Full Disk Encryption Hard For Law Enforcement To Crack 575
If you'd rather keep your data private, take heart: disk encryption is a lot harder to break than techno-thriller movies and TV shows make it out to be, to the chagrin of some branches of law enforcement.
MrSeb writes with word of a paper titled "The growing impact of full disk encryption on digital forensics" [abstract here to paywalled article] that illustrates just how difficult it is. According to the paper, co-authored by a member of US-CERT, "[T]here are three main problems with full disk encryption (FDE): First, evidence-gathering goons can turn off the computer (for transportation) without realizing it's encrypted, and thus can't get back at the data (unless the arrestee gives up his password, which he doesn't have to do); second, if the analysis team doesn't know that the disk is encrypted, it can waste hours trying to read something that's ultimately unreadable; and finally, in the case of hardware-level disk encryption, tampering with the device can trigger self-destruction of the data. The paper does go on to suggest some ways to ameliorate these issues, but ultimately the researchers aren't hopeful: 'Research is needed to develop new techniques and technology for breaking or bypassing full disk encryption.'"
I wish this was the case in the UK (Score:5, Informative)
I wish this was the case in the UK, any encryption keys have to be handed over when asked by the police or .Gov
Re:I wish this was the case in the UK (Score:5, Informative)
So use TrueCrypt and a hidden volume. Give them the keys to your outer volume. It mounts and they can browse your collection of Lolcats. Let them prove that's not what they were looking for.
Re:I wish this was the case in the UK (Score:5, Insightful)
If they know it's a truecrypt drive, they probably would suspect that there's another partition so will try and charge you anyway for withholding.
So basically they make your life hell for a year till charges are dropped and would use any little excuse to question & detain you.
Re:I wish this was the case in the UK (Score:5, Insightful)
And if that, then what happens when truecrypt suddenly accepts multiple hidden partitions or other more complex schemes? Everyone goes to jail because lawmakers somehow ascended beyond full retard?
REFRIGERATED crustacean pix? (Score:5, Funny)
You are in violation of the laws forbidding the manufacture, sale and possession of chilled prawnography.
Re:REFRIGERATED crustacean pix? (Score:5, Funny)
You are in violation of the laws forbidding the manufacture, sale and possession of chilled prawnography.
A good strong shell ought to keep him out of trouble. Don't Bash it if you've not tried it.
Re: (Score:3)
How long have you been waiting to use that one?
Re:REFRIGERATED crustacean pix? (Score:5, Funny)
Re: (Score:3)
That was a bad pun... tsch tsch.
Re:REFRIGERATED crustacean pix? (Score:5, Funny)
Surely you meant: tcsh tcsh.
Re: (Score:3)
Indeed, a c shell might be more available in this case.
Re: (Score:3)
What you need is a red herring partition that contains a lot of sensitive but not illegal information. Fill it up with a lot of documents on various radical protests or government conspiracies... the thing that paranoid lunatics would see fit to hide behind strong encryption. Hopefully the authorities will be convinced that this is the "illegal" information you were trying to hide and ignore any other possibilities.
-Restil
Deniable encryption only works in theory (Score:5, Interesting)
Countries that respect and protect a right to free speech would not outlaw such a system, but unfortunately such countries are few and far between. Deniable encryption encryption works in theory, but in practice the existence of non-deniable encryption makes it hard for people to claim that they are innocent users of a deniable encryption system. While there are innocent uses of such a system (perhaps your business secrets are so valuable that being tortured for them is not beyond the realm of possibility) they are few and far between; deniable encryption is tool for protecting your data from a government, and for all their talk about China and Iran, most western governments are not interested in having citizens who can secure their communications and data from police investigations.
Re:Deniable encryption only works in theory (Score:5, Insightful)
IMHO, plausibly deniability is for reasonable and less motivated opponents (e.g. some family members). If you're worried about a less savory type, you need to visibly destroy the data. E.g., put it on RAM disks that will shut down if someone opens your closet door and doesn't type the correct code in 30 seconds. You'll be charged with destruction of evidence in a courtroom, and presumed guilty elsewhere, but it's a calculated risk. Wiping the header that is used to convert your password into the actual crypto key is another possibility that potentially allows for later recovery, but your opponent may assume that as well.
Re: (Score:3, Insightful)
Am I missing something here? The physical disk has a known, fixed size. When the size of all the volumes you have discovered (including their free space) add up to the size of the physical disk, you've found everything.
Re:Deniable encryption only works in theory (Score:5, Informative)
the outer volume, when mounted in "unsafe" mode uses the entire disk partition, thus there are three ways to log into a TC volume with a hidden partition:
Into hidden volume, with hidden password: see hidden volume, outer volume as unavailable.
into outer volume, with both outer and hidden password: outer volume mounts, hidden volume shows as unavailable.
into outer volume, with outer password only: outer volume mounts entire space as one volume, all space available, contents of hidden volume may be overwritten, but all space appears consumed.
in practice to make the outer volume look valid you should place sensitive info there:
tax returns for clients if you are a CPA (while the cooked books are on the hidden volume).
"normal" porn if you are a married person (while the CP is on the hidden volume).
company confidential design docs if you are an engineer (while the hidden volume contains competitor trade secret info).
etc.
The point being that you should make the outer volume both useful and not small so that it will have data churn.
Also, to defeat casual perusal of your filesystem by random people who may access your computer I am fond of storing my truecrypt volumes as alternate data streams/metadata to normal files. I have a 500 gig drive with a single mp3 on it that is only 3 min long, yet the disk is full :)
-nB
Re: (Score:3)
Re:Deniable encryption only works in theory (Score:4, Interesting)
Steganography software does not need to be on your computer, it can be on a web service. Also, encryption itself is not outlawed in most places (this would make everyone a criminal who visits a https site for example), you just have to hand over the password if asked. Now hidden drives can be found by scanning the hard drive, but steganography can't.
Re: (Score:3)
Steganography software does not need to be on your computer, it can be on a web service
That aside, if the web service is illegal, you have the same problem as before: you need to somehow connect to an illegal website without getting caught by the police. Tor does a reasonable job at this, but a country that makes steganography illegal would certainly make Tor illegal as well. Tor does a good job of disguising itself as a typical TLS connection, but it is nowhere near good enough -- on several occasions nations have been able to blo
Re:I wish this was the case in the UK (Score:5, Informative)
From the actual paper (worth reading if you have academic access):
Challenges can also arise when a defendant appears to be cooperative. For instance, the defendant may provide incorrect decryption details but the defense may claim that the encrypted container was damaged in some manner, which was why it would not open.
They also list several court cases where truecrypt FDE rendered the machines inaccessible many years after the fact.
Re:I wish this was the case in the UK (Score:4, Insightful)
I have a great little program that produces random numbers out of the random.data file.
Funny thing is, truecrypt thinks it's a partition...
Re:I wish this was the case in the UK (Score:5, Insightful)
where they'll find some kinky and embarrassing (but not illegal) stuff to keep them busy. At worst they'll think you're a secret crossdressing BDSM fetishist or whatever
I recommend BDSM furry granny porn. Just so they don't try to claim the 30-something girl in the porn is 17 and falsely charge you with child porn possession just for kicks (it's happened).
Re:I wish this was the case in the UK (Score:4, Informative)
Don't try that in Australia. BDSM porn is illegal in Australia.
Re: (Score:3)
Re:I wish this was the case in the UK (Score:5, Insightful)
Secondly, the authorities demanding you hand over the key (strangely enough) isn't covered under fifth amendment rights, so again, they can demand you hand over the keys, or you could be jailed almost indefinitely.
Finally, there are some interesting articles by Bruce Schneier on alternate means of incrimination. www.schneier.com/paper-truecrypt-dfs.pdf
In short, there are many ways to give a judge the idea that the use of a hidden volume is likely (ie: check path histories for previously opened files, check temp folders, etc). Not only would these indicate the possibility of a hidden volume, but some files that were meant to be encrypted may be 100% available (eg: Microsoft Word makes temporary backups of files in your %APPDATA% folders in case it crashes and you want to recover your work; as one example). Unless one is very diligent and knows what he/she is doing with respect to encrypting data, it would seem the only safe method is to encrypt the entire disk and boot off of it exclusively, all while keeping the machine itself disconnected from the internet to avoid hacking attempts, and locked in massive safe so the authorities don't install a keylogger (application or physical device) or start taking snapshots of your disk daily to aid in cracking the password.
You may be able to secure your data, but with multiple means of data accidentally being leaked due to the OS or various applications used in day-to-day life, along with unscrupulous policing agencies allowed to overrule fundamental civil rights, it is likely that one will ultimately lose their data and/or freedom either way.
Re: (Score:3)
As I understand it, the fifth amendment does not apply if you've written the key down, if it is only in your mind then you should be fine, and failing that you can forget the key.
Re:I wish this was the case in the UK (Score:5, Interesting)
Unfortunately, it's not difficult to look at the OS for evidence that the hidden partition exists. Even if they don't realize its a truecrypt hidden volume, they might start asking for usb drives that you haven't turned over.
www.schneier.com/paper-truecrypt-dfs.pdf
Re:I wish this was the case in the UK (Score:5, Insightful)
It takes a pretty exceptional human to actually remember a useful crypto key, so most systems store the key for you and depend on a password, passphrase, and/or some sort of hardware device to grant access to the key. If the system that actually stores the crypto key is designed to resist tampering, there are a reasonable number of initial attempts at forensics that might trip tamper detection and cause the key to be wiped, irrevocably.
Your classier cryptographic coprocessor modules offer such tamper resistance, and the enthusiasm of DRM peddlers and corporate customers who have backups; but really, really, hate data-breach stories will likely continue to push it further down into cheaper and more common business desktops and laptops.
(Even the TPMs of today may be pretty tricky to subvert without pissing them off, though I don't think that they are required to adhere to the same anti-tamper standards as the more serious hardware security modules).
Re:I wish this was the case in the UK (Score:5, Interesting)
It takes a pretty exceptional human to actually remember a useful crypto key
Not really. How hard is to remember a paragraph from your favorite novel or lyrics from a popular song. It's even better if you *mis-remember* the quote/lyrics so that you're the only one who would come up with the result even if someone tried to brute force the key by scanning all your books and listening to all your music.
Perhaps something like:
While the music played you worked by candle light, those San Francisco nights - you were the best in town, Just by chance you crossed the diamond with the pearl, you turned it on the world, that's when you turned the world around
Or maybe:
I was alone I took a ride, I didn't know what I would find there. Another road where maybe I could see another kind of mind there. ooh and I suddenly see you, ooh did I tell you I need you? Every single day of my life.
Try and brute force those keys. Using punctuation makes it even harder. And these are the first verses to well known songs. Use the third verse of an obscure song (one you don't like would be even better). The music makes it much easier to remember and just about anyone can remember songs/lyrics.
Some people just have zero imagination. Sigh!
Re: (Score:3)
It's even better if you *mis-remember* the quote/lyrics
Who knew that kissthisguy.com [kissthisguy.com] would become the #1 password dictionary.
Re:I wish this was the case in the UK (Score:5, Informative)
You can take a published string and make it a reasonably secure passphrase by adding enough entropy to it, but you still have to remember the entropy that you've added. Why not just start with a diceware passphrase and memorize the entropy directly?
Re:I wish this was the case in the UK (Score:5, Informative)
You sound like someone who hasn't seen this [explainxkcd.com] yet, but would enjoy it.
Re:I wish this was the case in the UK (Score:5, Funny)
You use password #1, but if arrested you give up password #2.
Re:I wish this was the case in the UK (Score:5, Insightful)
We need an encryption package that has *two* passwords:
You use password #1, but if arrested you give up password #2.
That's brilliant, but how do you get the police to use this software? Especially after they've pulled the drive out and plugged it into their forensics kit?
Re: (Score:3)
If the encryption was in hardware (on the drive controller), also no issue.
*Any* solution will not get around pulling out the hard drive, swapping its controller, and running forensics - but if the key/algorithm is sufficiently strong it would take them a while. The thing is that most computer crime labs try the easy things first - so put in a booby trap at one of the easy steps.
Re: (Score:3)
Wrong. The idea that the encryption *algorithm* is resistant to analysis is one of the most common mistakes beginners in encryption make. Only the key makes the encryption hard to break.
So, how would the police go about decrypting my drive encrypted with a commercial program with the key of 1234? Because, from my experience dealing with police and FBI computer forensics, they'd use the same program and type in "1234" like they were a user. Perhaps the NSA would just look at the screen and no longer see the code, but see "blonde, brunette" without seeing the code, but those actually doing the work in the vast majority of cases would use the program as loaded on the disk.
You made the begi
Re: (Score:3)
Re:I wish this was the case in the UK (Score:5, Insightful)
These days, the disk controller for the disk drive is logically tied to the hard disk drive platter itself, by an encryption key. If you tried swapping round the controllers to repair the disk drive, that wouldn't work as the encryption keys are different.
You wouldn't even get the disk information sector back.
Re:I wish this was the case in the UK (Score:5, Insightful)
Or what?
They'll prosecute you for not giving them your password?
If they had enough evidence that they were able to get a search warrant to get the data on your computer, you were probably already about to be prosecuted for something pretty substantial.
If you had a choice between being prosecuted for not giving them your password or being prosecuted for whatever else you were about to be prosecuted for, I expect that in most cases you'd want to be prosecuted for not giving them your password.
The government can threaten you with an alternative prosecution, but they can never actually compel you to give up your password.
Re:I wish this was the case in the UK (Score:4, Insightful)
Re: (Score:3)
In the US, you have the right to remain silent. Fifth Amendment gives you protection against self-incrimination, so supposedly if you refuse to hand over the key the court isn't supposed to assume it means you're guilty.
Of course, the Bush administration did threaten people like John Walker Lindh or the Lackawanna Six with being sent to Guantanamo indefinitely if they didn't plead guilty, so we're not exactly in great legal territory.
"more research?" (Score:5, Funny)
well we [the industry] will be just happy selling encryption with the tagline: so secure - no one can break it - except your average McForensic dude with a software package you can torrent. See, secure!
Re:"more research?" (Score:4, Insightful)
well we [the industry] will be just happy selling encryption with the tagline: so secure - no one can break it - except your average McForensic dude with a software package you can torrent. See, secure!
More like the software industry wants to remain friendly with the Department of Justice, and will gladly push a DoJ-approved cryptosystem on their customers unless their customers start jumping ship. Remember the clipper chip and how a certain large telecom was prepared to play along?
Re: (Score:3)
Re:"more research?" (Score:5, Funny)
Clearly these police departments are not familiar with using VisualBasic to make a GUI.
Re:"more research?" (Score:5, Informative)
want to see a lawyer's head explode?
(we all do. read on...)
tell them you support jury nullification.
its almost like telling an electrical repairman that there ARE user-repairable parts inside and that that label is pure hogwash.
lawyers and judges are so smug sure that 'judging guilt' is a hard job, to be left only to those 'qualified'.
the thing is, the so-called pros have done such a bad job over the last few decades, I can't believe that even a random roll of dice would be worse for carrying out justice. perhaps that would even be an upgrade. getting 50/50 would probably BE an upgrade over what we have now.
the fact that regular people are taken out of the loop is actually a safeguard that they are bypassing.
but dare talk to a friendly lawyer about this and they'll likely bite your head off. and if you are in voire dire and dare tell anyone that you are even aware of what JN means, you are immediately dismissed as a juror. worse: if you don't let on during VD and then vote your concience, you can be jailed for contempt!
all for following a legally allowed american principle; but one that has an unspoken 'do not admit to its existence' rule about nullification.
see fija.org for more info. people should all know about this. its one of the best parts of our system, in fact!
Re:"more research?" (Score:4, Funny)
but dare talk to a friendly lawyer about this and they'll likely bite your head off. and if you are in voire dire and dare tell anyone that you are even aware of what JN means, you are immediately dismissed as a juror. worse: if you don't let on during VD and then vote your concience, you can be jailed for contempt!
That's why I wear a "I Support Jury Nullification!" button to jury duty. I still get to work at the normal time on those days.
obligatory (Score:4, Funny)
http://imgs.xkcd.com/comics/security.png [xkcd.com]
Re: (Score:3)
Fortunately, as bad as they've gotten, police in the US still try to maintain the facade that they count as the "good guys", at least to the extent that they don't (frequently) torture information out of people.
Trick, cajole, threaten, inconvenience, stress, discomfit, and a whole host of other verbs that come just shy of it, but not quite outright torture yet.
Re:obligatory (Score:5, Insightful)
Re: (Score:3, Funny)
It's not torture, it's a freedom tickle.
Re:obligatory (Score:5, Insightful)
Trick, cajole, threaten, inconvenience, stress, discomfit, and a whole host of other verbs that come just shy of it, but not quite outright torture yet.
From the videos of what the US police have done this week I wouldn't be so sure.
http://boingboing.net/2011/11/18/police-pepper-spraying-arrest.html [boingboing.net] for instance.
(I would call pepper spraying someone so much they're coughing up blood 45 minutes later torture, but maybe Americans call it 'discomfort'.)
Re:obligatory (Score:5, Insightful)
Keep in mind that there's this thing called "extraordinary rendition", where you can be a U.S. citizen detained on U.S. soil by U.S. agencies - and end up somewhere in Egypt, where the local goons are politely asked to obtain the keys from you without resorting to any illegal measures *wink wink*.
Mind you, this requires one to be designated a "suspected terrorist" today, but then all it takes is for executive to say that you're one. They likely won't bother for a pedo, but if, say, you worked on WikiLeaks, that might be a different matter.
Re:xkcd "comics" are never obligatory. (Score:5, Funny)
Wow. Did a stick figure run over your dog or something?
Comment removed (Score:5, Insightful)
Giving up passwords (Score:5, Informative)
(unless the arrestee gives up his password, which he doesn't have to do);
In the UK he does [theregister.co.uk]. And people have been punished [theregister.co.uk] for not handing it over.
Re:Giving up passwords (Score:4, Funny)
Except he doesn't have to.
He can be punished for not doing it, but there's no law of physics that FORCES him to give up the password.
Hence why spies have cyanide pills and such - such that it then becomes impossible for them to even give up the password.
Re: (Score:3)
Hence why spies have cyanide pills and such - such that it then becomes impossible for them to even give up the password.
My SSD is encrypted with AES in hardware. As I understand it, you only have to send one ATA command to the disk to tell it to generate a new key and thereby make the existing data unreadable to anyone.
Personally I'd prefer a 'wipe key' button on my laptop to a cyanide pill in my teeth.
Re:Giving up passwords (Score:4, Interesting)
My SSD is encrypted with AES in hardware. As I understand it, you only have to send one ATA command to the disk to tell it to generate a new key and thereby make the existing data unreadable to anyone.
Personally I'd prefer a 'wipe key' button on my laptop to a cyanide pill in my teeth.
Getting the oppertunity to send that one key is tricky if you are in handcuffs.
Better to have a key you hand over after a suitable number of threats which does the new key generation. You can always blame the cops for being technological cavemen and damaging your computer. He who touches it last acquires all blame.
Re:Giving up passwords (Score:4, Informative)
My SSD is encrypted with AES in hardware. .
Depending on the brand, only the key is stored using AES. In many cases the actual data on the disk is encrypted with a weak encryption or even not at all. Full AES encryption of all the data would make the drive horribly slow.
Re: (Score:3)
Full AES encryption of all the data would make the drive horribly slow.
Really? Considering that full 256-bit AES encryption of all the data in software, e.g. with LUKS, is not "horribly slow", even on relatively ancient CPUs, a drive with a dedicated AES chip should be able to do the same thing while remaining reasonably performant.
Note that this does not mean that I would be surprised to hear that the designers cut corners, perhaps for cost reasons. I just don't see how it could be justified on a performance basis.
Re:Giving up passwords (Score:4, Informative)
Seagate published a paper to justify why they went with 128-bit AES. The bottom line is that 256-bit encryption impacted disk throughput. That said, their Momentus 7200 FDE line is just as fast as their non-encrypting line.
http://www.seagate.com/staticfiles/docs/pdf/whitepaper/tp596_128-bit_versus_256_bit.pdf [seagate.com]
Re:Giving up passwords (Score:5, Interesting)
(unless the arrestee gives up his password, which he doesn't have to do);
In the UK he does [theregister.co.uk]. And people have been punished [theregister.co.uk] for not handing it over.
Unfortunately for everybody, really, the potential 5-year RIPA sentence for refusing to disclose a key is crazy draconian as a threat to induce Joe Public to open every Turing-complete device in his entire life to the cops(after what is, no doubt, a impeccable judicial review); but it is substantially less scary than the sentence you might get for various serious crimes that the key might be hiding, along with any incentive provided by your criminal colleagues in favor of loyalty to the organization...
Re:Giving up passwords (Score:5, Interesting)
isn't the UK part of the same EU ?
http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=COM:2006:0174:FIN:EN:HTML
2.4. Privilege against self-incrimination
The presumption of innocence includes the privilege against self-incrimination which is made up of the right of silence and not to be compelled to produce inculpating evidence. The maxim nemo tenetur prodere seipsum , (“no person is to be compelled to accuse himself”) applies. The accused may refuse to answer questions and to produce evidence. The ECtHR[24] held that, although not specifically mentioned in the ECHR, the privilege against self-incrimination is a generally recognised international standard which lies “at the heart of the notion of a fair procedure”. It protects the accused against improper compulsion by the authorities, thus reducing the risk of miscarriages of justice and embodying the equality of arms principle. The prosecution must prove its case without resort to evidence obtained through coercion or oppression. Security and public order cannot justify the suppression of these rights[25].They are linked rights, any compulsion to produce incriminating evidence being an infringement of the right of silence. The State infringed an accused’s right of silence when it sought to compel him to produce bank statements to customs investigators[26]. Coercion to co-operate with the authorities in the pre-trial process may infringe the privilege against self-incrimination and jeopardise the fairness of any subsequent hearing.
Re: (Score:3)
Re:Giving up passwords (Score:5, Insightful)
Frequently intrigued how many people miss that much of the US constitution was written to provide rights people didn't have in the UK...
Re:Giving up passwords (Score:5, Informative)
First, the quote was from the Declaration of Independence, a document that preceded the U.S. Constitution by more than a decade, was purely symbolic in nature -- which is to say, it has almost zero application in the law of the United States of America.
What both of you are trying to recall from your ancient civics classes is the Fifth Amendment (part of the Bill of Rights, passed 2 years after the Constitution), which reads (in relevant part):
No person shall be . . . compelled in any criminal case to be a witness against himself, nor be deprived of life, liberty, or property, without due process of law. . . .
Whether or not coercing someone to unlock the chest where they put their confession is the same as forcing them to incriminate themselves is a tricky and unsettled question of law that we (the Yanks) are still working on. (Whether the coercion is beating them with a $5 wrench, or putting them in prison indefinitely for "contempt", the principle is the same.)
Your meta-point is quite true, however - the creation and protection of such individual rights in conflicts with the State was the fundamental schism that led North America to diverge from the previously (fairly homogenous) Anglo/European civilization about 200 years ago. Now build some Settler[early game]/Armor units[late game] and get out there and spread the word to the rest of the map.
Re: (Score:3)
A Canadian Law Enforcement Officer once told me about how amusing it was to be lectured about civil rights, by another Canadian who learned about his rights by watching American TV; not everyone is American, and even if you are don't bet your life or liberty on what you learned watching CSI.
Re: (Score:3)
You can get up to 2 years i think under RIPA for not disclosing a password! the reason the kid only got 16 weeks was that he was still technically a minor.
Re: (Score:3, Interesting)
if you are 'innocent' why do you encrypt your data in the first place?
If you are innocent, why do you post as AC?
Re: (Score:3, Interesting)
Because my photography is mine, and a stolen hard drive means anybody can freely access years of copyrighted work that's only available online with watermarks, and I make my living from selling my current photography and back library. Because my writing is similarly mine. Because I have confidential information about well over fifteen hundred clients on my HD, none of which I'd like to fall into a competitor's hands. Because I have pornography of myself and my partner on there that neither of us want anyone
Re: (Score:3)
if you are 'innocent' why do you encrypt your data in the first place?
WTF are you doing on /.?!? You're obviously not getting much out of the experience. Idiot! [spamlaws.com]
Re:Giving up passwords (Score:4, Insightful)
Identity theft. Laptops are quite stealable, and I have a lot of financial/confidential client data on mine.
You could retort: Well, what's wrong with Law Enforcement seeing it then?
Answer: Not much, but anything they can crack the crooks can crack better.
Not so simple (Score:3)
Anti-FUD (Score:5, Insightful)
So how are we to know that this isn't anti-FUD?
"Yes, Citizen, your full disk encryption is just too much for us to crack. I guess you're in the clear."
Re:Anti-FUD (Score:5, Insightful)
If this sounds like Doublethink to you, perhaps you should take a look around and reconsider your views on whether it was Orwell or Huxley who was correct.
So what? Even our goons can do it. (Score:3, Informative)
The encryption might be practically unbreakable but that doesn't help a lot. Around here police just break into homes to install hardware or software keyloggers. Sure, that may not be exactly legal for them to do, but they don't care because they know nothing will happen to them.
Re: (Score:3)
kind of the point (Score:5, Insightful)
I mean ... what's the point of encryption that your foes, police or otherwise, can bypass?
Re: (Score:3)
Key escrow protects the company in case the employee gets hit by a car.
If your company is reliant on files on a random employee's computer rather than hosted on a fault-tolerant server that's regularly backed up, you're probably fscked anyway.
Here's a clue LEO guys... (Score:5, Insightful)
While I currently do not run full disk encryption on my laptop and I have never done anything to warrant arrest, I have thought about full disk encryption. Especially in these days of a growing police state, it is not my job to make your job easier. If the news stories keep going the way they are, I suspect that within the year, I will simply migrate over with strong encryption and that will be that.
Because I do not like the increasingly adversarial and militarized role the police have been taking. I'm sure I'm not alone. While I do not wear tinfoil, the news events of late give me pause.
--
BMO - shiny side out.
Re: (Score:3)
In a real police state, a right against self-incrimination can be claimed through the use of cyanide capsules.
Re:Here's a clue LEO guys... (Score:4, Interesting)
Indeed. Always remember what Cardinal Richelieu said,
"Give me six lines written by the most honorable of men, and I will find an excuse in them to hang him."
The powerful have always arranged the laws so that troublesome people can be easily suppressed at will. It's basic government 101; control the population through fear of arbitrary arrest and proscription. Don't fool yourself into thinking that this practice doesn't continue into the present day in "free" nations.
I've got a solution! (Score:5, Insightful)
Use biometrics instead of a password.
Your system unlocks via your foreign friend's iris, which you get via his smartphone's camera.
Now, when the police want to get access to your computer, they have to try to extradite your friend. You can't give them a password because there is no password. The only way to unlock your system is if your friend puts his eye up to his smartphone's camera and you put your smartphone up to your computer's iris scanner. They'd have to figure out a way to compel your friend, who lives in a country that may not have extradition treaty with your particular tyrannical hellhole.
Yeah, I know it's inconvenient, but it would be worth it to frustrate the monsters who have seized power.
Of course, by that point they'd probably just use rendition to send you someplace where you'll be tortured, just for making them have to work for a living. US or UK, I don't think there's any line they won't cross. Not any more. There's no longer a pretense to anything like personal rights. Unless your name ends in "Inc." you just don't have rights any more.
Full report is available (Score:4, Informative)
For the full report, Google
filetype:pdf "The growing impact of full disk encryption on digital forensics"
The Fifth works here? (Score:3)
I always thought you could do one better (Score:5, Interesting)
Encrypted drives do not, obviously, use the password to decode the files. They use the password to decode a key and use that to encode the files.
So I always thought it would be interested to have a computer that, on startup, wipes that part of the disk with 0s, sticking a copy somewhere else on the drive. (Which is not a security risk, because the other parts of the drives are, obviously, encrypted with that key, and you can't open box with a box cutter inside it.)
And during safe shutdown, it puts it back. Or have a program you have to run to put it back, then shutdown.
For safety purposes, you give a copy of the key to someone else for safekeeping. Bonus points if they're out of the country.
Then you leave your computer on, and the screen locked, at all times. Bonus points if you rig it to an alarm where if someone breaks in, it cuts the power. (Also have it do the same if someone inserts firewire or USB while the screen is locked.)
Now it doesn't matter how much you're ordered to comply with the police. They come in, cut the power to your computer, make a disk image...and you'll tell them the damn password all they want, but you are rather at a loss as to how they think that will work, considering the part of the drive with the key stored is has apparently been filled with 0s. (You'll need a lawyer able to explain that what they are asking cannot work.)
Now, like I said, you can lie and pretend you don't know what's going on...or you can wait until they get a court order to have you decrypt, and then tell them what's going on. By which point your friend has hopefully already destroyed the key.
And the joke is, even if you explain everything that happened, this is entirely legal. You have not destroyed any evidence, because the key was already missing from the unencrypted part of the drive when the warrant showed up. (Unlike some of the automated 'destroy data' traps that people try to come up with.) And you have cooperated fully, you literally cannot get to the data. And your friend didn't destroy evidence, because the search warrant was for your stuff, he can delete of his own files he wants until he is told otherwise.
Re: (Score:3)
If your computer crashes, then your disk is ruined. You'd need to supply the backup key. If the backup key is even vaguely easy to access, then that's how they'll crack your disk regardless, because obtaining the copy of the backup key is almost certainly easier than cracking your password.
Minor issues (Score:3)
Re:Minor issues (Score:5, Informative)
Except modern drive recovery can restore the blanked out sector.
Uh, no.
It has never, despite it being 'common wisdom', been possible to recover overwritten sectors on a hard drive.
No one has ever demonstrated it in the entire history of hard drives.
It was a theoretical attack a long time ago, on pre-IDE 'MFM' hard drives.But we moved off that sort of drive in 1986.
And even then, it didn't work. It was a theory that said with a very poorly build hard drive, it might be possible to recover some data. Like I said, no one's ever actually shown this.
And with IDE, we moved to RLL encoding which means, statistically, you couldn't get anything. With an MFM encoded drives, if you got 50% of the data with 50% accuracy, you had 25% of the data and might possibly come up with something, although, like I said, no one ever has managed this.
But with RLL encoded drives, if you got 50% of the data with 50% accuracy, you have nothing. It is not really possible to get a partial byte.
No that anyone has ever demonstrated reading anything from a ' The idea that you need to do anything more than overwrite a sector to make it unreadable is one of those zombie lies that simply cannot die.
The only way to recover a lost sector is if it was going bad at some point, so the hard drive made a copy of it and remapped that sector to the copy. Which means the original might still be there. (OTOH, the original was going bad, so who knows if it's still readable.) The odds of this happening are astronomical.
Re:I always thought you could do one better (Score:5, Interesting)
Now it doesn't matter how much you're ordered to comply with the police. They come in, cut the power to your computer...
When law enforcement officers confiscate a computer, they usually (in the US at least) try to transport the computer without powering it down. Standard procedure is to plug a portable generator into the wall outlet powering the computer, unscrew the outlet, and take the whole apparatus (including wall outlet, generator, and computer) to the forensics lab, without interrupting power to the computer. If all the jacks in an outlet are in use, they will unscrew the wall outlet and splice the generator's power cables into the outlet.
The article and summary do mention situations where computers are powered down for transportation. These are exceptions. They are not the norm.
Ultimate in planted evidence... (Score:5, Interesting)
You want to do someone in, and have access to their computer, a USB program that creates an encrypted partition would be enough to do one in. Proving one's innocence would probably be near impossible.
More research? (Score:5, Insightful)
"Research is needed to develop new techniques and technology for breaking or bypassing full disk encryption."
And, if they somehow manage that, research will be needed to develop new techniques and technology for creating even stronger encryption.
Re: (Score:3)
I'd gladly sell you a $100000 placebo utility to clear your RAM on shutdown....
Re: (Score:3, Interesting)
Re: (Score:3)
I forgot where, but I had heard DDR3 RAM will last over an hour and still retain 99% of its data (although it'll be completely inverted after a certain time). I suspected something similar for DDR2 (which I have).
Whoever told you that was completely incorrect. DRAM capacitors discharge fully within one second of power loss.
Re:I have my disk (at least partially) encrypted (Score:5, Interesting)
RAM can hold a copy of the last data held for a good 5 seconds if warm and up to +20mins of frozen,
so it could be chilled/frozen using compressed air, removed and placed into a reader that dumps the ram memory to disk.
Re: (Score:3)
Although, upgrades would be a major pain.
I don't think you'd feel anything at all, actually.
Re: (Score:3)
"If you attract the interest of a sophisticated enough adversary, the FBI or NSA for instance, you're probably toast."
The FBI and NSA are our friends, so consider the following instructions to be for use in Syria and Iran.
The only reason to hide stuff from the government is if you are "doing something they don't like" which they will incarcerate or kill you for.
If you are a serious person, you are willing to use violence because anything less is being a poser. After you take out the arresting Baathists/Jiha
Re:Not impossible, not even hard (Score:5, Informative)
Within 10-20 years after that any conventional (e.g. what most PCs today are capable of) encryption other than one-time-pads or the like will be breakable.
Uh, no. Quantum computers can brute-force conventional encryption in about the square root of the time taken by a conventional computer. Doubling the key size is much easier than building a quantum computer of a usable capability.
This is precisely why AES has a 256-bit key option when conventional computers could never break a 128-bit key anyway. AES256 is about as difficult to brute-force with a quantum computer as AES128 is with a conventional computer.