again) (1)

mlts (1038732) | more than 6 years ago | (#20854727)

I don't see how this is a backdoor either. Its intended for a remote admin to be able to reboot a secure machine, knowing that there is a slight risk of attack by a fairly sophisticated attacker in the time it takes from when the machine reboots to when it starts up and Bootguard gets the passphrase, zeroes it out on the hard disk, and continues the boot process.

This is needed functionality for a number of places, for example domain controllers at remote sites, which should have everything protected from booting forward, but still be able to be remotely accessed by the core IT people and rebooted for Windows updates without any need for intervention at the remote site.

One idea that PGP might do to mitigate the risk during the boot would perhaps be using the TPM module on newer servers, similar to BitLocker's functionality. When the command is issued for a remote reboot, PGP WDE would have the TPM store the key instead of having it on the hard disk, and after the boot process is successful, PGP would then tell the TPM to zero that information out. An added bonus would be that the TPM would detect tampering and not allow the machine to be rebooted should someone physically try altering it before Bootguard loads.

Is the bypass on or off by default? (1)

MacDork (560499) | more than 6 years ago | (#20854427)

According to TFA, the feature is off by default. To enable it, you must know the password. If someone else knows your password, you're screwed already. Why is this a big deal? I guess being undocumented makes it a bit shady, but the article doesn't say how long the feature has existed. It could simply be new. Anyone have better info?

Come on, RTFA... (1)

dculp (669961) | more than 6 years ago | (#20854479)

This isn't a back door or some secret agenda by some shadowy government agency. It is simply an IT tool to allow remote access to the machine. It is enabled ONCE and you must have cryptographic access to the machine in order to enable it. It is NOT enabled by default, it is a conscious decision to enable the feature made ONLY WHILE you have authorized cryptographic access. Once the machine is rebooted your back to normal.

The OP made it sound more ominous than needed when he said "unnamed customers". Why is everything on Slashdot a giant consipracy??

RTFA.

Re:Come on, RTFA... (0)

Anonymous Coward | more than 6 years ago | (#20854775)

Not so paranoid, practical: It's more likely or feasable and much faster to break one password then decrypt the content of the entire hard drive.

It also gives the HD owner a false sense of safety.

Time, money, amount of resources, deception are all very important for the daily operations of all "unnamed companies".

Re:Come on, RTFA... (1)

nagora (177841) | more than 6 years ago | (#20854841)

Why is everything on Slashdot a giant consipracy??

Yes...why is that? Who's behind it, that's what I'd like to know!

TWW

Truth in Advertising (1)

jamie(really) (678877) | more than 6 years ago | (#20854525)

Pretty Good Privacy. I'd rather have Absolutely Fucking Bulletproof Privacy.

Re:Truth in Advertising (1)

kismet666 (653742) | more than 6 years ago | (#20854655)

Not feasible if you plan on living somewhere on this planet and interacting with other people in any way.

Re:Truth in Advertising (1)

monkeySauce (562927) | more than 6 years ago | (#20854835)

What a coincidence, I am selling just such a product. Only, instead of PGP or AFBP, it is called SOP.

It is guaranteed to be absolutely fucking bulletproof. Buy now and we'll include an absolutely fucking bulletproof vest, for free! It's guaranteed! You can try it yourself!

TAG THIS: closedsource (0)

Anonymous Coward | more than 6 years ago | (#20854545)

Oh, the joys of closed source... Who is surprised?

Why do I have a deja vu feeling every time this shit happens... Then again, I feel schadenfreude at peeps using such software. And last but not least, there's nothing more stupid than using closed source security apps. Security by obscurity is DOA.

Fuck PGP, embrace GPG http://www.gnupg.org/ [gnupg.org]

"...REQUIRED by unnamed customers..." (0)

Anonymous Coward | more than 6 years ago | (#20854619)

"...REQUIRED by unnamed customers..." ... not requested, wishlisted... REQUIRED...
good old content analisys... so helpful, when it comes to "unnamed customers".

Many products allow disabling preboot auth (5, Informative)

bongk (251028) | more than 6 years ago | (#20854665)

There is an inherent flaw with many of the commercial laptop full-disk encryption solutions out there. I have the most experience with Utimaco's Safeguard Easy, but I know many of the other big players have the same fault -

The software has a feature called "Pre-boot Authentication", by which the encryption software is loaded after the bios, but before the (generally Windows) operating system. The user's password is used to generate the decryption key, so theorhetically not even the NSA could decrypt the laptop without the user's password.

Here's the flaw - the software has a checkbox to disable Pre-boot authentication. What this does is generate a default user with a random password, and then store this random password obfuscated but in clear-text in the same disk area decryption software. When you talk to the sales-people, they sell this as a feature, in fact about half of Utimaco's customers (so I'm told) run it in this mode because the encryption becomes transparent and it is much less intrusive on the user. (Basically the disk is automatically decrypted each time the laptop is booted, but you have to have a valid Windows login to get in.) Buried in the help documentation are warnings "For security reasons, you should Never disable pre-boot authentication". So the engineers and the company know the weakness of disabling pre-boot authentication, but they don't tell their customers when they sell the software.

Today it seems to break into these laptops with pre-boot authentication disabled you would need somewhat sophisticated tools and techniques, basically the same tools and techniques people commonly use to "crack" commercial software today. But I'm guessing that it won't be very long before someone takes the time to build this crack and releases it, rendering the laptop encryption useless to anyone who can Google for "Utimaco Crack", etc. Basically all the crack would need to do is grab the default user's password off the disk and use or duplicate the decryption algorithms that are also in clear-text on the disk.

I've talked to a number of IT security folks, and basically it seems like most people trust the sales folks and don't understand that its basically impossible to have strong encryption without having the decryption key stored off the disk (like on a smart card, or in the brain of the user.)

We use the worlds strongest safe doors (1)

Convergence (64135) | more than 6 years ago | (#20855241)

And we use a Post-it on the same door to remember the combination.

This dangerous, because it gives a false sense of security. Its an easy way to make full disk encryption have zero security benefit. Its might a feature that this feature is so obscure enough that security neophytes won't shoot their foot off. I'd be happiest if the feature automatically deleted the decryption key during the reboot. Thats enough to let IT do an unattended reboot and simultaneously discourage people from misusing the feature.

PGP corp (1)

Lord Ender (156273) | more than 6 years ago | (#20854695)

PGP is a hilarious company, these days. My company was going to do some consulting work for them, and they announced that we could not work with them unless we complied with their security "policy." We thought it would be no problem--our security is some of the best in the industry.

We read their "policy" and started laughing, however. It isn't a policy so much as a standard, which explicitly requires all computers run PGP Whole Disk Encryption. No other form of data protection is acceptable.

I'm inclined to send this message back to them and include "piss off" in my reply, but I don't know how much the potential contract was worth. But any way you look at it, PGP corp is a joke these days.

Undocumented Features != Security Product (0, Flamebait)

Seismologist (617169) | more than 6 years ago | (#20854751)

Jon Callas, CTO and CSO of PGP Corp., responded that this feature was required by unnamed customers and that competing products have similar functionality.



I wonder how this "undocumented feature" became a requirement? The article was vague about this and so was Mr. Callas's response. My tinfoil hat definition of "requirement" in this case is that a confidential US government agency swooped in and told them, make a back door or else... [insert some political pressure argument here]. The more rational and corporate version explanation I can think of is that certain people feared that losing the pass phrase will essentially lose everything which is not acceptable.


If the requirement is a legal requirement a la Patriot Act or whatever, it should have been mentioned by Mr. Callas. I don't see how he can be compelled without some legal reason to provide what is essentially a back door for the product on which his corporation relies on for its business, especially considering the potential loss in consumers confidence that there are no additional "undocumented feature(s)" in the product.

Re:Undocumented Features != Security Product (0)

Anonymous Coward | more than 6 years ago | (#20855331)

RTFA nitwit? it's *NOT* a backdoor.

the name of the product tells it all (1)

SethJohnson (112166) | more than 6 years ago | (#20854765)

If people wanted Really Good Privacy, they should have purchase encryption from a company called RGP, not Pretty Good Privacy.

Seth

TrueCrypt and GPG (1, Informative)

Futurepower(R) (558542) | more than 6 years ago | (#20854801)

As others have said, some parts of the U.S. government has become completely lawless. The government is requiring access and requiring that access be kept secret. The Bush administration has become a dictatorship. I think U.S. citizens should demand impeachment and that Cheney and the Decider be tried for treason. Why should the really big criminals be allowed to break the law?

My experience of whoever it is who sells PGP is that there are other issues about they way they do business, too.

That's why open source encryption is so important. TrueCrypt [truecrypt.org] supports Windows and Linux. Supports encrypted devices and encrypted folders, including hidden folders.

To encrypt a file, use the free open source Gnu Privacy Guard [gnupg.org].

They can't do whole hard disk encryption, but they are at least honest.

Re:TrueCrypt and GPG (2, Insightful)

king-manic (409855) | more than 6 years ago | (#20854839)

As others have said, some parts of the U.S. government has become completely lawless. The government is requiring access and requiring that access be kept secret. The Bush administration has become a dictatorship. I think U.S. citizens should demand impeachment and that Cheney and the Decider be tried for treason. Why should the really big criminals be allowed to break the law?

I keep hearing that the 2nd amendment would help in this situation but I haven't noticed any militias storming the local branch of the federal administration. I think the best way to protect Democracy is probably through self-motivated knowledge seeking and political activism on how things work instead of guns, but who can argue with a MP5.

Re:TrueCrypt and GPG (1)

rtechie (244489) | more than 6 years ago | (#20855319)

The problem with TrueCrypt, and I use it, is that the is no key recovery or remote management faculty. IOW, if you forget the passphrase (and/or lose the keyfile) your data is gone forever. This is considered unacceptable in many organizations, which is why they have this key recovery faculty.

It's still a crappy implementation. What they needed is a more sophisticated system that allows multiple keys and access levels. i.e. When a user creates a volume it also tags that volume with a "master key" that the IT team uses. Sure, this means that if that key becomes compromised you can get access to all the encrypted volumes on the network, but it's better than turning it OFF when IT needs access. BTW, this is basically how BitLocker in Vista works.

Without centralized key management, encryption products in the enterprise are a very bad idea. It's a great way to lose data.

Which full disk encryption to use? (2, Interesting)

Aminion (896851) | more than 6 years ago | (#20854931)

So which full disk encryption software does Slashdot recommend? Preferably FOSS and available for *Nix and Windows.

Password recovery should be possible..? (1)

lawaetf1 (613291) | more than 6 years ago | (#20854941)

So clearly the encryption system records the running password somewhere outside the encrypted volume if the auto-reboot is selected. One would assume that, upon reboot, the password gets overwritten.

We are constantly told that data that's only overwritten once on a magnetic drive is recoverable. So, if one could figure out which section of the drive gets the password written to it (an easy enough exercise given that the boot code that mounts the encrypted volume is in a fixed location and largely static) then one could steal a laptop and, assuming it had been auto-rebooted once before in its life, potentially recover the entire drive contents.

Beyond the capabilities of your average evil-doer but certainly possible.

I wonder if this was the NSA backdoor? (1)

deweycheetham (1124655) | more than 6 years ago | (#20855125)

I thought the developers had to put a backdoor in so the Big Boyz could crack it easyer. I wonder if this was it?

Don't worry, Vista is easier to crack (1)

Stu101 (1031686) | more than 6 years ago | (#20855187)

Seriously, it seems to me that this "loophole" just isn't.

Vista Bitlocker on the other hand, is not worth the disk space it consumes.

I have it on good authority from someone in the know (as in, it is in his job description) that cracking Bitlocker is easy. There is actually a course on "opening" bitlocked volumes, if you move in the right circles (think police forensics)

For my money I'd rather just use a good open source package.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...