Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [Full-disclosure] Drive Crypt Plus

From: Security Lists <securitylists () uniontown com>
Date: Fri, 10 Feb 2006 09:54:10 -0500
Since nobody else replied to you I'll throw in my limited experience.
I have associates who use it. Seems to work very well except Hybernate/Suspend functions cease to work (a good side effect actually). One nice thing it does is simulates a hard drive failure as the login prompt (optional) in case someone steals the laptop.
I did a very basic Bart PE boot test and a live Linux CD boot and it was unable to use the encrypted partition. I did nothing more.
They also have a drivecrypt container application (not the Plus), and it was pretty nice in that you can burn a container with an executable and a few associated files on a CD and it will open in any computer without installing anything if you know the passwords. Nice convenient way of securing specific data on CDR.
The Plus package encrypts the entire partition on the fly, and they claim to only have 1% performance impact. The user I am aware of has noticed no performance hit (not a power user though).
Don't know if this helps you or not. I too would like to know if anyone's looked for weaknesses in the product. 

-Mark Coleman



M4ch3T3 Hax wrote:


Dear All,
The company I work for are currently testing a hard drive encryption using Drive Crypt Plus. Does anyone out there have any experiences (good or bad) using this? Has anyone got any experience with penetration testing this product or extracting data from disks encrypted with this product? Any replies would be appreciated! Cheers. 

------------------------------------------------------------------------

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/




------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: 

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: