The best way to achieve this kind of protection

Hi folks,
looking some old news this week:

http://news.cnet.com/8301-13578_3-9834495-38.html

1) I was wondering what kind of encryption would be necessary to achieve that. I mean, how did the guy configured his computer to be impenetrable/uncrackable? If he used PGP Desktop like the text says, along with the Whole Disk Encryption feature, how did he managed to configure PGP to not allow by all means someone (even him) to bypass/hack his system and gain access to his files without knowing the password?

See what happened on his case:

What options do I need to select and where are they?

2) If a thief have stolen my PC, he might access all files by plugging the hard drive into another computer (doing a copy-paste). In that case, what do you recommend when encrypting individual files? Which algorithm/software it's the best? I tried Advanced Encryption Package 2008 Professional 4.6.13 using the algorithm Blowfish 448-bit so far.

Is there a way to decrypt certain files manually and then, after I finish using them or turning off Windows, they remain encrypted again with no need for you to do that on each file and insert your password all over again to encrypt them? That will solve the problem if someone plugs your hard-drive on another computer.

The Firefox Master-Password works that way. You just need to insert the master-password once for session. After you close the browser, all passwords remain locked. So you can be protected from unauthorized access from both ways.

3) About the Firefox master password, there is a program called FireMaster that can use brute force to decrypt the file key3.db (which contains the master password).

http://securityxploded.com/firemaster.php

Using a 10-character password for example, like: seucirty01

And trying this line of command:

FireMaster -b -c "abcdefghijklmnopqrstuvwxyz0123456789" - l 10 C:\location-of-the-key3.db-file

It will take 1.192 years for you to know which master-password was used, on a Pentium 4 3 Ghz/1 GB RAM. So, if I am using a master-password (with a good combination) and no keyloggers are here, no one will ever find out my usernames/passwords stored on Firefox?

Remember that if you forget your master password, Mozilla says that there is no way to recover (only delete from Firefox, and by doing that you will also lose all data from the Password Manager).

Would the authorities or professional hackers find out my master-password using a different kind of program that will easily decipher the contents of the key3.db file?

 

Lets break this down a bit since its a long post with a few questions.

I use TrueCrypt (love it). All you need is a program that does On The Fly Encryption(OTFE). PGP WDE is one, TrueCrypt is another. There is no specific configuration, that's what this software is designed to do.

I don't recommend encrypting individual files. I recommend some form of container system that uses OTFE, or WDE. Why? Because if each file is encrypted, then you have to decrypt the file, save it in cleartext to the drive somewhere, run whatever program you want against it, providing you made no changes you then have to securely erase that file (not just delete it), and your all set. If you did change it, you now have to delete the encrypted copy, encrypt the new version, and wipe all of your freespace to ensure there are no remnants left on the disk. OTFE eliminates all that decrypting/deleting stuff. Even if you do change it, since the new file is written directly to the encrypted container. The exception is "leftovers" that are used everywhere in the system by the OS itself (Windows is definately bad for this fact.) System Encryption compensates for this.

See my previous paragraph.

Most likely no, unless someone finds a way to break the encryption. If it actually stores the password (bad idea) it could theoretically be broken. If it just stores the hash, then the password is not stored anywhere and subsequently can't be found, no matter how hard you look and analyze. (the right way). Only brute forced. (Trying each and every possible password.)

Without knowing how Mozilla designed the security, I can't answer this. See previous paragraph.

 

All good questions.

The answer depends on your adversary.

This weekend at defcon I met Jonanthan Brossard of iViz at the vip party. He discovered how to defeat Truecrypt, Bitlocker, and PGP's Whole Disk Encryption, and discover your password. It is a convoluted method, but it apparently works if they can ever get their hand on your system when it has been already booted.

So if you're going to use one of these, make sure when you're not using your laptop in a secure area that you have it shut down.

As for the key3.db, there are easier ways undoubtedly, like secretly installing plugins that will bypass the security after you've enter in the master password and stealing your password list.

The way around that is to run firefox in a secure environment like inside a VM, so that even if the adversary can get a stealer installed, they have to phone it home. If your VM is good, it will let you know the program is trying to phone home and warn you. One such VM that does that is xB Machine. I don't think Incognito or any of the others do.

 

This is the stupidest thing I've heard yet.. If your adversary can get to your system when its already been booted, you've already lost the battle. This guy (Not XB) is making it sound like he's discovered some wild flaw in encryption, but while in an of itself it sounds initially impressive, the conditions that are required to work it (already booted and past the password prompt) it kind of makes it moot. Oh, and I don't think that is defeating it, just making use of poor user judgment (booting and then leaving it unattended in a state of anything less than shutdown or hibernated.

Love that plug for product too. While running Firefox inside a VM will help prevent keylogging of that nature from within the VM, there could be a keylogger on the host system recording everything you enter. While it wouldn't have access to the window name to know what you are typing it in for, if it would still have a stream of all the characters you've entered.

 

OK, let me get this straight.

If someone have used this feature (whole disk encryption from the PGP Desktop) encrypting the whole drive,

1) He will not need to encrypt new files created after this procedure - all of them will be created on the encrypted environment, and will also be encrypted like the others;

2) If for some reason, he needs to recover these files by removing the hard-disk, and tries to copy his files into another computer and read them (no need to boot since he will only plug one HDD into a different system/CPU/motherboard), the files will be encrypted?

I thought this WDE feature was only protecting unauthorized access while booting the system. I mean, even if it's impossible to boot without knowing the password, the hard drive will not be recognized if it's used as slave?

Example:

That's why I asked you if was necessary to manually encrypt certain files, even after using WDE.

I was asking what do you need to configure while using PGP WDE or TrueCrypt as you said. The article says that the guy have configured his computer to forget his passphrase. I haven't tested this feature, so I don't know for sure if this is the default and only option while setting the whole encryption.

I just need to be sure that in the event of forgetting my own password, all my data will be lost and impossible to recover. Otherwise I see no reason for using any of these programs.

 

It will be really good security to have since most of the western countries require you to hand over the key by law, this law makes any encryption useless

 

Right.

They won't even be able to see the files. The computer that it is installed into (assuming its slaved) will just show up to windows as an unintialized disk. WARNING: If this happens, Windows will try to initialize it, and if you allow it to, you WILL cause data loss. With TC, the headers are stored in the area that Windows uses to initialize it, so make sure you have backups. Or in the event of System Encryption, your Rescue CD, just in case.

No, see above. Just a unformatted disk with a bunch of random data. Also, keep in mind that your talking about PBA (Pre-Boot Authentication). TrueCrypt can also encrypt an entire drive as a container, which has the same result, its totally encrypted, however it doesn't boot, and just looks like a raw drive.

Bad reporting. TrueCrypt (and I'm assuming others) don't remember anything. If you want to enable password caching (where it will keep a password in memory), such as if you have two or three containers that you want to mount in a row that are all encrypted and use the same password, you can do that. (From here out I'm going to speak of TrueCrypt or TC since its what I use and know. I'm assuming other programs are all similar unless I say otherwise.)

It is. Just make sure you use a secure password. Don't use something like "jvernard" or "12345". On the TC Forums (which have been down all day for some reason) we have had a couple people recently come saying that they have lost part of their password. They know it was built using a combination of words, what those words are, just not the order, and possibly a few extra letters/characters. We assume that brute forcing it will take at least a few months. (There are 35 possible words, and 3-4 of them were used in constructing the password, so its just a matter of trying all the possible combinations.) TC allows up to 64 character passwords, in addition you can use an unlimited number of keyfiles (one is really more than enough for most uses). IF you have a fear, destroy or change the keyfile and you will never get your data again.

 

The only country that I'm aware of is the United Kingdom. You can't be compelled in the USA (Fifth Amendment). Where else can you be compelled?

 

Kooky,

Surreptitious discovery in post-boot state is definitely an issue, although it does admit a few things, I do not think it is as moot as you portray.

Let's assume, as you said, jim engages in best-practices and only uses his laptop when he is around it, and it is always off when he isn't around it. Let's also assume I want to perform full file disclosure and read everything on his drive, having no single specific file in mind. Sound like a high hurdle, right?

Well, as an attacker I would craft a malcious url link that would run script to capture his boot password remotely, and send it to him in an email. I only then need to send it to him and wait for him to read his mail, then i only need physical access to his laptop when he isn't there. He has no idea his laptop has been compromised, and maintained best-practices.

Suddenly Brossard's hack is exceptionally useful when combined with any normal script or any remote code execution exploit.

 

That is all Steve does really. Hawk his wares. Did you notice how he just had to say he was at the VIP party. As if that had something to do with the subject and being at the VIP party legitimized him in some way. Talk about insecurities. Just like his website had posted he was going to be a guest speaker at a UN security conference this month in New York. Problem was, the conference he was referring to had already taken place in Kuala lampur in May. I made a post about this at the time. The silence was deafening. He seems to hope people will take what he say as gospel if he does enough name dropping and use techno-jargon and this alone will awe the reader so they do not do some serious checking about what he is saying. When confronted by people here he obfuscates and engages in hyperbole. At the end of the day all he is here for is to plug xerobank, an over priced, OpenVPN based product that offers nothing new or substantive that can not be found cheaper elsewhere.

 

For anyone interested in the cold-boot attack research, the full report is here: http://citp.princeton.edu.nyud.net/pub/coldboot.pdf

nice summary at: http://news.cnet.com/8301-1009_3-10003167-83.html?tag=bl

imo the points raised in this thread already cover how to avoid being compromised by this attack (always shutting down, waiting ~5 minutes), but it's an interesting topic

 

The simplest hardware fix for the cold boot attack (which is old news anymore) would be to modify the chipsets to upon shutdown, initiate a memory-blank. Even better would be to impliment this right onto the RAM itself. A capacitor to store the power required, which shouldn't be much. Each stick of RAM would only be responsible for itself, and upon power loss from the Mobo (shutdown) initiate the wipe. It should be near instantaneous, and wouldn't even need to be a 100% wipe. Just ensure every 4th bit is wiped. That should effectively destroy any chances of reasonable data recovery.

While the Mona Lisa picture in the above cnet article does demonstrate how persistence works, it fails to take into account the fact that people can "fill in the blanks" but computers can't. So while you and I can look at all 4 of those photos and see the Mona Lisa, the computer only sees 1's and 0's. Also pictures are significantly different than encryption keys. While its easy to look at a picture (that's very well known) and "see over" the mistakes, a computer can't do that, it would have to take every uncertain pixel and try every possibility.


As for Steve... Perhaps we should request that XB get its own forum area so the advertising "spam" can be limited to there. People with legitmate XB questions can go there and still be answered.

And that's an oh-so-subtle way of marketing a product. Anyone who doesn't look doesn't notice that the product being suggested is actually the product of the poster. While everyone is more than welcome to suggest products, there is a vested interest in this case. I suggest TC because I use it and like it. Steve pushes XB (XeroBank) because that's what he sells.

I googled the product that he was pushing, and lets just say that information was NOT forthcoming. From the website:

That is ALL the information that is available. No specifics on what kind of encryption, how the connection is encrypted. "Most secure operating system in the world." Lets see the statistics, reasoning, etc, PROOF.

Also, the "Source Download" link on the page is non-functional. I'll assume that is just a temporary oversight considering that I believe the Linux Kernel is GPL'ed, so the source needs to be available.

Oh well, enough tearing into XB since that's not what this thread is about. Any more questions from the OP?

 

I've gotten some pretty useful information out of Steve (no, we're not buds, I'm just being objective). He does post Xerobank as a solution to a lot of problems on the board here, but no more than some folks rave and post about, say, Truecrypt or Eraser, as being the best solution to problems. I chalk it off as him having a product he believes in and thus suggests it as a solution where relevant. As far as him saying he talked with this or that person, it's more a sign of credibility. If he's plugged in and talking to industry experts, then it helps when he takes the time to post back here about things he's learning or observing.
But, all that aside, some of his posts are certainly helpful and don't say a thing about Xerobank. And for those that have questions and are trying to understand security related topics, it helps.

 

Kooky: then what do you recommend if we need to encrypt files saved on CDs or DVDs? What kinds of settings/encryptions if we are using TrueCrypt?

Will the files be much larger than the original source if they are encrypted? It's safe to assume they will not be corrupted if we burn these disks and format the hard drive? I mean, the data encrypted will be recognized if we reinstall Windows and the software who encrypted all the files?

I will check what TrueCrypt can do later for my HDD. I was asking what were the best settings if we need to cover all the bases because english is not my native language, that's why I was looking for direct answers to how we protect our machine for good.

And can you tell me if this document is accurate?
Password Recovery Speeds
http://www.lockdown.co.uk/?pg=combi&s=articles#classA

 

Interesting reactions when a lack of facts are available. Maybe I should also mention who else was at this meeting: kyle williams (janusvm developer), mike perry (torbutton developer), magnus brading (anonymity designer), roger dingledine (tor developer), and myself... all in a single room, quietly discussing the future of anonymity. If I had to qualify the other guys in that room, I couldn't think of a lesser title than vips. The concentration of anonymity software design, if it was anywhere in the universe, was there in that room. I can understand people have their preference for one flavor of network or software over another, but you need to step back and realize free opensource software like xb machine or janusvm or tor or xb browser or torbutton or torbrowser etc. is there for a reason. It's because there aren't perfect solutions. Most software can be misused, and sometimes bypassed even when best-practices are observed.

There are just a handful of people who know the difference between the security of say incognito versus janusvm or some other, and to most users it doesn't make a difference, but I'm one of them. So if I'm saying you need to do this, that, and the other thing, and it just so happens my buddy makes the software that does it, it isn't a coincidence but it isn't nepotism either. Anonymity or security frameworks in virtualized environments are a young science, and it's contributing members are a very small group.

To an outsider it just looks like one of a million "privacy" or "security" software providers, and sometimes the free/paid line is a little blurry, so I see where folks could misunderstand. To my fellow insiders, we are advancing the artform through study and training, refining our technique and execution. We work hard, and we produce results. The other guys do a single pushup, give themselves a press release, and call it a day. So if I see people touting puffed-up software, stale networks, bad security practices, or outmoded design, pardon me if I balk: I'm a security snob and an anonymity connoisseur, and I demand the best. If the best isn't good enough, we start coding. Luckily I'm also in good company.

 

Excuse me while I go puke.

 

I agree. I value his input here as much as anyone's and I hope he continues to participate in these forums.

 

You're excused.......Oh, can I watch?

 

You can, but TC does have an issue with accessing containers directly from CDs/DVDs but you can make containers on a HD, then transfer them to CD/DVD and put them back on your HD to access.

There isn't any size changes to the files. Aside from the above comments, yea, it should work.

Best settings, if in doubt use the defaults. TC was designed that if you just use the default settings it is secure.

As for that list of speeds.. Well.. I want you to pay close attention to the differences between Class A, Class B, and Class C. Notice that each of those are the same computer speed, just different types of passwords? Throwing out the processing power required for each one, I'll assume that the math is otherwise correct. From the chart, a 8 character password using 96 possible characters results in 7.2 Quadrillion combination. That is 7,213,895,789,838,336 possibilities. Or 7.2x10e15. to quickly find out how many possibilities you have its # of possible characters (or numbers) raised to the power of the # of characters in the password. In this case it would be 96^8.

The thing is, once you get much past 10 characters using the full spectrum, you start to get into numbers that you can't comprehend, let alone imagine. For example, using the same 96 possible characters and the entire possible password length of TC (64 characters) we get 96^64, or 7.3x10^126 Which is the same as writing 7.33430412559619062466883264306180000000000000000000000000000000000000000000000000.e+46 (still 46 more 0's to add. but I don't want to make the line that long)

See what I mean? I doubt you can even imagine how much that represents. And even if you divide that out into 1,000,000,000,000 (1 Billion) passwords/second, that is still 2.3256925816832162051841808228887e+110 YEARS before you'll cover the entire key space.

Something else to keep in mind, I think I estimated at one point that my system, an Opteron 185 (Dual core, and it isn't no slouch, Opterons are Server Class processors) can process around 200 passwords/second, which is significantly less than even the Class A.

Long story short, yes, I think that page is fine for the math side of it, but brute forcing is not an exact science, and as you can see from the Class A, B, and C even the same processor on three different password types has significantly different performance.

 

Yes, but TC is free, PGP WDE is not

 

1. Like your new pic in the shades, looking cool dude

2. I use TC with a password + keyfile stored on my USB stick. If I walked away from my running Laptop and took the USB stick with me, would your comments still be valid when you said, "...sure when you're not using your laptop in a secure area that you have it shut down." If I take my USB stick with me everytime I leave my Laptop, then even if a person reads my RAM to get my TC password, how is that password of any value to them, when I have the additional keyfile that is needed in my pocket on a USB stick?

3. Great way to plug your xB Machine in your last paragraph Always looking for an opportunity to market xB eh? Any chance to try to get business?

 

1. You mean I can visit a website and that website runs a script (even if im using Noscript plugin) and then automatically send me an email? How does the website know my personal email? And how does reading my email send you the password?

2. How would you then learn where I live?

3. Even if you then learned where I live, how would you bypass my alarm system and 2 doberman dogs?

 

Even though I agree with your comments to a degree and your evaluation about Steve, I do not agree with your berating another person in public.

Sure we all know that Steve suffers from low self-esteem issues and feels he needs to drop names and places to gain credibility and gain reputation, but is that a reason to attack and berate Steve in public? But having said that and being fair to Steve, aren't we all guilty of dropping names and places to make ourselves feel more important? We are all guilty of that at some time in our lives. So I don't think it's fair to attack Steve about that because we all have self-esteem issues to a degree where we want to feel important. So that's as silly as a thief lecturing a person for stealing.

And we all know also that all Steve is trying to do is find any opportunity at all to market and sell his products, even going to the extent in trying to convince people they may need it. But I personally always giggle when I read his "marketing posts", no need to be so nasty.

Steve is just doing what he can do make a living. Cant blame the guy for trying, even if we believe his methods lack integrity.

But at the end of the day, Steve seems like a nice guy, so be nice to him please. And we can all learn a lot from him about security because he is more experienced in this area than all of us put together.

So Steve, if you are reading this... Please continue to come here and contribute and answer questions. Please don't allow a few proud, jealous and unappreciative people destroy it for the rest of us. Please don't punish all of us because of a few bad apples who get delight in attacking you. Please keep coming here and contributing. I learn a lot from you.

 

Simple hardware fix? You think that's simple? hehe

 

create a 4GB TC container. And then burn that TC 4GB file to a DVD. If you have a good long password, nobody will be able to decrypt and open that file for many years, long after you are dead and buried. So don't worry about the "fear" tactics of some people.