Export-level Encryption Proves Insufficient 517
rossjudson writes: "The Independent is running an article about the shoe bomber terrorist. The interesting bit for Slashdot readers is at the bottom -- apparently the 40-bit encryption in the export version of Windows 2000 was cracked by a set of computers using a brute force method. So let's confront the question: Should the US prohibit the export of high-encryption software? Here is a case where the default values (40 bit) clearly helped recover valuable information from a system." There's another article in New Scientist focusing on the encryption issue.
To really be safe... (Score:5, Funny)
Re:well that settles it.. (Score:4, Funny)
Yes, this is definately the way to go. (Score:5, Funny)
Even though Osama was able to get a bunch of people into US flight schools, he surely wouldn't've been able to go to CompUSA, buy a copy of W2K off the shelf, and somehow get a 5 x 5 x 1/16" piece of plastic outside a country with roughly 10,000 miles of borders and 1500 international flights daily. Nope, no way that coulda happened.
New slashdot poll (Score:3, Funny)
40 bit
128 bit
Cowboy Neal with a pen
Re:well that settles it.. (Score:3, Funny)
Yeah, yeah. That's what they all say... :-)
Rjindael is from Belgium! (Score:2, Funny)
What a dum idea.
Steve.
Re:It wasn't the 40 bit encryption that was at fau (Score:3, Funny)
Recorded voice: "Please press 1 if your call is related to the time-limited explosives exchange program. Please press 2 if you are experiencing problems igniting your shoes. Or please hold to speak to a support terrorist."
(time passes)
Recorded voice: "Please hold.. your call is important to us, brother. We are currently transitioning our support strategy to Compaq Global Services."
(time passes.. bad musak to the tune of "The Girl from Ipanema")
BoFA (Bastard Operator from Afghanistan): "Hello, caller, you're through."
T: "Hi, er.. yeah.. my laptop seems to be broken.. I can't decrypt my files!"
BoFA: "Are you using the Standard Terrorist Operating Environment?"
T: "Er.. no.. my cell leader says that this other routine we found on the internet is more secure."
BoFA: "I'm afraid we only support the STOE with W2K SP2 128-bit EFS."
T: "Is there anything you can do?"
BoFA: "You can wipe the laptop and start again. We can do that for you, but we'll have to charge 10,000,000,000,000 afghanis (or US$100) to your cost code."
T: "But it's got secret plans of the Pentagon on it!"
BoFA: "I'm sorry, I can't help you. If every terrorist picks their favourite non-symmetric crypto, we can't be expected to know them all. We're trying to run an elite multinational terrorist organisation here."
T: "Okay.. I'll try somewhere else. On another matter, can you help me with my Palm Pilot? I stuffed it with C4, and now it won't start properly."
BoFA: "I'm afraid we only support Pocket PC."
*click*
Re:It doesn't matter because: (Score:5, Funny)
That is probably why the export version of M$ Windows 2000 now ships with 128 bit encryption. The NSA knows that everything Microsoft does is flawed, but figures that it will lull the terrorists into a false sense of security...
Re:New slashdot poll (Score:3, Funny)
Jon Katz steganography.
Various Crypto Strengths.. (Score:3, Funny)
64 bit- You'll get my secrets when they're no longer of any use! (RC5 anyone?)
56 bit- Never! Never will you have my secrets. If never means three weeks from now anyway.
40 bit- You'll have to arm-wrestle me for access.
32 bit- You'll have to thumbwrestle me for access.
24 bit- You want access? You'll pry it from my cold, dead... Hey, give that back!!!
8 bit- What's your favorite color?
4 bit- Guess my shoe size
1 bit- Want access?
0 No
1 Yes
Re:New slashdot poll (Score:2, Funny)
Re:New slashdot poll (Score:4, Funny)
just a day at the office (Score:3, Funny)
Next thing, al-qaeda is owned by the l33t nsa haxors, and their credit card numbers are all over irc.
bummer for the sysadmin.