|
|
|||||||
|
|
Thread Tools | Search this Thread |
|
#1
June 26th, 2010, 04:50 PM
|
||||
|
||||
FBI failed to break the encryption code of hard drives seized by federal police
Not even FBI was able to decrypt files of Daniel Dantas
Hard drives were seized by the feds during Operation Satyagraha, in 2008. Information is protected by sophisticated encryption system. [Original Article] [slashdot.org] The FBI failed to break the encryption code of hard drives seized by federal police at the apartment of banker Daniel Dantas, in Rio de Janeiro, during Operation Satyagraha. The operation began in July 2008. According to a report published on Friday (25) by the newspaper Folha de S. Paulo, after a year of unsuccessful attempts, the U.S. federal police returned the equipment to Brazil in April. According to the report, the fed only requested help from USA in early 2009, after experts from the National Institute of Criminology (INC) failed to decode the passwords on the hard drives. The government has no legal instrument to compel the manufacturer of the American encryption system or Dantas to give the access codes. The equipment will remain under the protection of the feds. INC expect that new research data or technology could help them break the security codes. Opportunity Group reported that the two programs used in the equipment are available online. One is called Truecrypt and is free. The programs were used due to suspected espionage. According to the report, the FBI and the INC used the same technology to try to break the password. It is a mechanism called a "dictionary" - a computer system that tests password combinations from known data and police information. Experts from the INC used this technique for five months, until December 2008, when the discs were sent to the United States. |
|
#2
July 4th, 2010, 05:01 AM
|
|||
|
|||
|
Re: FBI failed to break the encryption code of hard drives seized by federal police
No surprise that TrueCrypt encryption held up.
The larger question is why did the FBI release any information at all about their failure to "break" the encryption? Lots of conspiracy to toss around if you are so inclined. |
|
#4
July 4th, 2010, 05:49 AM
|
|||
|
|||
|
Re: FBI failed to break the encryption code of hard drives seized by federal police
Quote:
If anyone can break AES, Twofish, or Serpent it would be NSA, not the FBI. I happen to believe the story as told, as I doubt anyone on earth can break any of the three aforementioned ciphers. What I find funny about the reporting is they mention the government could, in theory, compel the software makers to "give up the keys." That's quite silly as I'm almost certain Truecrypt has no backdoor in it. And let us not forget that the Truecrypt developers are anonymous. No one knows who they are, thus how could the FBI approach them in the first place? Now, if this was some built-in Windows encryption, I might believe there was a master key. But not Truecrypt (which is open-source and available for anyone to look at the code). As for what the other program is, I am assuming it was PGP Desktop or something similar. |
|
#5
July 4th, 2010, 06:32 AM
|
|||
|
|||
|
Re: FBI failed to break the encryption code of hard drives seized by federal police
I would concur that AES, Twofish, and Serpent are unbreakable using current technology.
I also think the FBI doesn't "fear" encryption and in fact would like the "bad guys" to have more faith in it. Blindly trusting that your data is securely encrypted without actually understanding how encryption works leads to security errors. Simple passwords and unencrypted temp files come to mind. Then if the bad guys are careful there's always keyloggers and TEMPEST. |
|
#6
July 4th, 2010, 08:12 AM
|
|||
|
|||
|
Re: FBI failed to break the encryption code of hard drives seized by federal police
Quote:
Good luck gaining offline access through Truecrypt used as a FDE. |
|
#7
July 5th, 2010, 06:52 PM
|
|||
|
|||
|
Re: FBI failed to break the encryption code of hard drives seized by federal police
This is no great surprise. I have told this story many times, but almost all police departments and District Attorney (prosecutors) offices have closets full of copies of encrypted volumes/drives they can't open. They are waiting for the day when they think technology will allow them to do so and they can reopen the case. They don't worry too much about these things for long periods of time unless they are for really serious crimes. In one American city, the prosecutors believe the evidence for murder is in an encrypted PGP volume. They have no other evidence, but believe all they need is on this computer. So, for now, it's a so-called, "Cold Case".
|
|
#8
July 6th, 2010, 04:52 AM
|
|||
|
|||
|
Re: FBI failed to break the encryption code of hard drives seized by federal police
Quote:
That's pretty interesting and not surprising really. Do you work for a forensics firm? |
|
#9
July 7th, 2010, 03:40 PM
|
|||
|
|||
|
Re: FBI failed to break the encryption code of hard drives seized by federal police
Quote:
 I kid, I kid. |
|
#10
July 7th, 2010, 04:00 PM
|
||||
|
||||
Re: FBI failed to break the encryption code of hard drives seized by federal police
Anyone know off hand what version was in use in '08?
Never mind, I found it at their site. Good day all.
__________________
HP pavillion...AMD Athlon 64X2 Dual 4200+ 2.2GHz...1.93G RAM...Win XP 32 bit SP2 w/Media Center 2005...NVidia 6150LE Resident: Avast! Free 7.0...Online Armor Free 4.0 (FW only)...Process Lasso 3.84.7 On Demand: MBAM Free 1.44...SAS Free 4.15.1000...RVS 2010 Last edited by Sam Hell : July 7th, 2010 at 04:36 PM. |
|
#11
July 8th, 2010, 03:34 PM
|
|||
|
|||
|
Re: FBI failed to break the encryption code of hard drives seized by federal police
Quote:
No. My thing is anti-forensics. |
| « Previous Thread | Next Thread » |
| Thread Tools | Search this Thread |
|
|
