Bitlocker No Real Threat To Decryption? 319
An anonymous reader writes "The Register is running a story called 'Vista encryption 'no threat' to computer forensics'. The article explains that despite some initial concerns that lawbreakers would benefit from built-in strong encryption, it's unlikely the Bitlocker technology will slow down most digital forensic analysts. What kind of measures does one need to take to make sure no one but yourself has access to your data? Is Bitlocker just good enough (keeping out your siblings) or does it miss the whole purpose of the encryption entirely?" One would hope an international criminal mastermind could do better than the encryption built into Vista.
Re:PGP? (Score:2, Interesting)
Re:Well for one (Score:2, Interesting)
It's a logical conclusion--not only is it "a" logical conclusion but it is the most probable conclusion. The people with the strongest backgrounds in computer security, working for Microsoft, will be associated with other people with the strongest backgrounds in computer security. Those with the strongest backgrounds in computer security are most likely to be associated with governmental agencies, and in possession of the necessary security clearances, which allow them to work there.
Thus, those who know the most deeply buried exploits for Windows Vista (especially the exploits which may even be specific to particular hardware) are in the social circles which are closest to organizations such as the NSA.
It's all very statistical and it makes perfect sense. The only possible defeat would be if Vista had no security exploits and we don't need to cite any links to know that is false.
Summary of article (Score:4, Interesting)
"If you don't use encryption technologies properly, they will not serve it's purpose."
Re:Does it have the same problem I've seen? (Score:3, Interesting)
Re:I use TrueCrypt (Score:2, Interesting)
http://www.truecrypt.org/docs/wear-leveling.php [truecrypt.org]
The above link is the official explanation, but the jist of it is on a USB drive with wear leveling the drive will evenly spread data over the entire drive to extend the life of the drive. This means that truecrypt can not ensure that the old header is overwritten if you do something like change the password on the drive.
My understanding is that if you encrypt the entire USB drive and never change the password you should be OK.
Re:How does this compare to FileVault? (Score:3, Interesting)
Or a really big botnet [google.com].
Duh.
Agree: TrueCrypt useful (Score:5, Interesting)
Having researched TrueCrypt and compared the alternatives, I have started using it routinely. It's not so much that I have something to hide, or that what I want kept private requires as strong an encryption as TrueCrypt. It's more than I simply want a convenient way to encrypt something, forget about it, and not have to worry about it later.
My personal financial data resides in a TrueCrypt volume. To lock up all of those files, I just umount the volume, and that's it.
I also wanted to make an offsite backup of our more valuable personal data in case of disaster, such as a fire that burns down our home, destroying the backups stored at home. For example, we have some digital photos with some irreplaceable priceless memories. So I decided to burn them onto DVD and have my relatives, who live out of town, hang onto copies. But relatives can be nosy, and interspersed in the photos could be things I don't want other people to see, from badly taken photos that "make me look fat" to photos of bank statements and legal documents for which we wanted to store a non-paper copy.
So, I created TrueCrypt volumes of the appropriate size to burn to DVD, and then stashed our photos inside. We've got about 4 years' worth of photos (JPEGs) on two (different) DVDs with our relatives in two locations.
I don't want to encrypt something with cheap encryption, and then worry 4 years down the road when someone discovers a flaw in the scheme. You might ask, "What? Are your non-geek relatives going to go about cracking your encryption?" You never know. What if I become someone --let's not say famous, but prominent? Say some sort of social activist fighting for software freedom? Who knows what could happen to my offsite backup DVDs in 4 years --suppose some hired maid accidentally dumps them in the trash, and are noticed by the neighbourhood trash-diving geek? What if some big company or other enemy happens to get their hands on copies and try to use some embarrassing photos to pressure me? I want to be able to rip off my tinfoil hat and laugh, "Don't be ridiculous! That would never happen!"
TrueCrypt gives me that peace of mind. Among its other features is multiple scheme encryption. Are you worried that AES might get cracked next year? Encrypt with AES, and then encrypt the result with Blowfish.[1] Or Twofish first, then CAST5. TrueCrypt offers multiple options, and it does not store the result anywhere. How does it know that you used AES-then-Blowfish encryption? Because it tries all of the schemes one by one. It tries AES alone with the password you gave. Doesn't work. Tries Blowfish alone. Tries about half a dozen other single-encryption schemes. Then it tries the multiple combinations: Blowfish-Serpent, then AES-Blowfish, etc., going down the list until something works. If nothing works, then it concludes that you entered the wrong password.
It's not a perfect solution, and one drawback with TrueCrypt is that I can't use it on my work computer where I don't have administrator rights. But otherwise it has all the advantages I'm looking for: secure, cross-platform, on-the-fly, open source freedom
Just like a screwdriver: when I want to use it, I don't want to have to Google for user manuals. I just want to do what I need with it, and not have to think about it.
---
[1]: Incidentally, the advantage of AES-with-Blowfish is *not* that you can't crack Blowfish even after the AES on your TrueCrypt file is cracked. Once your AES crypto is cracked, the password is known and the same password will be used for the Blowfish decryption. (Remember, TrueCrypt is open source --once the
First hand experience (Score:5, Interesting)
Face it, you ain't gonna get there with more horsepower.
But, the guy's a Bronco fan? Index broncos.com and add it to the dictionary. Enter his wife, daughter, marriage date, favorite car, and pets. The dictionary generation software has taken great strides in Making lists of MuffySpot1996 type entries.
Not enough to crack your password? Hmm. Better hope you didn't use it with another program that happened to write it's ram to swap. The forensics tools index EVERY number and word on the drives you enter into evidence. Evidence can be data from your iPod, cellphone, and PDA. It can be from the exchange server and it can be from hotmail.com
Is he Russian? Add the russian dictionary to the search.
So, here's what we have: a Custom dictionary, Russian and English dictionaries, an index of every unique character string captured on all removable and non-removable storage.
That's a lotta chinks in the armor. And Crooks usually aren't that smart.
It was a very enlightening class. During the lab it _easily_ guessed my tier two and three passwords...it didn't get my tier one Passwords, but I didn't enter all my evidence for submission either.
Re:I use TrueCrypt (Score:2, Interesting)
Now, as for "plausible deniability", consider this scenario: You have an encrypted volume on a USB key with a hidden volume within it. If you give TrueCrypt password1, it shows you the encrypted volume. If you give it password2 instead, it shows you the hidden volume. If someone takes your USB key and threatens to torture (arrest, whatever) you unless you give them the password, you give them password1. There is no way for them to tell whether or not another volume exists. You can deny that a hidden volume exists and there is no way for anyone to prove you wrong.
If you still don't get it, check the explanation at the TrueCrypt website here [truecrypt.org] and here [truecrypt.org].
Re:Well for one (Score:3, Interesting)
If you're willing to throw a little money at it, that's fairly easy to ensure, actually.
First, you use a hardware security module to generate the key pair, configured to refuse to ever give up the private key. Ever. With a good HSM, even if the attacker has complete control of the device odds are slim that he can extract the key.
Second, you put this hardware security module in a secure facility, with appropriate processes in place to ensure that the HSM never leaves the building, under any circumstances, regardless of who wants it to, and that only authorized people with appropriate need have access to the HSM to use it to decrypt disks.
Barring (1) a significant mathematical breakthough and (2) a huge improvement in the practicality of large quantum computers, that won't happen. It's easy enough to use a sufficiently large key that Moore's law would have to continue unabated for millions of years to make a brute force search feasible.
Assuming it's not the NSA that wants your data. OTOH, if the NSA wants your data badly enough, they're almost certainly going to get it. Unless you're dead.
The biggest problem with this sort of backdoor, IMO, is that it's too easy for the user to defeat. All the user has to do is to overwrite the copy of the disk encryption key that is encrypted with the NSA key with some random data. The system could be designed to make that difficult, of course, but it will never be impossible, not on a general-purpose computer.
Microsoft software "easy to use"? Ha. Hahahahaha (Score:3, Interesting)
In other words, Microsoft really hasn't learned much about security over the last 10 years. They still design security systems that are prone to operating in insecurely. This looks like the "Do you want to run this ActiveX control?" dialog all over again.
Re:PGP? (Score:5, Interesting)
So, if you're on trial in Minnesota, you'd better not be using a Mac? Or Linux, since many distributions also include GnuPG.
Conclusion: Use Windows to be safe. It's encryption software is bad enough to not make you go to jail.
Re:First hand experience (Score:5, Interesting)
"oneringtoholdthemallandindarknessbindthem"
Throw in the following three things:
1) Capital letter
2) Number
3) Special char
"onerinGgtoholdthemallandindark666nessbin!dthem"
Now remember the "special words": rinGg, dark666ness, bin!d, you'll find those much easier to remember in context.
The length kills any brute force attack, with the added "typos" the number of permutations is huge, killing any dictionary attack. In fact, this one is probably way overkill already.
Re:Linux Unified Key Setup (Score:3, Interesting)
If a user has a 1GB Truecrypt volume, but has only used up 100M, this could be indicative of a hidden volume, or it could be that the user hasn't used up all the available free space on the volume. Even if the investigator suspected there was a hidden space, he'd need some evidence that the suspect had an additional encryption key over the one supplied.
Now, this could be found through surveillance of the suspect beforehand (keyloggers, hidden cameras, etc.), but that applies to encrypted USB sticks as well. In addition, there's a chance that your USB stick might be discovered, whilst there's no danger of the same thing happening to a Truecrypt volume. So far as I can see, an encrypted USB stick is considerably less secure than a hidden Truecrypt volume.
Of course, for extra security, why not a hidden Truecrypt volume on an encrypted USB stick?
Re:My computer's a little more advanced (Score:2, Interesting)
0 - 0
1 - 4
2 - 4
3 - 8
4 - 5
5 - 0
6 - 6
7 - 15
8 - 5
9 - 2