>...and for only $300.
>
http://www.elcomsoft.com/efdd.htmlnow come on...
Three Ways to Acquire Encryption Keys
Elcomsoft Forensic Disk Decryptor needs the original encryption keys in order to access protected information stored in crypto containers. The encryption keys can be derived from hibernation files or memory dump files acquired while the encrypted volume was mounted. There are three ways available to acquire the original encryption keys:
By analyzing the hibernation file (if the PC being analyzed is turned off);
By analyzing a memory dump file *
By performing a FireWire attack ** (PC being analyzed must be running with encrypted volumes mounted).
* A memory dump of a running PC can be acquired with one of the readily available forensic tools such as MoonSols Windows Memory Toolkit
** A free tool launched on investigator’s PC is required to perform the FireWire attack (e.g. Inception)
and the stuff following it - IMO describes only that you are not safe when your friendly gov
installed a virus or is in the room when you opened the encrypted data. Would not call that ***cracked***.
Leaving traces in hibernation files is something that security minded people have to think about -
in one of the VPN implementations I have to use I have to reconnect after every hibernation, in others not ;-)
