2

We evaluate using Windows EFS on Amazon EBS. There is a report about Windows flaw that allows you to copy data from an encrypted volume as described in this article: http://slashdot.org/topic/bi/the-windows-flaw-that-cracks-amazon-web-services/

Aside from the Amazon staff, can other Amazon multi-tenant customers mount the entire volume as described?

Bob Ortiz
  • 6,234
  • 8
  • 43
  • 90
isobretatel
  • 121
  • 2
  • 1
    That article is pretty poor to be honest (if you read the comments on that page there's a good enumeration of the flaws in it). If the attacker has got as far as having enough access to your AWS account to mount disk images you're in trouble already. If you're seriously worried about that use Full disk encryption (e.g. Bitlocker, Truecrypt), although be aware of the availability issues that can cause when used on servers... – Rory McCune Jan 09 '14 at 16:08
  • The attack he outlines doesn't obtain data from an encrypted volume, he only says that getting encrypted data is "probably" possible if you can hack the user's password (which is true of any encrypted data): "The system has access to the private key, and so a hacker could potentially gain access to it as well. In fact, the private key is itself encrypted using the hash for the user’s password. That hash is easily obtainable as outlined above. From there, you could probably write further code that will unlock the private key. Then with the private key in hand, you could decrypt all the files." – Johnny Jan 09 '14 at 18:12

0 Answers0