Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Would this be a way to access a password protected machine?


  • Please log in to reply
12 replies to this topic

#1 MarkMackerel

MarkMackerel

  • Malware Study Hall Sophomore
  • 68 posts
  • OFFLINE
  •  
  • Local time:06:10 PM

Posted 14 March 2018 - 08:01 AM

Say I am using Mac or Windows OS and I have my machine password protected. So nobody can log on without putting in a password. Now lets say someone boots up from a bootable USB holding Tails OS or Linux, whatever. I'm pretty sure they can access my hard drive files. correct?



BC AdBot (Login to Remove)

 


#2 JohnC_21

JohnC_21

  • Members
  • 23,282 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:10 PM

Posted 14 March 2018 - 08:08 AM

If you are talking about a Windows login password and the drive is not encrypted then yes, a bootable USB of linux could read the drive.



#3 mikey11

mikey11

  • Members
  • 1,375 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Psychiatric Ward @ Beelitz-Heilstatten Hospital, Beelitz, Germany
  • Local time:07:10 PM

Posted 14 March 2018 - 08:09 AM

yes they can access your files that way



#4 MarkMackerel

MarkMackerel
  • Topic Starter

  • Malware Study Hall Sophomore
  • 68 posts
  • OFFLINE
  •  
  • Local time:06:10 PM

Posted 14 March 2018 - 08:17 AM

If you are talking about a Windows login password and the drive is not encrypted then yes, a bootable USB of linux could read the drive.

 

I thought so. What about Mac? Say im using an Apple Laptop password protected but not encrypted or are all Apple Laptops encrypted


Edited by MarkMackerel, 14 March 2018 - 08:18 AM.


#5 JohnC_21

JohnC_21

  • Members
  • 23,282 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:10 PM

Posted 14 March 2018 - 08:27 AM

linux can read Apple's HFS+ file system if the drive is not encrypted. Apple's new file system is encrypted.

 

https://www.cultofmac.com/435718/apfs-new-apple-file-system/

 

Windows can be encrypted with a third party software like Veracyrpt or using Bitlocker.



#6 mikey11

mikey11

  • Members
  • 1,375 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Psychiatric Ward @ Beelitz-Heilstatten Hospital, Beelitz, Germany
  • Local time:07:10 PM

Posted 14 March 2018 - 08:55 AM

 


 

I thought so. What about Mac? Say im using an Apple Laptop password protected but not encrypted or are all Apple Laptops encrypted

 

 

 

 

what is it that you are afraid of??

 

in reality ANY drive can be read by somebody who knows how to do it.....

 

all you need to do is remove the drive from the machine and hook it up to another computer,

 

the COMPUTER may be password protected......but the HARD DRIVE is not



#7 MarkMackerel

MarkMackerel
  • Topic Starter

  • Malware Study Hall Sophomore
  • 68 posts
  • OFFLINE
  •  
  • Local time:06:10 PM

Posted 14 March 2018 - 08:57 AM

linux can read Apple's HFS+ file system if the drive is not encrypted. Apple's new file system is encrypted.

 

https://www.cultofmac.com/435718/apfs-new-apple-file-system/

 

Windows can be encrypted with a third party software like Veracyrpt or using Bitlocker.

 

I see. Did Apple machines that were bought before the new file system was introduced get a free update to the new file system?



#8 MarkMackerel

MarkMackerel
  • Topic Starter

  • Malware Study Hall Sophomore
  • 68 posts
  • OFFLINE
  •  
  • Local time:06:10 PM

Posted 14 March 2018 - 08:58 AM

 

 


 

I thought so. What about Mac? Say im using an Apple Laptop password protected but not encrypted or are all Apple Laptops encrypted

 

 

 

 

what is it that you are afraid of??

 

in reality ANY drive can be read by somebody who knows how to do it.....

 

all you need to do is remove the drive from the machine and hook it up to another computer,

 

the COMPUTER may be password protected......but the HARD DRIVE is not

 

 

I thought the apple hard drives are encrypted? This would not work in that case?

 

I'm just trying to increase my knowledge on security



#9 mikey11

mikey11

  • Members
  • 1,375 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Psychiatric Ward @ Beelitz-Heilstatten Hospital, Beelitz, Germany
  • Local time:07:10 PM

Posted 14 March 2018 - 09:10 AM

 


 

 

I thought the apple hard drives are encrypted? This would not work in that case?

 

I'm just trying to increase my knowledge on security

 

 

 

encrypted or not doesn't really matter when it comes to somebody with enough knowledge on how to get around it



#10 MarkMackerel

MarkMackerel
  • Topic Starter

  • Malware Study Hall Sophomore
  • 68 posts
  • OFFLINE
  •  
  • Local time:06:10 PM

Posted 14 March 2018 - 12:22 PM

 

 


 

 

I thought the apple hard drives are encrypted? This would not work in that case?

 

I'm just trying to increase my knowledge on security

 

 

 

encrypted or not doesn't really matter when it comes to somebody with enough knowledge on how to get around it

 

 

 

https://www.theguardian.com/technology/2017/mar/23/francis-rawls-philadelphia-police-child-abuse-encryption



#11 mikey11

mikey11

  • Members
  • 1,375 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Psychiatric Ward @ Beelitz-Heilstatten Hospital, Beelitz, Germany
  • Local time:07:10 PM

Posted 14 March 2018 - 12:37 PM

 

 

 

According to court documents obtained by Ars Technica, the case started in 2015, when the Delaware County criminal investigations unit got a warrant to search Rawls’ home after investigating his online activity. Officers seized two iPhones, an Apple Mac Pro and two external hard drives and got a warrant to examine their contents. Rawls refused to give up the passwords required to decrypt the hard drives, which were encrypted with Apple’s FileVault software.

 

"That didn’t stop digital forensics experts from finding incriminating content", including an image of a pubescent girl in a sexually provocative position and logs showing the device had been used to visit sites with titles commonly used in child exploitation. The forensic investigation also revealed that Rawls had downloaded thousands of files known by their “hash” values to be child abuse images


Edited by mikey11, 14 March 2018 - 12:38 PM.


#12 MarkMackerel

MarkMackerel
  • Topic Starter

  • Malware Study Hall Sophomore
  • 68 posts
  • OFFLINE
  •  
  • Local time:06:10 PM

Posted 14 March 2018 - 12:45 PM

 

 

 

 

According to court documents obtained by Ars Technica, the case started in 2015, when the Delaware County criminal investigations unit got a warrant to search Rawls’ home after investigating his online activity. Officers seized two iPhones, an Apple Mac Pro and two external hard drives and got a warrant to examine their contents. Rawls refused to give up the passwords required to decrypt the hard drives, which were encrypted with Apple’s FileVault software.

 

"That didn’t stop digital forensics experts from finding incriminating content", including an image of a pubescent girl in a sexually provocative position and logs showing the device had been used to visit sites with titles commonly used in child exploitation. The forensic investigation also revealed that Rawls had downloaded thousands of files known by their “hash” values to be child abuse images

 

 

 

I thought that if you encrypt something properly then it's impossible to decrypt. I mean, it anything CAN be decrypted but it can take computers a very long time to decrypt it, like well beyond a human lifetime?



#13 JohnC_21

JohnC_21

  • Members
  • 23,282 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:10 PM

Posted 14 March 2018 - 02:24 PM

Personally, I can't see anybody decrypting a Veracrypt volume, especially with a "key" file and long pass-phrase.


Edited by JohnC_21, 14 March 2018 - 02:25 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users