Beta

# Full Disk Encryption Hard For Law Enforcement To Crack

#### timothy posted more than 2 years ago | from MrSeb

575

If you'd rather keep your data private, take heart: disk encryption is a lot harder to break than techno-thriller movies and TV shows make it out to be, to the chagrin of some branches of law enforcement. MrSeb writes with word of a paper titled "The growing impact of full disk encryption on digital forensics" [abstract here to paywalled article] that illustrates just how difficult it is. According to the paper, co-authored by a member of US-CERT, "[T]here are three main problems with full disk encryption (FDE): First, evidence-gathering goons can turn off the computer (for transportation) without realizing it's encrypted, and thus can't get back at the data (unless the arrestee gives up his password, which he doesn't have to do); second, if the analysis team doesn't know that the disk is encrypted, it can waste hours trying to read something that's ultimately unreadable; and finally, in the case of hardware-level disk encryption, tampering with the device can trigger self-destruction of the data. The paper does go on to suggest some ways to ameliorate these issues, but ultimately the researchers aren't hopeful: 'Research is needed to develop new techniques and technology for breaking or bypassing full disk encryption.'"

cancel ×

### No Comment Title Entered

#### Anonymous Coward 1 minute ago

No Comment Entered

### I wish this was the case in the UK (5, Informative)

This comment was hidden based on your threshold setting.

#### Anonymous Coward | more than 2 years ago

I wish this was the case in the UK, any encryption keys have to be handed over when asked by the police or .Gov

### Re:I wish this was the case in the UK (4, Informative)

This comment was hidden based on your threshold setting.

#### 0100010001010011 | more than 2 years ago

So use TrueCrypt and a hidden volume. Give them the keys to your outer volume. It mounts and they can browse your collection of Lolcats. Let them prove that's not what they were looking for.

### Re:I wish this was the case in the UK (5, Insightful)

This comment was hidden based on your threshold setting.

#### Anonymous Coward | more than 2 years ago

If they know it's a truecrypt drive, they probably would suspect that there's another partition so will try and charge you anyway for withholding.

So basically they make your life hell for a year till charges are dropped and would use any little excuse to question & detain you.

### Re:I wish this was the case in the UK (5, Insightful)

This comment was hidden based on your threshold setting.

#### durrr | more than 2 years ago

I haven't bothered with hidden partitions, yet. Does it mean I'm subject to legal punishment for not using this feature and thus lacking a password to give to law enforcement so they can take part of my extensive collection of crustacean pornography?

And if that, then what happens when truecrypt suddenly accepts multiple hidden partitions or other more complex schemes? Everyone goes to jail because lawmakers somehow ascended beyond full retard?

### REFRIGERATED crustacean pix? (5, Funny)

This comment was hidden based on your threshold setting.

#### Anonymous Coward | more than 2 years ago

You are in violation of the laws forbidding the manufacture, sale and possession of chilled prawnography.

### Re:REFRIGERATED crustacean pix? (4, Funny)

This comment was hidden based on your threshold setting.

#### ColdWetDog | more than 2 years ago

You are in violation of the laws forbidding the manufacture, sale and possession of chilled prawnography.

A good strong shell ought to keep him out of trouble. Don't Bash it if you've not tried it.

### Deniable encryption only works in theory (5, Interesting)

This comment was hidden based on your threshold setting.

#### betterunixthanunix | more than 2 years ago

In practice, the headaches that would ensue from widespread use of deniable encryption would cause one of two outcomes:
1. Police would stop asking for secret keys, or only ask for a short period of time, because they would have no way of knowing whether or not they have the true secret.
2. The system would be outlawed.

Countries that respect and protect a right to free speech would not outlaw such a system, but unfortunately such countries are few and far between. Deniable encryption encryption works in theory, but in practice the existence of non-deniable encryption makes it hard for people to claim that they are innocent users of a deniable encryption system. While there are innocent uses of such a system (perhaps your business secrets are so valuable that being tortured for them is not beyond the realm of possibility) they are few and far between; deniable encryption is tool for protecting your data from a government, and for all their talk about China and Iran, most western governments are not interested in having citizens who can secure their communications and data from police investigations.

### Re:I wish this was the case in the UK (1)

This comment was hidden based on your threshold setting.

#### jd | more than 2 years ago

You're forgetting that goggies are in power.

### Re:I wish this was the case in the UK (2)

This comment was hidden based on your threshold setting.

#### 228e2 | more than 2 years ago

That wont work if they were doing any kind of listening/tapping and see you havent accessed any file on said Lolcat volume since you last set it up 4 months ago. Well, they wont even have to have listening data to figure that out.

### Re:I wish this was the case in the UK (0)

This comment was hidden based on your threshold setting.

#### Anonymous Coward | more than 2 years ago

"Most of the time I use a live cd to avoid viruses"

### Re:I wish this was the case in the UK (1)

This comment was hidden based on your threshold setting.

#### GrandTeddyBearOfDoom | more than 2 years ago

A straightforward mod would be to have a truecrypt volume concealed in the least significant eight bits of a long 24bit wav file that you could obtain as, e.g. a 1hour+ trance mix from beatport (that would be 16bit, so the data would be inaudible). Slowdown would be tolerable given modern hardware.

### Re:I wish this was the case in the UK (1)

This comment was hidden based on your threshold setting.

#### Z00L00K | more than 2 years ago

You should have some other documents too that aren't illegal but sensitive. (Company secrets or private data like an address book)

And have two hidden volumes in case they wonder you can have one filled with legal MILF porn or something in a way that makes it look like you are keeping it out of sight for a spouse (real or potential).

### Re:I wish this was the case in the UK (5, Insightful)

This comment was hidden based on your threshold setting.

#### Dogbertius | more than 2 years ago

Sadly, the notion of "plausible deniability" works both ways. If they (ie: the authorities) are aware it is a TrueCrypt volume, they can just demand you hand over the passwords for the inner and outer volumes. If you provide just one key (ie: the password for the outer volume that contains junk you don't care about), and you are in a country that demonstrates little to no respect for civil rights, they could very well jail you, even if you aren't using a hidden volume.

Secondly, the authorities demanding you hand over the key (strangely enough) isn't covered under fifth amendment rights, so again, they can demand you hand over the keys, or you could be jailed almost indefinitely.

Finally, there are some interesting articles by Bruce Schneier on alternate means of incrimination. www.schneier.com/paper-truecrypt-dfs.pdf

In short, there are many ways to give a judge the idea that the use of a hidden volume is likely (ie: check path histories for previously opened files, check temp folders, etc). Not only would these indicate the possibility of a hidden volume, but some files that were meant to be encrypted may be 100% available (eg: Microsoft Word makes temporary backups of files in your %APPDATA% folders in case it crashes and you want to recover your work; as one example). Unless one is very diligent and knows what he/she is doing with respect to encrypting data, it would seem the only safe method is to encrypt the entire disk and boot off of it exclusively, all while keeping the machine itself disconnected from the internet to avoid hacking attempts, and locked in massive safe so the authorities don't install a keylogger (application or physical device) or start taking snapshots of your disk daily to aid in cracking the password.

You may be able to secure your data, but with multiple means of data accidentally being leaked due to the OS or various applications used in day-to-day life, along with unscrupulous policing agencies allowed to overrule fundamental civil rights, it is likely that one will ultimately lose their data and/or freedom either way.

### Re:I wish this was the case in the UK (5, Insightful)

This comment was hidden based on your threshold setting.

#### fuzzyfuzzyfungus | more than 2 years ago

It may not help the poor bastard being asked for them; but, depending on the implementation, delivering the keys may simply not be possible.

It takes a pretty exceptional human to actually remember a useful crypto key, so most systems store the key for you and depend on a password, passphrase, and/or some sort of hardware device to grant access to the key. If the system that actually stores the crypto key is designed to resist tampering, there are a reasonable number of initial attempts at forensics that might trip tamper detection and cause the key to be wiped, irrevocably.

Your classier cryptographic coprocessor modules offer such tamper resistance, and the enthusiasm of DRM peddlers and corporate customers who have backups; but really, really, hate data-breach stories will likely continue to push it further down into cheaper and more common business desktops and laptops.

(Even the TPMs of today may be pretty tricky to subvert without pissing them off, though I don't think that they are required to adhere to the same anti-tamper standards as the more serious hardware security modules).

### Re:I wish this was the case in the UK (-1)

This comment was hidden based on your threshold setting.

#### Anonymous Coward | more than 2 years ago

I must not fear. Fear is the mind-killer. Fear is the little-death that brings total obliteration. I will face my fear. I will permit it to pass over me and through me. And when it has gone past I will turn the inner eye to see its path. Where the fear has gone there will be nothing. Only I will remain.

### Re:I wish this was the case in the UK (5, Funny)

This comment was hidden based on your threshold setting.

#### sunderland56 | more than 2 years ago

We need an encryption package that has *two* passwords:
• One normal one that decrypts as usual;
• A second one that formats the disk and installs a standard version of Windows

You use password #1, but if arrested you give up password #2.

### Re:I wish this was the case in the UK (4, Insightful)

This comment was hidden based on your threshold setting.

#### sco08y | more than 2 years ago

We need an encryption package that has *two* passwords:

• One normal one that decrypts as usual;
• A second one that formats the disk and installs a standard version of Windows

You use password #1, but if arrested you give up password #2.

That's brilliant, but how do you get the police to use this software? Especially after they've pulled the drive out and plugged it into their forensics kit?

### Re:I wish this was the case in the UK (1)

This comment was hidden based on your threshold setting.

#### SomePgmr | more than 2 years ago

Is that true in the US? I always assumed that a person could be otherwise legally compelled to surrender any encryption keys. I know this isn't exactly citing case law, but it sounds like the issue is unsettled:
http://news.cnet.com/8301-31921_3-20078312-281/doj-we-can-force-you-to-decrypt-that-laptop/

### "more research?" (4, Funny)

This comment was hidden based on your threshold setting.

#### TheCouchPotatoFamine | more than 2 years ago

well we [the industry] will be just happy selling encryption with the tagline: so secure - no one can break it - except your average McForensic dude with a software package you can torrent. See, secure!

### Re:"more research?" (3, Insightful)

This comment was hidden based on your threshold setting.

#### betterunixthanunix | more than 2 years ago

well we [the industry] will be just happy selling encryption with the tagline: so secure - no one can break it - except your average McForensic dude with a software package you can torrent. See, secure!

More like the software industry wants to remain friendly with the Department of Justice, and will gladly push a DoJ-approved cryptosystem on their customers unless their customers start jumping ship. Remember the clipper chip and how a certain large telecom was prepared to play along?

### obligatory (4, Funny)

This comment was hidden based on your threshold setting.

### Re:obligatory (2)

This comment was hidden based on your threshold setting.

#### pla | more than 2 years ago

http://imgs.xkcd.com/comics/security.png

Fortunately, as bad as they've gotten, police in the US still try to maintain the facade that they count as the "good guys", at least to the extent that they don't (frequently) torture information out of people.

Trick, cajole, threaten, inconvenience, stress, discomfit, and a whole host of other verbs that come just shy of it, but not quite outright torture yet.

### Re:obligatory (4, Insightful)

This comment was hidden based on your threshold setting.

#### fuzzyfuzzyfungus | more than 2 years ago

Why would we resort to torture when we have pain compliance?

### xkcd "comics" are never obligatory. (0, Troll)

This comment was hidden based on your threshold setting.

#### Anonymous Coward | more than 2 years ago

Xkcd "comics" (I'm very hesitant to actually call them that) are never obligatory. In fact, we're all better off if you don't link to them. They just plain aren't funny or amusing or insightful, regardless of what your taste in humor is.

Many of them just make a semi-obscure academic, scientific or Internet cultural reference. There's not even any commentary, implied or expressed, about the thing or idea being referenced! The comic just makes the reference, and somehow that's supposed to be comical. Well, it isn't.

Many of the rest just rip off jokes or witty observations that have been floating around labs, colleges, and other academic or scientific institutions for decades now. They are not original in any way.

There are many truly funny web comics out there, written by very bright people who combine intellect and artistic skill in a remarkable way. Link to them instead of xkcd. Xkcd "comics" just aren't worthy of being viewed.

### Re:xkcd "comics" are never obligatory. (1)

This comment was hidden based on your threshold setting.

#### roc97007 | more than 2 years ago

Well, thank YOU mister frowny-face!

### Re:xkcd "comics" are never obligatory. (1)

This comment was hidden based on your threshold setting.

#### metacell | more than 2 years ago

I'm sure he just needs a hug.

### Re:xkcd "comics" are never obligatory. (0)

This comment was hidden based on your threshold setting.

#### cusco | more than 2 years ago

Since he still hasn't figured out how to create an account and log in yet he probably really doesn't understand half of xkcd so thinks it's dumb.

### Re:xkcd "comics" are never obligatory. (5, Funny)

This comment was hidden based on your threshold setting.

#### Anonymous Coward | more than 2 years ago

Wow. Did a stick figure run over your dog or something?

### Re:xkcd "comics" are never obligatory. (1)

This comment was hidden based on your threshold setting.

#### sco08y | more than 2 years ago

There are many truly funny web comics out there, written by very bright people who combine intellect and artistic skill in a remarkable way.

Yeah, and why ride horses when there are all those unicorns?

### Re:obligatory (2)

This comment was hidden based on your threshold setting.

#### nerdonamotorcycle | more than 2 years ago

Came here for this, leaving satisfied.

### To me.. (5, Insightful)

This comment was hidden based on your threshold setting.

#### UPZ | more than 2 years ago

That doesn't sound like a problem at all. Technology that works as intended.

### U2 (0)

This comment was hidden based on your threshold setting.

#### Anonymous Coward | more than 2 years ago

In a rare moment, U2 said something wise. "A liar won't believe anyone else."

### Giving up passwords (5, Informative)

This comment was hidden based on your threshold setting.

#### earthloop | more than 2 years ago

(unless the arrestee gives up his password, which he doesn't have to do);

In the UK he does. And people have been punished for not handing it over.

This comment was hidden based on your threshold setting.

#### DannyTUK | more than 2 years ago

Yes, we gave up that particular freedom [to not self-incriminate] without so much as a whimper, cough or sneeze. When technology fails the UK (and EU) simply make up a new law against it's citizens.

This comment was hidden based on your threshold setting.

#### SuricouRaven | more than 2 years ago

Actually, we never had that one.

### Re:Giving up passwords (0, Troll)

This comment was hidden based on your threshold setting.

#### Tyrannosaur | more than 2 years ago

"We hold these truths to be self-evident, that all men are created equal, that they are endowed by their Creator with certain unalienable Rights, that among these are Life, Liberty and the pursuit of Happiness." That depends- is the right not to self incriminate one of these endowed by our Creator? Assuming of course you agree with the writers of this document.

This comment was hidden based on your threshold setting.

#### Anonymous Coward | more than 2 years ago

If your response is to the "Actually, we never had that one." post, then you really need to read the posts he is responding too. At the top it mentions the UK. His statement of "we" refers to those in the UK. Not those in the USA.

### Re:Giving up passwords (4, Insightful)

This comment was hidden based on your threshold setting.

#### Xugumad | more than 2 years ago

Frequently intrigued how many people miss that much of the US constitution was written to provide rights people didn't have in the UK...

This comment was hidden based on your threshold setting.

#### geekmux | more than 2 years ago

Yes, we gave up that particular freedom [to not self-incriminate] without so much as a whimper, cough or sneeze. When technology fails the UK (and EU) simply make up a new law against it's citizens.

My apologies if the illusion of any semblance of Rights still seems to be wafting in the air over the US. Trust me, you'll get a hearty laugh in the face from law enforcement in the US too when trying to bring up "ancient" history like pleading the 5th. Remember anyone with encryption must be some sort of terrorist these days...in fact just as a matter of convenience(those pesky "Rights" really get in the way of a good interrogation), everyone is treated like a terrorist...that way, they can simply waive you of those pesky Rights and all...

This comment was hidden based on your threshold setting.

#### tiffany352 | more than 2 years ago

"Police say they are still trying to crack the password. ®" I think that'll take a few trillion universe ages given it's 50 characters long.

### Re:Giving up passwords (3, Funny)

This comment was hidden based on your threshold setting.

#### bhtooefr | more than 2 years ago

Except he doesn't have to.

He can be punished for not doing it, but there's no law of physics that FORCES him to give up the password.

Hence why spies have cyanide pills and such - such that it then becomes impossible for them to even give up the password.

This comment was hidden based on your threshold setting.

#### 0123456 | more than 2 years ago

Hence why spies have cyanide pills and such - such that it then becomes impossible for them to even give up the password.

My SSD is encrypted with AES in hardware. As I understand it, you only have to send one ATA command to the disk to tell it to generate a new key and thereby make the existing data unreadable to anyone.

Personally I'd prefer a 'wipe key' button on my laptop to a cyanide pill in my teeth.

This comment was hidden based on your threshold setting.

#### Anonymous Coward | more than 2 years ago

A law that only benefits the guilty. If you're innocent but dont give up your password, you lose sixteen weeks.. If you're guilty you lose only sixteen weeks in comparison to potentially years.

Does anyone think this through?

### Re:Giving up passwords (0, Funny)

This comment was hidden based on your threshold setting.

#### Anonymous Coward | more than 2 years ago

if you are 'innocent' why do you encrypt your data in the first place?

### Re:Giving up passwords (2, Interesting)

This comment was hidden based on your threshold setting.

#### Smallpond | more than 2 years ago

if you are 'innocent' why do you encrypt your data in the first place?

If you are innocent, why do you post as AC?

This comment was hidden based on your threshold setting.

#### Tyrannosaur | more than 2 years ago

Mark? you there?

This comment was hidden based on your threshold setting.

#### Anonymous Coward | more than 2 years ago

if you are 'innocent' why do you encrypt your data in the first place?

Ok, try this: I have nothing to hide but that doesn't mean I have anything I want to share. There is nothing illegal about my genitals but that doesn't mean I'm going to drop my pants for anyone who might want to take a peek to find out. You'll just have to take my word for it.

This comment was hidden based on your threshold setting.

#### Z00L00K | more than 2 years ago

Because you don't want to give away commercially or personally sensitive data - like addresses or business plans.

This comment was hidden based on your threshold setting.

#### s0litaire | more than 2 years ago

You can get up to 2 years i think under RIPA for not disclosing a password! the reason the kid only got 16 weeks was that he was still technically a minor.

This comment was hidden based on your threshold setting.

#### Pseudonym Authority | more than 2 years ago

I would gladly be sent to prison for 2 years for obstruction of justice, rather than going for what ever I was hiding. Maybe not worth it for petty fraud, but some things that people would like to encrypt can land them a sentence that they couldn't possible live to see expire.

This comment was hidden based on your threshold setting.

#### Anonymous Coward | more than 2 years ago

You're a fucking idiot. It doesn't benefit the guilty. The alternate is that this law DOESN'T exist, and then the guilty don't get any punishment at all.

This comment was hidden based on your threshold setting.

#### wisnoskij | more than 2 years ago

I am not sure if that is true for over here in north america either.

Passwords have never been considered all that private.
Lots of companies make their employees give theirs out, and you always hear about court cased that involved a judge ordered password reveal.

This comment was hidden based on your threshold setting.

#### klingens | more than 2 years ago

Companies have the rights to passwords to company data and property.
And courts cannot order the defendant to give a password if this would incriminate the defendant: 5th amendment.

### Not so simple (2)

This comment was hidden based on your threshold setting.

#### betterunixthanunix | more than 2 years ago

As I understand the case law (IANAL), the following has been held by the courts:
1. A defendant who consented to a search of his computer can be compelled to give up his password later even if he does not consent to another search. This is In re Boucher, and it is worth noting that in this situation a deniable encryption system like Truecrypt would not have helped at all.
2. In cases where a defendant's knowledge of a passphrase can be used as evidence that the defendant was in control of a computer that was used to commit crimes, the 5th amendment does apply.
3. In cases where a defendant did not consent to any searches, the defendant cannot be forced to disclose a secret key. This is considered to be equivalent to compelling a defendant to produce incriminating documents, which the Supreme Court found was a violation of 5th amendment rights.

Perhaps a real lawyer should chime in here.

### Re:Giving up passwords (5, Interesting)

This comment was hidden based on your threshold setting.

#### fuzzyfuzzyfungus | more than 2 years ago

(unless the arrestee gives up his password, which he doesn't have to do);

In the UK he does. And people have been punished for not handing it over.

Unfortunately for everybody, really, the potential 5-year RIPA sentence for refusing to disclose a key is crazy draconian as a threat to induce Joe Public to open every Turing-complete device in his entire life to the cops(after what is, no doubt, a impeccable judicial review); but it is substantially less scary than the sentence you might get for various serious crimes that the key might be hiding, along with any incentive provided by your criminal colleagues in favor of loyalty to the organization...

This comment was hidden based on your threshold setting.

#### Anonymous Coward | more than 2 years ago

You've got way bigger problems than me, if you're in denial on God. You'll very quickly forget me.

God says...

C:\LoseThos\www.losethos.com\text\QUIX.TXT

be
able to get rid of, for a great man owns it, and what he loses every year
is beyond all comparison more than what he makes by the cards. On the
minor gambling houses your worship may exercise your power, and it is
they that do most harm and shelter the most barefaced practices; for in
the houses of lords and gentlemen of quality the notorious sharpers dare
not attempt to play their tricks; and as the vice of gambling has become
common, it is better that men should play in houses of repute than in

### Re:Giving up passwords (5, Interesting)

This comment was hidden based on your threshold setting.

#### Anonymous Coward | more than 2 years ago

isn't the UK part of the same EU ?

http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=COM:2006:0174:FIN:EN:HTML

2.4. Privilege against self-incrimination
The presumption of innocence includes the privilege against self-incrimination which is made up of the right of silence and not to be compelled to produce inculpating evidence. The maxim nemo tenetur prodere seipsum , (“no person is to be compelled to accuse himself”) applies. The accused may refuse to answer questions and to produce evidence. The ECtHR[24] held that, although not specifically mentioned in the ECHR, the privilege against self-incrimination is a generally recognised international standard which lies “at the heart of the notion of a fair procedure”. It protects the accused against improper compulsion by the authorities, thus reducing the risk of miscarriages of justice and embodying the equality of arms principle. The prosecution must prove its case without resort to evidence obtained through coercion or oppression. Security and public order cannot justify the suppression of these rights[25].They are linked rights, any compulsion to produce incriminating evidence being an infringement of the right of silence. The State infringed an accused’s right of silence when it sought to compel him to produce bank statements to customs investigators[26]. Coercion to co-operate with the authorities in the pre-trial process may infringe the privilege against self-incrimination and jeopardise the fairness of any subsequent hearing.

This comment was hidden based on your threshold setting.

#### Robadob | more than 2 years ago

Wish i had mod points for this.

### Full Disk Encryption Hard For Law Enforcement To C (0)

This comment was hidden based on your threshold setting.

#### Anonymous Coward | more than 2 years ago

No shit, Sherlock...

### Re:Full Disk Encryption Hard For Law Enforcement T (1)

This comment was hidden based on your threshold setting.

#### Yvan256 | more than 2 years ago

Still a better title than "Full Disk Encryption Hard For Law Enforcement To Cocaine".

### I have my disk (at least partially) encrypted (2)

This comment was hidden based on your threshold setting.

#### tiffany352 | more than 2 years ago

My /home partition is encrypted with a 27 character password. I've felt like it's not enough for a while enough, but apparently the police are a lot clumsier than I give them credit for. (I'm not a criminal or anything, it's just that I'm paranoid.) (If anyone knows of a utility that will clear my RAM on shutdown, I'd appreciate it...)

### Re:I have my disk (at least partially) encrypted (0)

This comment was hidden based on your threshold setting.

#### Anonymous Coward | more than 2 years ago

Your RAM will clear itself on shutdown just fine. The spooks aren't that good...

### Re:I have my disk (at least partially) encrypted (3, Interesting)

This comment was hidden based on your threshold setting.

#### tiffany352 | more than 2 years ago

I forgot where, but I had heard DDR3 RAM will last over an hour and still retain 99% of its data (although it'll be completely inverted after a certain time). I suspected something similar for DDR2 (which I have).

### Re:I have my disk (at least partially) encrypted (2)

This comment was hidden based on your threshold setting.

#### RoFLKOPTr | more than 2 years ago

I forgot where, but I had heard DDR3 RAM will last over an hour and still retain 99% of its data (although it'll be completely inverted after a certain time). I suspected something similar for DDR2 (which I have).

Whoever told you that was completely incorrect. DRAM capacitors discharge fully within one second of power loss.

### Re:I have my disk (at least partially) encrypted (0)

This comment was hidden based on your threshold setting.

#### Anonymous Coward | more than 2 years ago

There are ways around that: http://www.usenix.org/events/sec08/tech/full_papers/halderman/halderman_html/index.html

### Re:I have my disk (at least partially) encrypted (5, Interesting)

This comment was hidden based on your threshold setting.

#### s0litaire | more than 2 years ago

RAM can hold a copy of the last data held for a good 5 seconds if warm and up to +20mins of frozen,
so it could be chilled/frozen using compressed air, removed and placed into a reader that dumps the ram memory to disk.

### Re:I have my disk (at least partially) encrypted (1)

This comment was hidden based on your threshold setting.

#### Z00L00K | more than 2 years ago

But you still need to know what to look for in those memory modules.

### Re:I have my disk (at least partially) encrypted (2)

This comment was hidden based on your threshold setting.

#### sydneyfong | more than 2 years ago

I'd gladly sell you a \$100000 placebo utility to clear your RAM on shutdown....

### Re:I have my disk (at least partially) encrypted (1)

This comment was hidden based on your threshold setting.

#### s0litaire | more than 2 years ago

Best way to clear RAM is either C4 or Thermite ^_^
Or just before shutdown run "dd if=/dev/zero of=/dev/mem" (can't remember the actual location of memory in /dev/ but ram is a good place holder)

### Re:I have my disk (at least partially) encrypted (2)

This comment was hidden based on your threshold setting.

#### tiffany352 | more than 2 years ago

Oh, this seems interesting. Stuff your computer with semtex and booby trap the case. :D Although, upgrades would be a major pain. :P

### Got a better idea (2)

This comment was hidden based on your threshold setting.

#### Zandamesh | more than 2 years ago

Encrypt the ram as well :p

### Re:I have my disk (at least partially) encrypted (0)

This comment was hidden based on your threshold setting.

#### Anonymous Coward | more than 2 years ago

However if you would want to attempt to wipe the RAM without turning off the machine there are for some ungodly reason tools for that.

http://manpages.ubuntu.com/manpages/lucid/en/man1/smem.1.html

### Obligatory xkcd (-1, Redundant)

This comment was hidden based on your threshold setting.

### Backdoors? (0)

This comment was hidden based on your threshold setting.

#### Anonymous Coward | more than 2 years ago

If the encryption should be absolutely safe, there has to be open source software, to be 100% sure that there is no back door. Or is every encryption technology reverse engineered to be able to say that no government idiot can type some cheat and decrypt all the data?

### Re:Backdoors? (1)

This comment was hidden based on your threshold setting.

#### Smallpond | more than 2 years ago

If the encryption should be absolutely safe, there has to be open source software, to be 100% sure that there is no back door. Or is every encryption technology reverse engineered to be able to say that no government idiot can type some cheat and decrypt all the data?

No amount of reverse engineering can prove that software does not have a backdoor. You can never be sure unless you write all of your tools yourself.

http://cm.bell-labs.com/who/ken/trust.html

### Bring it (-1)

This comment was hidden based on your threshold setting.

#### Anonymous Coward | more than 2 years ago

God says...

Hail, Son of God, Saviour of Men! Thy name
Shall be the copious matter of my song
Henceforth, and never shall my heart thy praise
Forget, nor from thy Father's praise disjoin.
Thus they in Heaven, above the starry sphere,
Their happy hours in joy and hymning spent.
Mean while upon the firm opacous globe
Of this round world, whose first convex divides
The luminous inferiour orbs, enclosed
From Chaos, and the inroad of Darkness old,
Satan alighted walks: A globe far off
It seemed, now seems a b

### Anti-FUD (4, Insightful)

This comment was hidden based on your threshold setting.

#### spudnic | more than 2 years ago

So how are we to know that this isn't anti-FUD?

"Yes, Citizen, your full disk encryption is just too much for us to crack. I guess you're in the clear."

### Re:Anti-FUD (0)

This comment was hidden based on your threshold setting.

#### Anonymous Coward | more than 2 years ago

By the physics of it. It takes x time to check a key so an alphanumeric password of length n will take x*(36^n) to crack. If the password is long enough it'll take an obscene amount of time to crack.

### Re:Anti-FUD (1)

This comment was hidden based on your threshold setting.

#### dr2chase | more than 2 years ago

And no deal was done with the manufacturer to install a backdoor?

### Re:Anti-FUD (1)

This comment was hidden based on your threshold setting.

#### SuperMog2002 | more than 2 years ago

And out of the dozens of manufacturers (including some open source), none of them leaked anything to the press about said deals?

### Re:Anti-FUD (1)

This comment was hidden based on your threshold setting.

#### Z00L00K | more than 2 years ago

Just make sure that the obscene amount of time exceeds the statute of limitation.

### Re:Anti-FUD (1)

This comment was hidden based on your threshold setting.

#### klingens | more than 2 years ago

Easy: either they consistently have the data from the decrypted drives and use it to prosecute you or they don't. If they lie to the courts about having the data, ie they have it and use it secretly but don't tell the judge and defense, then you have bigger problems: a corrupt justice system. Then encrypted data won't help you to avoid a guilty verdict.

### Re:Anti-FUD (4, Insightful)

This comment was hidden based on your threshold setting.

#### betterunixthanunix | more than 2 years ago

That is not how the police in America work. When they cannot crack a cryptosystem, they try to get it outlawed or prevent it from becoming mainstream, and then push for a system with a backdoor. When they manage to crack a system e.g. the Hushmail attack, they parade it around and declare that no matter what anyone does the police will be able to defeat it.

If this sounds like Doublethink to you, perhaps you should take a look around and reconsider your views on whether it was Orwell or Huxley who was correct.

### Re:Anti-FUD (0)

This comment was hidden based on your threshold setting.

#### Anonymous Coward | more than 2 years ago

I would actually be surprised if the military didn't have a massive supercomputer specifically for this purpose able to bruteforce an insane number of passwords per second. I seem to remember years ago a nuclear weapons smuggler had sat 4 years in prison before his passwords were finally cracked.

The thing is, similarly to during the Cold War, sometimes you have intelligence assets that, if you use them, would cause them to lose their value for the future. That's because the Bad Guys (in this connection yourself) would adjust their behaviour. There's no way to "secretly" crack your everyday bloke's password (or even the worst child porn offender's password) and use it in a trial without that becoming known.

Hence, as long as you aren't smuggling nuclear missile blueprints, you can do pretty much anything involving regular criminal courts and not be cracked. Even if the government has that capability the whole time.

### Re:Anti-FUD (1)

This comment was hidden based on your threshold setting.

#### thegarbz | more than 2 years ago

Because my tinfoil hat doesn't work at that frequency.

Best erase my harddrive and then write /dev/urandom out to it 37 times just to be sure.

### This subject has come up before (-1, Redundant)

This comment was hidden based on your threshold setting.

#### circletimessquare | more than 2 years ago

and this is the obligatory xkcd cartoon to bring the geek fantasy life back to earth:

http://xkcd.com/538/

### So what? Even our goons can do it. (3, Informative)

This comment was hidden based on your threshold setting.

#### Anonymous Coward | more than 2 years ago

The encryption might be practically unbreakable but that doesn't help a lot. Around here police just break into homes to install hardware or software keyloggers. Sure, that may not be exactly legal for them to do, but they don't care because they know nothing will happen to them.

### Legal (1)

This comment was hidden based on your threshold setting.

#### Anonymous Coward | more than 2 years ago

It's legal if they have a warrant.

This comment was hidden based on your threshold setting.

#### Anonymous Coward | more than 2 years ago

If you attract the interest of a sophisticated enough adversary, the FBI or NSA for instance, you're probably toast. And if your adversary isn't concerned with following the law, well your fingers (or the fingers of your family members) can be lopped off one at a time until you remember your passphrase. Plausible deniability is a better strategy.

http://news.cnet.com/8301-10784_3-9741357-7.html

This comment was hidden based on your threshold setting.

#### Anonymous Coward | more than 2 years ago

Plausible deniability is not better for keeping your fingers. And up against sophisticated adversaries you need TEMPEST secured hardware at the very minimum, little can be done about bugs, laser mikes, spy cams and other side channel attacks.

### kind of the point (4, Insightful)

This comment was hidden based on your threshold setting.

#### Surt | more than 2 years ago

I mean ... what's the point of encryption that your foes, police or otherwise, can bypass?

### One quantum computer, to go... (0)

This comment was hidden based on your threshold setting.

#### Anonymous Coward | more than 2 years ago

Should be easy for a 256-qubit quantum computer.
Now if I only knew how to make one.

### Semi-unrelated: Easy to remember good passwords (1)

This comment was hidden based on your threshold setting.

#### Anonymous Coward | more than 2 years ago

Any simple phrase that's memorable to you with a minor variation in caps and 2-3 symbols. Like:

ItWasADark&AndstormYnigh%T! (or preferably something that's not a top-10 cliche).

Not very much less secure than a completely random phrase. The only way to brute-force it would be to take every potentially memorable phrase from every work of literature, try every cap combination and every placement of 2-3 random symbols, which is still impossibly hard. It is FAR, FAR better to use a long phrase like that than a short phrase of extremely random symbols.

This comment was hidden based on your threshold setting.

#### Anonymous Coward | more than 2 years ago

What about a "password" that you tell police that then deletes everything in the encrypted space. So you have two passwords, one to decrypt everything for you and one that you give away when needed to delete everything but make it look like it isn't.

### Lets say "impossible" instead of "hard" (1)

This comment was hidden based on your threshold setting.

#### gweihir | more than 2 years ago

Unless the people using it are doing stupid things, like letting a running or hibernating laptop fall into the hands of law enforcement or using weak passwords. There are plenty of people that do these stupid things though, but getting a memory-image via FireWire or brute-forcing a weak password hardly counts as breaking the encryption. Hardware keyboard-sniffer also do not count. AFAIK there is not a single instance where law enforcement managed to break FDE when the user did not do stupid things.

### Maybe they could try some real police work (0)

This comment was hidden based on your threshold setting.

#### Anonymous Coward | more than 2 years ago

What goes on inside a personal computer is rarely the illegal part, it's usually just going to be evidence of something illegal that happened outside of the computer. I think the effort would be better spent on finding the illegal act instead of hoping that Joe Terrorist happened to send an email to his mom about the bomb he's building.

### Research is needed to... (1)

This comment was hidden based on your threshold setting.

#### Psicopatico | more than 2 years ago

"Research is needed to develop new techniques and technology for breaking or bypassing full disk encryption."

That would lead to "better" crypto systems.

### Here's a clue LEO guys... (5, Insightful)

This comment was hidden based on your threshold setting.

#### bmo | more than 2 years ago

While I currently do not run full disk encryption on my laptop and I have never done anything to warrant arrest, I have thought about full disk encryption. Especially in these days of a growing police state, it is not my job to make your job easier. If the news stories keep going the way they are, I suspect that within the year, I will simply migrate over with strong encryption and that will be that.

Because I do not like the increasingly adversarial and militarized role the police have been taking. I'm sure I'm not alone. While I do not wear tinfoil, the news events of late give me pause.

--
BMO - shiny side out.

### Take some comfort... (1)

This comment was hidden based on your threshold setting.

#### Dogbertius | more than 2 years ago

It government-backed policing agencies cannot bypass this, at least it shows (to some degree) that AES-256 doesn't have some fundamental flaw or "back-door" in its algorithm that was intentionally left undisclosed. Take some comfort in knowing that everyone who attempts to crack the archive (excluding the use of jail, torture, installing keyloggers, fining you millions in taxes that you never owed, etc) still has to take the brute-force/dictionary-based attacks. Here's an good example:

### I've got a solution! (4, Insightful)

This comment was hidden based on your threshold setting.

#### PopeRatzo | more than 2 years ago

Your system unlocks via your foreign friend's iris, which you get via his smartphone's camera.

Yeah, I know it's inconvenient, but it would be worth it to frustrate the monsters who have seized power.

Of course, by that point they'd probably just use rendition to send you someplace where you'll be tortured, just for making them have to work for a living. US or UK, I don't think there's any line they won't cross. Not any more. There's no longer a pretense to anything like personal rights. Unless your name ends in "Inc." you just don't have rights any more.

Slashdot Account

Need an Account?

Don't worry, we never post anything without your permission.

# Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

• b
• i
• p
• br
• a
• ol
• ul
• li
• dl
• dt
• dd
• em
• strong
• tt
• blockquote
• div
• quote
• ecode

### "ecode" can be used for code snippets, for example:

<ecode>	while(1) { do_something(); } </ecode>
Create a Slashdot Account