Quote from: powerball69 on December 20, 2012, 03:43 pmHey sorry if this is old but i just found this article. http://www.theregister.co.uk/2012/12/20/elcomsoft_tool_decrypts_pgp/ElcomSoft has built a utility that forages for encryption keys in snapshots of a PC's memory to decrypt PGP and TrueCrypt-protected data.ElcomSoft's gear can extract these decryption keys from a copy of the computer's memory, typically captured using a forensic tool or acquired over Firewire. Once it has the key, the protected data can be unlocked.If the computer is powered off, the analyser can retrieve the keys from a hibernation file on the disk, in which the operating system saves the state of the machine including its main memory.Algorithms allow us to analyse dumps of computers volatile memory, locating areas that contain the decryption keys. Sometimes the keys are discovered by analyzing byte sequences, and sometimes by examining crypto containers internal structures," Katalov explains.Dont know if we are all affected by this since i dont really understand it but i thought i should try to spread the word anyway.This is just a commercial variant of the so-called "cold boot" attack originally developed by a team at Princeton University. See: Lest We Remember: Cold Boot Attacks on Encryption Keys - https://citp.princeton.edu/research/memory/NC