|
Message-ID: <BLU0-SMTP350226F8C86E55859480F5FD850@phx.gbl> Date: Fri, 21 Feb 2014 21:20:48 +0100 From: Frank Dittrich <frank_dittrich@...mail.com> To: john-users@...ts.openwall.com Subject: Re: Need assistance with encrypted Time Machine sparsebundle On 02/21/2014 08:19 PM, magnum wrote: > The good news is that the file created with dmg2john will contain no > sensitive information afaik, so you could publish it here and hope for > volunteers to help with global warming. This is not entirely true, so be careful. If you publish the dmg2john output and someone manages to find the correct password, he'll have all the information required to decrypt the data on your drive, should he ever get hold of it, or a copy of that drive. Even if you manage to find your password and change the password you used for that encryption key, you are still not safe. This is probably similar with LUKS or Truecrypt. If you change your password, the encryption key and almost all the data on the encrypted disk remains unchanged. So, you'd need to use another disk, encrypt that one (that way generating a new random encryption key, which you encrypt with you one password. Then, copy all you data to the new disk, and wipe out all data on the old disk before reusing it... Frank
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.