Does anyone remember seeing this? I really want to know if there was an update to his case. I thought I saw it on HN but I can NOT for the life of me find it now anywhere. Normally I’m not one to buy into “XYZ scrubbed QWERTY from the internet”, but I absolutely can not find this story ANYWHERE now and it seems like it should be easily found with keywords.
If anyone interested has a Twitter account, would you mind searching there for Truecrypt and Veracrypt to see what comes up? That’s the one place I haven’t looked because I don’t have an account.
I suspect you are remembering this event from April, but it was actually related to Linux LUKS encryption: https://mjg59.dreamwidth.org/66429.html .
That said, even with an older key derivation scheme, it seems unlikely they did a full brute force. Guessing they had some unreleased info that helped them open it.
If the user was using Windows, fast startup could have been enabled so they were able to extract the password from the RAM maybe? Other than that I don’t know
Late response, I haven't been on this account recently…
I understand that fastboot and similar things like the hive file if that's what it's called (ram writes to disk) or just a very quick tool/technique for cold booting/freezing RAM, but can just have fastboot enabled, enable them to extract the decryption key from RAM or disk?
I thought VeraCrypt started before everything… like a Linux bootloader.
Yeah I don't know