科技回声

Archive link for anyone who's stuck behind some sort of captcha (sorry, I don't make the CDN decisions here) <a href="https://archive.is/5hu2x" rel="nofollow">https://archive.is/5hu2x</a>

From the article linked in the article, it seems they were able to get into bitlocker as well.My speciation is there's a decent probability the password(s) were discovered by law enforcement through some other means, likely reuse.That said, it would be best to maintain a heightened awareness for any advanced attacks or other similar incidents.

tl;dr check for desirable presence of argon2id as key derivation function in the output of<pre><code> lsblk sudo cryptsetup luksDump /dev/sd[xy] </code></pre> or more terse (not sure if this works for luks1 header format too)<pre><code> sudo cryptsetup luksDump /dev/sd[xy] --dump-json-metadata | jq '.keyslots | .[].kdf.type' </code></pre> if you see anything but argon2id, consider migrating. Thanks for the explanation and PSA @mjg59<a href="https://anarchistnews.org/content/update-ivan-alocco" rel="nofollow">https://anarchistnews.org/content/update-ivan-alocco</a> has the english translation of the letter by comrade arsonist anarchist

Archive link for anyone who's stuck behind some sort of captcha (sorry, I don't make the CDN decisions here) <a href="https://archive.is/5hu2x" rel="nofollow">https://archive.is/5hu2x</a>

PSA: Upgrade your LUKS key derivation function

3 条评论

PSA: Upgrade your LUKS key derivation function

3 条评论