2010-09-14 - the slides from my recent (re-)presentation (with lots of extra bits) at SEC-T 2010, will soon be online! exploit code [...]

2009-12-18 - The slides from my recent presentation at CRESTCon 2009, the 'replacement' for CHECKCon, are now online! exploit code for the demonstrations [...]


“>>>I<<< know the pointers are valid.”

"Third Party Windows Kernel drivers are really terrible."
"CREST and CESG have joined forces to host the first Ethical Security Testers Conference and we would like to invite you to this event."


On the 15th December 2009, I gave a presentation at CRESTCon 2009 held at Royal Holloway College, University of London. The presentation attempted to demonstrate just how bad Virtual Disk/Full Disk Encryption (VDE/FDE) drivers actually are! The presentation did of course feature DESlock+ very prominently. However, there were a few others featured, namely SecurStar DriveCrypt 5.3 (and "DriveCrypt - Plus Pack"), Utimaco Safeware (since bought out by SOPHOS) PrivateDisk 2.x and SafeBit.

The number of bugs found in these, as you might expect by now! is simply too high to estimate! however, the presentation slides are available below...