Articles in Episodes
Rob Fuler, aka Mubix, of Room362.com joins us to expand on last week’s discussion about the Cold Boot attacks. We cover retrieving memory from live systems, analysis with tools like volatility, and file recovery with foremost. Mubix calls it forensics for the gray hat.
When it comes to recovering encryption keys from memory nobody has a more intriguing method than Princeton University researchers. We explore a method known as the “Cold Boot Attack”. Plus, a clever DirectX injecting UI widget for your PC games that means the end of ALT+Tab.
What’s your best defense against a boot CD that breaks Windows passwords in two keystrokes? Encrypting your entire hard disk. Shannon’s got the details on truecrypt drive encryption while Darren brings up plausible deniability with hidden volumes.
Building the ultimate white box ESXi server for under $2000! Can it be done? Darren and Matt grab the company credit card and answer that question.
