bootloader for UEFI clearing BIOS keyboard buffer to prevent password leakage ?
Keystrokes are saved in a 32-byte circular buffer in the BIOS Data Area, located at address
0040:001Eh. Each keystroke being stored on 2 bytes, the first one being the ASCII code and
the second one the BIOS scan code, 16 inputs can be saved.
Once the system is started, if this buffer has not been cleared, it is possible to retrieve
the user password. VeraCrypt prevents this potential leak by zeroing the buffer with the
ClearBiosKeystrokeBuffer function.
http://www.ouah.org/Bios_Information_Leakage.txt
BIOS keyboard buffer
-
DavidXanatos
- Posts: 44
- Joined: Mon Jan 27, 2020 8:05 pm
Re: BIOS keyboard buffer
Given that the new DCrypt bootloader is based on the veracrypt one the issue should not be present.
Re: BIOS keyboard buffer
Could you elaborate, new DiskCryptor does not use the same bootloader that was bullet proof, now it uses crappy Veracrypt one?DavidXanatos wrote: ↑Tue Apr 28, 2020 9:24 amGiven that the new DCrypt bootloader is based on the veracrypt one the issue should not be present.
-
DavidXanatos
- Posts: 44
- Joined: Mon Jan 27, 2020 8:05 pm
Re: BIOS keyboard buffer
New DiskCryptor uses its own old bullet proof bootlaoder when installed on a MBR boot system,
and a new one that is based on Veracrypt's one when installed on a EFI boot system.
Whats so crappy about Veracrypt's one?
and a new one that is based on Veracrypt's one when installed on a EFI boot system.
Whats so crappy about Veracrypt's one?