Slashdot Mirror
Export-level Encryption Proves Insufficient
rossjudson writes: "The Independent is running an article about the shoe bomber terrorist. The interesting bit for Slashdot readers is at the bottom -- apparently the 40-bit encryption in the export version of Windows 2000 was cracked by a set of computers using a brute force method. So let's confront the question: Should the US prohibit the export of high-encryption software? Here is a case where the default values (40 bit) clearly helped recover valuable information from a system." There's another article in New Scientist focusing on the encryption issue.
Yeah because prohibiting the export of this will prevent anyone evil from getting hold of it...
Sig is taking a break!
If you really want to make the world a safer place, please demand that everyone wear helmets all of the time.
--Lawrence Lessig for Congress!
[however, Lotus Notes is still 56 bit with the NSA holding 16 bits, right?]
it's in my head
Advanced Math Textbook +
Computer +
Low-level programming skills =
High Grade Encryption... Anywhere in the world.
The next Slashdot story will be ready soon, but subscribers can beat the rush and slashdot the links early!
40 bits is nothing, and has been for decades. /chosen/ to be crackable. And in my book, and in the minds of many others, that pretty much disqualifies it from even being called 'crypto'.
That limit was
THL.
Keeping
Should the US prohibit the export of high-encryption software?
Sure, why not? It isn't as if there are any cryptographers in any other countries in the world, is it?
Legislation is pointless, and even damaging in this case. The cryptography playing field is fairly level. That's not inherently a good or a bad thing; just as al-Queda can encrypt their files, they are equally prevented from intercepting sensitive information by the same technology. If legislation restricts crypto, we will find ourselves in a situation in which the FBI can't crack terrorist comms, yet terrorists can intercept commercial data. Airline security information, oilrig blueprints, whatever.
I'm not a terrorist, and i don't have necessarily anything to hide (other than my checkbook, etc..) but this pretty much settles the question for me that 40-bit, even 64-bit just isn't enough. i'm glad that we were able to catch that guy and find out what he was up to, but placing export restrictions wouldn't have worked in this case. HE WAS/IS A CITIZEN OF THE USA.
The laws are meaningless. I'm sure we can all think of dozens of ways to subvert them.
For instance, I could just fly over the US, buy/borrow/steal a copy of whatever software I wanted, dupe the CD and label it "Backstreet Boy's Greatest Hits" for my carry-on CD case.
------
Today's Top Deals
Only Outlaws Will have Strong Crypto.
I know that if I was a terrorist bent on international murder and mayhem, I would be sure to only buy authorized and legal software. Wouldn't want to rip off the Great Evil.
-These aren't my pants.
Encryption products are the locks and keys of the Information Age, enabling individuals and businesses to protect sensitive information as it is transmitted over the Internet. The ability to protect and secure information is vital to the growth of electronic commerce and to the growth of the Internet itself.
The Internet is an open, decentralized network that was not specifically designed with security in mind. Because communications flow through multiple networks, your communications are vulnerable to the prying eyes of hackers, foreign governments, and -- yes -- even rogue law enforcement agents.
Encryption technologies, which scramble communications so that they can only be read by their intended recipients are vitally important to protect privacy, secure commercial transactions, and prevent crime.
So why isn't encryption widely used? Well....
Current US policy prohibits US companies from selling strong encryption products on the world market. US companies, find it prohibitively expensive to develop two different versions of the same product, and as a result very few strong, easy to use privacy and security products are available inside the United States.
After more than 4 years of debate, the privacy and security of Internet users remain hostage to cold-war era export control regulations and risky, and efforts to compel domestic "key-recovery" systems designed to FBI specifications. Even more, despite the loud objections of privacy advocates and the computer and communications industry, the Administration remains committed to its failed "Clipper" policies.
While the legitimate needs of law enforcement and concerns over National Security are important factors which must be considered, the Administration's continued efforts to push for the world-wide adoption of "key-recovery" or "key-escrow" systems, which would provide guaranteed law enforcement access to private communications, represent a grave threat to privacy and security on the Internet.
Congress has finally gotten the message and has begun to consider legislation to prevent the government from imposing "key-recovery" or "key-escrow" systems inside the US, affirm the rights of Americans to use whatever form of encryption they choose to protect their privacy, and relax the outdated export controls. Bills are moving through the House and Senate with strong bi-partisan support.
Write your Representatives!
Custer's Revenge: The greatest video
I feel that the only good laws are ones that can be enforced to a reasonable degree. If we had no police officers that gave speeding tickets, then having speed limits would not do any good. I feel that higher level encryption can be had by anyone that wants it. They can just download it from anywhere. The only things that keeps people from illegally downloading it is a little message that says "If you don't live in the US, please download the suckier version." You don't have to be evil just to circumvent the system and get higher level encryption. Anyone can just click the button to download it. Therefore, I don't think this law should be in place as there is no way to enforce it.
The irony that the terrorists used a product made by one of the US's biggest corporations to protect plans it was making against it may not be lost on an administration that recently relaxed rules on the export of "strong" encryption. Tighter controls may follow.
So running linux is Unamerican!
Steve Ballmer was right!
...damn, time to re-install win98.
We dance to all the wrong songs.
--Refused.
Come on, how is it news that cryptography was broken? It's not hard! All it takes is time. The Distrubuted.net clients taught us that. Yes, it's bad that the cryptography was broken, but how can any Slashdot reader see this as anything more than the inevitable conclusion of using too weak a standard? Even 128-bit encryption can be cracked, given enough time and enough computers crunching on it!
It is extremely easy for anyone with a computer and internet connection to get their hands on strong encryption. Just because one person chose to use weaker encryption and had his files broken by our government, it does NOT mean that he could not have found PGP on the internet and used that instead. Crypto export regulations are worthless and hurt US business (and even US Free Software).
E4M (encryption for the masses) http://www.e4m.net/ is now merged into SecurStar in Germany that offers 256-bit filesystem encryption for Windows. Not in the US.
PGPdisk has been around for a long time.
So restricting US export will do nothing.
Users of *nix systems will probably have even more choices.
Bonus: PGP-folder-hooks in mutt
My answer is "no," the U.S. should not prevent the exportation of encryption (as if it were so difficult for someone to smuggle a CD out of the country). It's a silly, feel-good measure, as nobody who is going to use encryption for nefarious purposes will be even mildly troubled by it.
However, the U.S. has traditionally prevented the exportation of encryption and only now permit it when it is wimpy enough to be easily breakable. So, is it really all that surprising that this happened?
This doesn't prove out the fact that we should restrict crypto export to 40 bits... What it proves is that this guy was an idiot for relying on it. We all know that restricting the export of anything like intellectual property is like trying to catch helium molecules with a screen door. Additionally this policy is so arrogant to assume that the US is the only source for this type of technology... OK, ignorant/arrogant, whatever...
No man is an island, but Gary is a city in Indiana.
Export laws are absurd because there are just as capable of mathematicians and programmers throughout the world: What use is it forcing your own software companies to jump through hoops when the rest of the world already (and has for a long time) had extremely strong encryption? Indeed many of the AES submissions came from overseas, with the selected winner (Rijndael) coming from Finland, I believe.
The encryption genie is out of the bag, and the anti-competitive laws restricting US companies from doing reasonable business while the rest of the world is unrestrained is just self-defeating: It makes no sense except to myopic morons who truly believe that the US is the sole source of the world's technologies.
Lets face it windows may be the most distributed desktop operating system, but has anyone really taken its security seriously?
In the UK for a long time we couldnt get 128 bit encripted browsers, and have adapted to using 3rd party encription systems developed by companies with a proven security track record.
End of the day it wont make any differnce to anyone who takes security seriously.
0101100101101111011101010110110101110101011100110
If the default encryption made it easier to "recover valuable information form the system" then it is clearly not doing a good job, should not be used and to be replaced by a better version.
I mean, afterall, where's the point in encrypting your stuff in the first place if it can be more or less trivially cracked?
No, this isn't about terrorists, it's about an obviously inferiour/defective product.
I don't see the point. The theorems for encryption (Fermat's little and others) can be understood by anyone who know basic algebra (not even abstract algebra). So, someone can download those super-long interger libraries and write a couple pages of code to come up with x bits of encryption software. The random number generator is the hardest part but it can be made fairly random by human. So any organized group could hire a programmer for 1 week and get it written for them. So why not allow encryption export?
Why do people think that having a law regarding exporting software/code is going to stop ANYONE from using it? It's just like gun laws in Canada, the only people who are affected are the law abiding citizens who legally use their guns, or have them for decoration. If someone REALLY wants to use 128 bit encryption, they are going to. There is no way around that. Software is so easily obtainable that anyone who has access to a Windows platform can download it and install it. It really is a no brainer.
Now for this guy who happened to have 40-bit encryption installed by default, he's just a moron then. He obviously didn't know that 40-bit was easily breakable, he didn't care, or didn't take the 10 seconds to download and enable 128 bit on his computer.
I chalk it up to stupidy on his part for not simply looking for the stronger encryption (it's out there, and easily obtainable).
Now for the conspiracy theorists: He wasn't ACTUALLY using 40-bit encryption, that's what they want you to think. He was using the full 128-bit encryption, but the NSA can easily crack that level now due to the computer power they have. They simply tell the media it's 40-bit just so that we don't come up and develop something even more powerful which would take them longer to decrypt.
I have no signature
Export restrictions will not work to secure the US of A from terrorists.
I don't want to sound like I'm against the USA or anything, it's just that a lot of effort has been put into security measures (wich is perfectly understandable), but hardly any debate about the root cause of the fact that people are crazy enough to kill themselves and many others with them just because in their perception America is evil. (phew too long a sentence, I know)
Tightening security is just another step in an evolutionary arms race, and eventually the opponent (the terrorist if you wish), will find a way around it. Anyway, do you think terrorists give a damn about restictions based on US law? I wish I could be more optimistic, but I don't think so.
He's obviously a complete idiot for only using 40-bit encryption in the first place. He's an idiot for trying to light the shoes with a match.
Conclusion: We know the guy is an idiot... what would happen if a SMART person tried this?
I'm sure W stays up late everynight watching football, choking on pretzels and thinking of new ways to dominate Canada. Plze.
>
should the US prohibit the export of high-encryption software?
Oh FFS!
Must we go over this again!
Its already been exported!
Look
-export-a-crypto-system-sig -RSA-3-lines-PERL
#!/bin/perl -sp0777iX+d*lMLa^*lN%0]dsXx++lMlN/dsM0j]dsj
$/=unpack('H*',$_);$_=`echo 16dio\U$k"SK$/SM$n\EsN0p[lN*1
lK[d2%Sa2/d0$^Ixp"|dc`;s/\W//g;$_=pack('H*',/((
Anyone quoted by a reporter knows how little they understand
Don't believe what you read is the truth.
1) not everybody who lives in the u.s. is a good guy while the rest of the world is full of bad guys. remember that anthrax stuff last year?
2) "should that guy living in his hut on the top of mt. everest export his drawings?" - does anyone care? is the rest of the world suddenly too stupid to create cryptographic tools? are only americans up to the trick?
128-bit Encryption Becomes the Default in Windows 2000 Service Pack 2 (SP2)
The Windows® 2000 operating system was the first Microsoft platform with 128-bit encryption to be shipped internationally after the United States government relaxed its export restrictions for strong encryption in early 2000. Microsoft has obtained the necessary approvals to ship Windows 2000 with strong encryption to all customers worldwide except U.S. embargoed destinations.
hey troll, wtf! :P
:)
what I think is that the war to terrorist is just an excuse to have more control every people, every states, every bits, to impose their way of thinking, their control over other states, so it apply to this article talking about crypto, use and exports of crypto!
sorry but they suck!
thanks!
Export-level Encryption Proves Insufficient
... that was the point.
Yes
The rules were relaxed a couple of years ago though. Link. You can export anything after it's been reviewed.
Yeah sure morally they should do something, but they cant stop people gaining access to high level encyption technologies, and in the end it doesn't matter...is there any encryption they can't currently break given enough time.
;) )
I don't think they should trade off peoples right to privacy,if the government really wants to read your emails or data its always a matter of when not if.
There are other issues here such as industrial espionage on companies by other companies and governemtn agencies, if we have weak encyption its not just governments who can abuse this...everyone should have a right to privacy excpet under exceptional circumstances....weak encrpyption allows anyone to potentially access your data form script kiddies to the government which I'm sure is NOT what they intend.
But with strong encryption already in the wild, how can they stop people getting access to it in any practical sense (bar banning the internet
Whether you use macs, linux unix, pc or even good ole os/2 high level encrpyption for home users is a reality...they've just got to admit reality
In fact, we should just make terrorism illegal, then people would stop. Because criminals follow the law, right?
Even though Osama was able to get a bunch of people into US flight schools, he surely wouldn't've been able to go to CompUSA, buy a copy of W2K off the shelf, and somehow get a 5 x 5 x 1/16" piece of plastic outside a country with roughly 10,000 miles of borders and 1500 international flights daily. Nope, no way that coulda happened.
Considering how much planning and communication had to take place for 9/11 to happen, we only have a video tape and a few files? Sounds like the low tech method works better for keeping things under raps. Is a computer isn't going to commit suicide if the FBI catches it (well I suppose you could boobie trap it). A terrorist on the otherhand can mislead, or commit suicide. The only thing weak encryption does is make businesses more vulnerable to government snooping and crackers. Plus the government can use things like a warrant to get access. Oh I forgot they hate having to ask judges for warrants and answering questions like "do you have sufficient proof or cause?"
Ok.. so that movie's kinda old now :)
40bit being crackable's the point of exporting it!! Why should we provide orhter countries with a tool that will protect them from our spies!! DUH!! Let'm develope their OWN encryption!
At least that's Unlce Sam's opinion...
Me on the other hand.. don't care much.. I dont have anythinge needing encryption overseas.. and dont mind if i can or can break thiers... but hey.. get off their duffs and write it!!
Export Level encryption proves insufficient.
That's the point.
Don't you think one of the reasons the government would want weak encryption in foriegn (and therefor, possibly adversarial) computers, so it's easier to break into them?
Remember, for the most part, US laws protect US citizens, and are valid only within the confines of the United States. Since we don't really seem to care about how our government gathers information outside our country, It makes sense that the Government would want to make this easy, and one way is through export controls.
Don't like it? You have other options.
And note to Eurotrolls, who might take the chance to cry US-centric, or brute american, or whatever trash you usually spew, don't think for a second your government isn't engaged in every kind of spying it can.
Alcohol, Tobacco and Firearms should be the name of a store, not a government agency.
The WSJ was what was trying to crack this file. We all know how to crack a win2k password. Especially a local password. A search on google will reveal several ways to brute force a password for the system. I know that when I didnt get some guy from Compaq(we outsourced our helpdesk) to give me local admin rights i simply left a brute force cracker going came in the next day and had the local admin account. The desc in the article sounds like all they had done was used another username so these people could not see it. But once again maybe it was good a techie didnt get it. Since the first thing most of us would have done with these PCs is formated and then installed Linux :)
I am 31337 or something.
Just had to say that before some Belgians get angry about that. Whoops. :-)
40 bit
128 bit
Cowboy Neal with a pen
This is the wrong question. The right quesion is: Given that 40 bit encryption can be broken in a realively short time frame, would you feel comfortable reccomending it to your organization?
It seems clear that while the use of 40b crypto allowed recovery of useful information in this case, for protecting sensative information, it's not much better than ROT13 or XOR...
Who needs it? Well, businesses, anybody with information they want to keep private, anybody with information they don't want their bosses or employers to know, anybody who keeps secret information or documents that they don't want wife/children/family/parents to pry into, people with mistresses, and yes, perhaps some really bad people like terrorists.
The fact that one already acknowledged to be EXTREMELY incompetent terrorist who failed to successfully ignite his shoe bomb (which was packed with high explosive) ALSO failed to properly obtain a high security add-on for his computer is evidence of exactly one thing: his incompetence. Not of the effectiveness of export restrictions. So while I agree that perhaps investigators obtained useful information because he was using weak encryption, and that is fortunate, export restrictions would not prevent a determined, modestly informed criminal or criminal organization from using real crypto (as opposed to 40 bit crippleware).
You could argue that a really determined criminal could take down a plane too. That's probably true, but we're talking about levels of effort on different orders of magnitude here. One involves 5 minutes and a few clicks on a computer. The other involves serious tactical planning to commit a terrorist act. Conclusion: crypto export restrictions have never protected us from a competent criminal, and they still cause economic harm by restricting free trade of goods that support proper encryption by US companies, giving unfair advantage to foreign companies.
So banning 128bit encryption from export from the US will stop everyone getting hold of the AES standard Rjindael because US export regulations obviously cover Belgium.
What a dum idea.
Steve.
The drives contain more than 17,000 files. Though all of them are related to al-Qa'ida in some way, many are humdrum and dull. Others are not. The interesting files tend to be protected by sophisticated passwords or are encrypted, and the Journal is still working to decode them. One file, in particular, took five days to crack, using several computers. The reporters gained access to it on Sunday.
It's amazing to me that these savvy WSJ reporters would admit to circumventing security measures in Windows 2000 in order to access these files! Don't they know that anything they say can and will be used against them in a court of flaws?
I wonder if Junis' email is on either of these? Oh, wait, never mind, they aren't Commodore drives.
So let me get this straight...
Two journalist are in Afghanistan, one of their laptop is broken, so they deside to buy anther one.
So far, so good, I would probably have tried to repair it and ask for replacement, but then, I am not in Afghanistan.
They buy two computers, another laptop and a desktop. What did they buy the desktop for again?
And they buy it from people who are looting buildings? I always thought journalist to have low ethics anyway...
Instead of re-installing the PC, they decide to look at what is on it. Ok, I can understand that, but they must have spent quite some time looking at those files to determine that they were willing to spend five days to crack some of the encrypted files they found.
In other words, two american journalist pick up a PC (they had no reason to buy), and they happen to find Terrorist secret files on it. Sounds too good to be true. I don't buy it, it's a setup.
And now they use that to attest of the validity of the export restriction on encryption.
If the BSA or RIIA is going after me because I have some illegal stuff on my hard disk, I can just claim that I got my PC second hand, and that all this stuff was left there by the terrorists who had the PC first...
Black holes occur when God divides by zero.
The drives contain more than 17,000 files. Though all of them are related to al-Qa'ida in some way, many are humdrum and dull.
Yeah. I always thought WIN.EXE was a bit dodgy.
Steve.
What's the convention for putting a smiley at the end of a sentence in brackets? (I always use :-) but it feels wrong..
Let's not forget , where the Taliban got their weapons.....
Why do people think that having a law regarding exporting software/code is going to stop ANYONE from using it?
And laws against theft don't stop determined shoplifters, and laws against copyright infringement don't stop determined Napster users, et cetera, et cetera. But that's not the point. The point is to make it (a) difficult and (b) punishable if someone does it, in order to keep it to a minimum.
A better argument would be to point out that there are ways to circumvent the law without breaking it -- by simply creating the software/hardware in another country using the same mathematical principles, for instance. But for the love of Pete, people, stop using "laws can always be broken" as an argument against making laws.
My question is, why did it take so long to break a 40bit key? After all, EFF's "Deep Crack" (now there's an unfortunate name!) broke 56bit DES in 56 hours, almost exactly 3 years ago!
And another thing, what on Earth is an al-Qa'ida terrorist doing with a laptop? I understood their position to be totally anti-technology - apart from guns and bombs of course...
Code, Hardware, stuff like that.
If this guy was informed about cryptography (not necessarily knowledgable, but informed - sort of like having the equivalent of a financial planner for cryptography) he would've used one of a number of bolt on products to really secure his computer. Some of these products are commercial, others are open source. He may have more difficulty getting (and if he's properly informed - less trust in) the higher grade commercial packages but it'd still be doable. Fly to California, go to Fry's and buy it. If he goes for the source code route its just about impossible to police. You can get it anywhere in the world where there's an internet connection or a mail system (CD ROM or a package of floppies through the mail).
Saying that 40 bit encryption is an assistance to the CIA/FBI/NSA is only true if you rely on having stupid terrorists, in this case it was obviously true. Suppose they hired the equivalent of a director of IT though, who would come up with approved solutions. Life would become more difficult for the government. Whether the solutions that are proposed are legal or not doesn't matter. You're planning on blowing up aircraft, knocking down buildings and killing people. You won't even bat an eyelash at breaking encryption laws.
What low grade encryption really helps with is gathering data against ordinary citizens such as the guy who was a bit less than honest about his tax return.
Also, despite this low grade encryption the attack wasn't stopped. It's only after everybodies eyes were on this guy that his computer was examined and found to have low grade encryption.
Chris Kuivenhoven is a thief, beware
After this is makes even more sense to push for mandatory 128-bit encryption in Europe, to gueard European interest against unfair competition from USA.
Is anybody that's going to need a high-level of encryption (for use illegally) going to PAY for windows?
No! Most likely they'll just pirate it and not think twice about it.
I've just read 50 posts saying that limiting export strength encryption won't stop any non-US people from using higher encryption. I agree that this makes perfect sense. It's completely logical.
But everyone seems to conveniently ignore the fact that this group DID rely on the export strength encryption that they had available. They DIDN'T use PGP or any one of the myriad of other options for better encryption. Perhaps the premise that a slashdot reader is familiar with other encryption techniques isn't equivalent to the premise that an Al-Qaida member will be familiar with other encryption techniques.
Any reasonable and complete argument against limiting export strength encryption at least needs to address this fact. One could argue that it is an unusual case, that it won't be repeated, that you don't care if non-US folks have default access to better encryption, etc.
But arguing that it will never stop anyone from using better techniques seems silly when presented with this case of a group using exactly the default abilities that they were given in Win2k.
What the hell I feel like losing some karma today. Here is an Offtopic and a Troll for you fellow moderators... I just think it is worth turning some people's attention to the interesting links in the "From Americas section"
... I could have posted anonymously.
* Just retribution or an abuse of human rights? A big question, with only one answer in the US
and
* American action is unlawful, say legal experts
And I know
"Should the US prohibit the export of high-encryption software? Here is a case where the default values (40 bit) clearly helped recover valuable information from a system."
If the US could somehow ensure that we were the only ones who provided encryption, this may be an argument on national security bounds. However, we cannot.
If anything, all of this talk about encryption has provided criminals with the knowledge that we can eventually break in. Even if that were not the case, better encryption is available in any of over a hundred countries, many with little concern for US regulations. I believe 128-bit encryption has been freely available for years, provided by companies outside the US.
We need freely available encryption of every higher levels to stay ahead of our enemies (and some would argue our friends). Consider it only took five days to break the 40-bit encryption. How long would it take someone to brute force his or her way into a financial institution? Banks, trading firms; electronic merchants, etc. are and or should be constantly upgrading their security and encryption levels.
Encryption should be viewed like a car. A car has very powerful, valuable, perhaps even essential uses. Unfortunately, people can use cars to rob, kidnap, and murder. Still, we allow and even encourage access to cars because the benefits far outweigh the problems that periodically occur.
If you check out most of the 9-11 terrorists, you'll find they were rather brilliant and disiplined people.
They'd have rolled their own strong encryption in a week or two if required.
(Weirder smileys ;-] )
oh.. never mind.
MS has a weak security standard, the security gets broken, and the terrorist is the idiot?
Come on people this is an open target for some MS bashing. Whats going on here?
Correct. 40-bit keys have no protective value. Remember the article about IBM's crypto chip being broken? (Somebody please provide the link to /. article, I can't at the moment.) In practice, they broke single DES, 56 bits worth of security in a good block cipher. In brute force.
It took at most 2 days with ~1000 $US worth of gear to find the key. Let's assume that they needed the full 48 hours to get that key broken. Simple math follows:
48 hours is 48*3600 seconds. It takes this much time to brute-force a 56-bit key. 40 bits is 1/(2^16) times the size of that, hence the time to break a 40-bit key with similar equipment is 48*3600/(2^16) seconds. This is no more than about 2.6 seconds.
To underline this as clearly as I can: 40-bit keys provide NO security. They may have provided some, at a time - but definetely not for some time now.
There is no such thing as good luck. There is only misfortune and its occasional absence.
... export control regulations for matches and cigarette lighters. So that those nasty terrorists cannot set their shoes on fire.
128 bit encryption has to my knowledge been legally exported from the US since january 2000.
You can use a Japanese-style smiley (like this) ^_^
Reminder: find a new sig
It's amazing to me that these savvy WSJ reporters would admit to circumventing security measures in Windows 2000 in order to access these files! Don't they know that anything they say can and will be used against them in a court of flaws?
Oh yeah, like the US are really worried about International law when it come's to the Taliban. POW's no no , they are criminals, I mean where are their uniforms?? Lets ship them to Cuba and stick them into a cage....
Yeah, Reid should sue them under the DMCA!
We need to stop the export of strong encryption. While we are at it, we should probably go ahead and prevent foreigners from CREATING strong encryption. There is no reason for Operation Infinite Justice to target all those criminal foreign programmers, especially those evil terrorist scum behind GNUPG, those foreign OpenSSH programmers, the entire development staff of OpenBSD, and probably a good dozen other groups. Hell, as long as we are at it, we should probably bomb all of Ireland and India, I hear that they have quite a few proficient programmers who could produce this stuff as well. And what about that Schneier guy? His "Applied Cryptography" is probably the number one source of information about writing crypto apps as well, we should probably kill him so that he can stop showing people how easy it is to write crypto apps with rudimentary programming skills.
Fuck it, why don't we just nuke EVERYONE else and start wearing helmets everywhere. Because, you know, we just need to be safe.
I know exactly what you mean. I just go with what you use too. I used to think it looked wrong, but i`m going to leave it as it is from now on, seeing that you use it too! Looks ok to me - i just fear others wont `get it`!
Let's see...
<br>
Terrorists use Export Restricted Version of Windows 2000 to encrypt their filesystems. Terrorists get stomped on by US military, and their computers get bought by the US press. US press decrypt filesystem based upon really weak encryption. Interesting things are learned.<br>
<br>
Anybody else notice how this WOULDN'T HAVE BEEN POSSIBLE (in any reasonable amount of time) if the 128-bit encryption (in W2K SP2) had been used? So the export restrictions *did* their job... While everyone is saying how export restrictions are meaningless, as any "evil-doer" can find good encryption anywhere in the world, if only they look, it seems that the current leader (in terms of evilness, and at the top of the list of orgs that the US is fighting) of terrorist organizations neglected to do that...<br>
<br>
I think that the US gov't will be empirical rather than ideal when looking at this issue, and their reply to anyone who doesn't want export restrictions will be that, obviously, THEY WORK.<br>
<br>
--evan<br>
<br>
(Sidenote, the time issue is significant, as if it took many years to decrypt the filesystem, then the information linking our shoelace bomber to al-Qaeda would have probably come too late to be of any help.)<br><br>
(Score:-1, Troll)
it took the equivalent of a set of supercomputers running for five days, 24 hours a day, to find the key.
That is impressive! Can anyone find more information related to what type of Parallel Computing Method they used to crack the 40 bit? Did they use a SGI or an cluster of Linux/NT machines?
In the New Scientist article I saw an interesting quote "If you go much beyond 56 bit it is outside the realm of possible."
It certainly is within the realm of possibilities that in a couple of years when Quantum Computing is more developed even 128 bit encryption won't be considered a "safe" level. Now that is a technology that we should keep a close eye on!
/.................../ \\
"So let's confront the question: Should the US prohibit the export of high-encryption software?"
No, we should prohibit the export of Windows 2000. =)
I SURVIVED THE GREAT SLASHDOT BLACKOUT OF 2002!
The only real newsworthy bit I saw in it is that apparently the people who bought the laptop and then decrypted the disk are not govenrment operatives, but "just" people working for the Wall Street Journal. If anything, this says that moderate cryptography knowledge has become routine in corporate America.
When the NSA can uncover my deepest secrets, that's one thing. When a potential employer can decrypt anything protected with twenty year old technology, I don't worry yet, but talk to me again in my mid-40s. I wonder when some of the early posts to alt.anonymous.* will become decipherable.
First supply the training software (FS), and then the security software (128 bit encryption). Way to go, Billy Goatse!
Instead of brute force cracking the Win2K login password can't one simply boot up the computer with a linux floppy and find/replace the password with one of one's choosing?
I thought this was a standard sysadmin trick.
I'm reading Steven Levy's Crypto right now and he seems to indicate that Zimmerman's program was widely distributed when it came out...
So either the shoe bomber was a) an amateur, b) very stupid, or c) a government agent whose sole purpose is to give them an long-sought excuse to severely regulate crypto...Personnally I'd go for a) or b), as c) would be too much of a risk for the gov't to take at this time - but you never know!
Reminder: find a new sig
The drives contain more than 17,000 files. Though all of them are related to al-Qa'ida in some way, many are humdrum and dull. Others are not. The interesting files tend to be protected by sophisticated passwords or are encrypted, and the Journal is still working to decode them.
Good thing our country is being saved by the WSJ. I wouldn't want those journalist clowns over at the FBI performing any kind of evidence gathering.
Need Free Juniper/NetScreen Support? JuniperForum
A super-secret Al-Queda laptop magically falls into US hands.
Those US hands just happen to be reporters for the Wall Street Journal.
Even though the drive is encrypted, said reporters somehow figure out it's an Al-Queda laptop.
Our reporters, being extroadinarily tech-savvy like most reporters, put their newsroom supercomputers to work decrypting the drive.
The evidence they find miraculously provides the first ties between Richard "The Hapless Shoe Bomber" Reid and Al-Queda.
What an incredible stroke of good fortune! Figure the odds!
If you believe this story, I've got a great ski resort in Tora Bora to sell you.
"why it's always to usa to restrict something?"
Um... maybe because we're the world's biggest importer/exporter of just about everything under the sun?
"They think they are the king of the world,"
And unlike all the other crackpots out there who think the same thing, we're right.
" but why should they decide for other country what to do?"
We decide only so far as how that country interacts with the US. After all, we're talking about export restrictions from the US, aren't we? The rest of the world has no right to dictate how we handle our own affairs or how we make decisions that affect us.
"that's the same for encryption, US should control everything, every bits, every communication, every philosophies?"
Control? Probably not. But have a hand in it or an eye on it for the sake of improving our own? Hell yes. And if you don't like dealing with US export policies, there's always the alternative of not using US software. Ever think of that before you started whining?
"sorry, but I just hate US way of thinking and Bush administration."
You hate it so much you come to a forum where the majority of the participants are from the US?
"I lives in Canada and we are becoming a state of the US Empire, I just soooo hate and disapprove this,"
... and bitching about it here is more effective than writing a letter of complaint to your MPs because...?
"I wanna go somewhere else!"
... and Slashdot counts as "somewhere else" because...?
By that logic we should ban all encryption, because obviously it would be even easier to recover valuable information from systems. Even better, keep low-strength encryption, but require all communications and OS sotfware to forward all encrypted messages to a government repository. The govt. copy obviously be encrypted using a different key so that the proper officials can access the plain text.
I wish the dager inherent in that kind of logic were obvious to more people, but in the post 9/11 US everyone seems to be competing to see who can give up the most liberty in the pursuit of saftey.
Furthermore, the export vs. domestic distiction is worthless. How hard is it to just have someone in the US purchase a domestic copy (using cash, even), then send it to a foreign mail drop? For that matter, it's not like encryption only exists inside the US borders.
Bottom line: While I have no magic answer to being able to catch all the bad guys, I strongly oppose misguided disposal of our liberties.
Sorry, but this article smells like spin. If the government wants to tighten export regulations on strong(ish) encryption, what better way than to prove it's important?
The WSJ might not know they're being used, but sorry... the substance of the story really sounds like complete crap.
Next thing you know, a suspected terrorist is going to be stopped by Georgia's driver's license system which has fingerprints on file... "proving" that this is a good thing for all states to have. They can have my finger prints when they arrest me for a felony. Unfortunately, they'll probably just make refusal to submit to finger printing for identification purposes a felony.
Cheer up
It coud be worse if the government lied to us
;-)
"It is a greater offense to steal men's labor, than their clothes"
Despite this public knowledge, Al Quaeda has been using weak (MS-supplied) crypto to protect sensitive information... that could be discovered within days. Therefore:
Just my US$0.02...
The right to offend is far more important than the right not to be offended. (Rowan Atkinson)
What nobody has mentioned here is that in the long run the widespread worldwide use of strong crypto is in the interest of US foreign policy. While it means that bad guys will be able to keep secrets from the US, it also means that good guys will be able to keep secrets from their own bad governments. On the whole it is bad governments which want to snoop on their citizens communications, so on balence widespread use of strong crypto is a good thing.
Prime numbers are exactly what Alan Greenspan says they are -S. Minsky
I know this is definitely an "anti-slashdot opinion" take on the matter, but hear me out.
Just to be clear, I don't really have views on eportation of encryption. In this case, however, I see a lot of responses that just repeat the party lines "encryption can be found outside the US", "the US doesn't have a monopoly", and "criminals will get encryption anyway"
In this particular case these just aren't true. We got useful information BECAUSE the encryption used was weak. Ther's no way to calculate how many lives were potentially saved because of this situation, but as far as I'm concerned one life saved would be enough to justify exportation laws. It's not that strong encryption won't be found outside the US but that it's more difficult to get ahold of. If ridiculously strong encryption was available and packaged by default with operating systems, we would have had a much harder time getting access to those files. So, in this situation at least, the fact that strong encryption was not redily available did do some good.
I'm the big fish in the big pond bitch.
We should be more worried about importing strong encryption right? Hell, Osama can go over to the two countries to the right and get better stuff.
Considering India and Pakistan are making and programming the super computers of the world, he could be using 666299465164-Bit encryption right?
Hell, he could be breaking our encryption. Right now he's reading your lame PGP encoded e-mails about that rash.
Seriously though, there are two major points here: Terrorists want you to read the contents of their hard drives. They do the things they do for attention/a message/for fun/whatever. And two, they already used encryption of sorts... when they bombed the WTC the first time they spoke in code on the phone.
Security through obscurity? No. Why bother encrypting ever letter and white space when you can change a few words and render the conversation useless to an outside listener.
Cryptography is nothing new, and wasn't invented for the computer. It goes way back, and takes many forms. Nothing you can do about that.
Get your Unix fortune now!
Hmmm
dmca = us law = "international" law
kyoto = "we will not adopt a law that would harm our economy" -- Bush I think it said everything, and US is asking Ottawa (Canada) to not accept to Kyoto protocol..
The fbi and the army who what to have access in Canada with their guns with no problems, with no special permission to ask.
theses are example, I think it's enough to let you see that Canada and others countries are becoming a part of USA Empire!
It used ot be that the French version was horribly cripled. Lotus folks actually compared it to sending mail on a postcard :-)
Anyway, it was done this way becaue th eFrench did NOT want the US Govt. to have an easier time decrypting the documens than did the French Govt. so they required a really poor encryption be used in Notes. Once the US Govt. dropped it's export restricitons the French Govt. lifted this requirement since this placed us all on a "level" playing field. One of the point revisions of R5 brought nearly all of the versions together except the French I THINK. Due to the extreme crippling they had to do the French may have had their own upgrade or have been forced to reissue certs and IDs - I'm fuzzy on this. I believe if you spend some time on the Notes site you'll find your answer.
On a plus note - Lotus has determined that 128 just isn't good enough. They mentioned plans to upgrade the crypto at Lotusphere last year but it probably won't be there till RNext goes gold. If there's one product out there that actually seems to care about security and was WAY ahead of the certificate thing it's Notes. And no, they aren't perfect...
Build it, Drive it, Improve it! Hybridz.org
The legal use? In Canada it is illegal to use a gun (or threaten use of a gun) unless you're law enforcement or are in perilous immediate obvious danger (i.e. some guy stealing your TV set does not qualify. Indeed some guy coming at you with a bat doesn't qualify if you could hop out a window and get away): It is ILLEGAL to pull your gun out against a burglar, so that isn't a very good example of a "legal" use. The only legal uses of guns in Canada is hunting, and at the shooting range, or perhaps to rub gently while dreaming of the ultimate power that you hold against all those meanies out there.
The _overwhelming_ majority of guns on the streets illegally in Canada got there by being stolen from "lawful" owners in home/gun shop burglaries, or by being pilfered over from the US (which of course is a gun haven: Again the US has such an epidemic because of lax gun control laws). I'm not even commenting on whether or not gun control is right or wrong, or whether violence would decrease if guns were banned world wide (i.e. People still can kill each other with bats and knives), but just that it is idiotic to compare gun control with encryption control, and it is ridiculous to claim that "legal" gun ownership has no effect on "illegal" gun ownership, as the former DIRECTLY leads to the latter (i.e. how many guns are on the streets in countries where guns are heavily prohibited?).
My God, it seems like some of you posters do nothing but cut-and-paste posts from articles five years ago!
1.) Export restrictions aren't about making it impossible to get high encryption (that in and of itself would be impossible), but to make it more difficult. Much like the point of encryption itself. Sure, you could get PGP and the like, but could you be bothered to go out of your way like that? Obviously at least one criminal didn't, or else you wouldn't be reading this.
2.) No, the criminals won't automatically be the most heavily-encrypted amongst us. If you actually took two seconds to read the description of the article (if not the article itself), you'd see that this is about a very big isntance where a criminal DIDN'T use heavy encryption. Your argument officially doesn't hold as much water as it used to any more. Time to try something new.
3.) This is about EXPORT restrictions. EXPORT! EXPORT! You know, where something LEAVES THE US!?!? Restricting what kind of crypto can be exported doesn't do a damned thing to the domestic market unless you're a seller trying to export your stuff or you're a foreign organization trying to buy the software on the open market. Restrictions on domestic crypto sale and use may or may not be an issue, but it doesn't have a damned thing to do with this article beyond sharing the words "crypto" and "export." If you read things more closely than your average IRC bot, you'd have noticed that.
Go ahead, mod me down to -17 flamebait or troll or whatever. Just so long as you're spending your mod points on sending me down there instead of modding up some of the posts I've seen in here so far described as "interesting" and "insightful."
There I was, foaming at the mouth and ready to launch into a "how can you be so stupid?" diatribe. How can you keep encryption out of the hands of Bad People by denying it to Good People? In general terms, writing laws aimed at criminals is futile, because the criminals (by definition!) won't care about the law and will use whatever technology or methods they want. Nobody would be stupid or lazy or overconfident enough to use the lame default encryption on an export system, surely?
And then I read the article.
The al-Qa'ida machine was indeed running 40 bit encryption. It's hard to credit, but it really does appear that they simply were too stupid or too lazy or overconfident to upgrade the default lame-o-crypt settings. It's astonishing, especially compared to the planning that they put into September 11th, but there it is.
No, I don't think we should try and ban strong encryption. There are plenty of Good People who can make use of it (think Tibet), and any competent and determined Bad People can get it anyway. But these opponents just demonstrated clearly that while they were determined, they were not competent, and that changes my mind, just a litle.
I can see an argument for encouraging developers (Microsoft, MacOS and yes, Linux hackers) to supply 40 bit security by default on all consumer systems. Aunt Jemima doesn't need strong encryption, you and I probably don't need it. I wouldn't want strong encryption to be limited, but honest to god, I'd be flattered if anyone ever thought it was worth breaking even 40 bits worth on anything that I produced. I want the option to upgrade to be there, but I feel no particular need to use it, and here's the kicker: the less we kick up a fuss about it - and just quietly download the strong stuff ourselves without demanding that Aunt Jemina have it by default - the better.
I can't help but think that the more noise we make about the distinctions between low and high encryption, the more likely it is that even stupid, lazy, overconfident terrorists will perk up their ears and ask "Hey! Is this something we should be thinking about? Maybe we should send Achmed out to buy a copy of 'Security For Dummies'." Because they clearly are dummies, and I'm quite happy for them to stay that way, thanks all the same.
If you were blocking sigs, you wouldn't have to read this.
Recorded voice: "Please press 1 if your call is related to the time-limited explosives exchange program. Please press 2 if you are experiencing problems igniting your shoes. Or please hold to speak to a support terrorist."
(time passes)
Recorded voice: "Please hold.. your call is important to us, brother. We are currently transitioning our support strategy to Compaq Global Services."
(time passes.. bad musak to the tune of "The Girl from Ipanema")
BoFA (Bastard Operator from Afghanistan): "Hello, caller, you're through."
T: "Hi, er.. yeah.. my laptop seems to be broken.. I can't decrypt my files!"
BoFA: "Are you using the Standard Terrorist Operating Environment?"
T: "Er.. no.. my cell leader says that this other routine we found on the internet is more secure."
BoFA: "I'm afraid we only support the STOE with W2K SP2 128-bit EFS."
T: "Is there anything you can do?"
BoFA: "You can wipe the laptop and start again. We can do that for you, but we'll have to charge 10,000,000,000,000 afghanis (or US$100) to your cost code."
T: "But it's got secret plans of the Pentagon on it!"
BoFA: "I'm sorry, I can't help you. If every terrorist picks their favourite non-symmetric crypto, we can't be expected to know them all. We're trying to run an elite multinational terrorist organisation here."
T: "Okay.. I'll try somewhere else. On another matter, can you help me with my Palm Pilot? I stuffed it with C4, and now it won't start properly."
BoFA: "I'm afraid we only support Pocket PC."
*click*
which doesn't necessarily mean the encryption is flawed. One of the caveats to encryption is that there is always the chance that you'll get lucky and hit the key on the first try(or within our lifetime).
Yes, seems that the US and mr Bush hasn't had much interest in human rights, or international agreements lately.
US refused a permanent international court for war crimes (a year ago), and instead (recently) declared that any foreigners the US government felt like busting could be sentenced to capital punishment in secret military trials...
Sometimes you guys scare me...
And we are supposed to be on the same side in this...
"First lesson," Jon said. "Stick them with the pointy end."
What's to stop them loading a hard drive with all sorts of false plans, deliberately use low grade 40bit encryption, and handing it over to a couple nosy reporters under dubious circumstances?
somehow get a 5 x 5 x 1/16" piece of plastic outside a country
Why bother?
Just print the code in a book (or even use the 3-line RSA algoritham on a bit of paper) and it was perfectly legal to export it from the US (freedom of the press).
This is how the international PGP versions were legitematley exported, and then scanned in using OCR to get the code in an electronic format again.
This was partly why the law was overturned. What is the point in banning the export of code in an electronic format, when it was perfectly legal (first amendment) to export in a writen format.
Anyone quoted by a reporter knows how little they understand
Don't believe what you read is the truth.
Every think in the world can be used and it can be misused. Just because you prevent exporting high encryption software does not mean it will not be misused.
This is another example of protecting people vs. limiting your rights.
I believe everyone should (be able to) use encyription in day-to-day communication. Why not? Nobody else but the intended recepient has the right to see what we talk about.
It is just like the US government pulling some stuff, that was previously public, back from libraries. Where does my right to privacy end and where does Big brother start?
Everything, including encryption can be used and misused. And just because it can be misused does that mean you should also stop the legitimate use? If I can attack you with a butter knive does that mean butter knives should be illegal?
Didn't think so.
It took them a whole 5 days to crack the 40-bit Win2K encryption. It really makes one realise how stupid and short-sighted the DVD people were when they used 40-bits for DVD's CSS. Even without dodgy programming by Xing, the system would still have been brute-forced quite easily. Issues of whether they should have implemented CSS at all aside, they basically presented an unlocked house with a sign outside saying "burgle me!" BTW, what did the article mean by "super-computers" - Crays, or those Apples that couldn't be exported to France?
Um... were the WSJ journalits breaking the DMCA when they decrypted the files?
Should not M$ sue them?
Or just get them arrested a la Sklyarivsky...
This reminds me of
real ninjas.
I sure hope the WSJ turned over a copy of the hard drives to the gubmint before they started cracking the files. I'd hate to think that potential evidence is being destroyed by some ham-fisted security consultant.
I'm also a little disturbed at the thought of evidence discovered like this being used to convict someone. How do you prove that the data is authentic?
Indeed, without a match, how would he have lighted his shoe?
Here's a conspiracy theory for you;
Do you really think that they used brute-force when they had that secret NSA-backdoor in W2k? I think they're only saing that since it makes the crowd using Microsoft SW feel safe, they want to thank MS for giving the backdoor and to continue "cracking" these machines.
Getting to the heart of the documents contained in the al-Qa'ida computer bought by chance by the Wall Street Journal's reporter in Kabul meant cracking the encryption of Microsoft's Windows 2000 operating system installed on the machine, which had been used to protect the data.
That is not a trivial task. Microsoft will only say that if you lose the password that controls entry to a Windows 2000 system, your best option is to remember it or simply to wipe the machine and start again. And its Encrypting File System (EFS), which had been used to encode the files, is just as strong.
Now read This paper on how to read EFS encrypted hard disks.
128 bit- HaHa, silly mortal! You'll never unlock my secrets before the apocolypse comes!!!
64 bit- You'll get my secrets when they're no longer of any use! (RC5 anyone?)
56 bit- Never! Never will you have my secrets. If never means three weeks from now anyway.
40 bit- You'll have to arm-wrestle me for access.
32 bit- You'll have to thumbwrestle me for access.
24 bit- You want access? You'll pry it from my cold, dead... Hey, give that back!!!
8 bit- What's your favorite color?
4 bit- Guess my shoe size
1 bit- Want access?
0 No
1 Yes
Alcohol, Tobacco and Firearms should be the name of a store, not a government agency.
Boot from the W2K CD, insert a "Rescue Disk" that has an admin account/password that you know, and "repair" the appropriate registry hive.
Once you have physical access to a machine it's all over.
You could still install linux from scratch.
And if they have CD Boot disabled and BIOS password protected, open the case and pull the CMOS battery out for a few seconds.
Actually, using a gazillion bit key wouldn't have changed a thing, Microsoft EFS (Encrypted File System) was
CRacked in 1999
Read this.
Why is he an idiot? He had C4 of some sort in the shoes and det cord that could've ignited it had he managed to get the match to light the cord. It WOULD have worked. Ask a military or demo person about it. The det cord would supposedly have burned hot enough to lite C4 but the downside is that det cord that can do that is HARD to light with a match. Ergo - he picked the right tool for the "job" but an observant flight attendant stopped him! Yeah, I'd question blowing one's self up but at least he was doing it in a way that would have the intended effect!
As for the encryption - duh! READ the article, it was on a HD that didn't belong to him. The report was a debriefing of the guy written by a debriefer. He had NO control over what encryption was done on it - it could've been skywritten from an airplane for all the "control" he had over it. The mistake in this case was NOT his, it was some other moron. (sigh)
Build it, Drive it, Improve it! Hybridz.org
or did you make this up on your own merely after listening to little rantings of insignificant specs on this planet? What a fucking fool. You've got one thing right, we should leave you primates alone. Let you murder each other into oblivion
Why does everyone assume these terrorists have the ability to distribute uniform methods of encryption? This is not a coporate enviroment. They are in deserts, warzones and the like. Maybe using W2k was the best way to get what they needed to get done (serves the right for being too dumb as not to use Linux.) What makes you think that the govt. could not decrypt 1000 bit keys with quantum computers or whatever else they have at Ft. Meade? I know they probably have them, because I live near a Army communications research facility and they were hiring scientists to develop/work with quantum storage devices.
This point's been made in different words by a number of people; let me play devil's advocate against it for a moment.
If the PC was acquired before September 11, which seems plausible, then it was obtained for use in a Taliban-controlled location where most people who had access to it could be presumed to be at the worst indifferent to the tactics of the terrorists, even if they did not actually acquiesce with them. In such a situation, securing against casual snooping may have been seen as perfectly adequate when balanced against the risk - however marginal - of attracting unwanted attention of any kind by going out and acquiring "good" encryption. This is even more the case after 9/11, and once military action had started in Afganistan it was too late to correct the situation anyway. There's also the point of how long the information on the PC needed to be kept under wraps anyway: arguably if it was long enough for the guy to get into position for his one-way trip to Martyr's Heaven then that was enough.
You could even argue that using 40 bit is in keeping with the group's seeming preference for using simple easily obtainable low-tech mechanisms when they're adequate for the job in hand.
Most everyone makes valid points in this thread. Strong encryption is easy to find if you want it. ... further I'd wager that if you found bin Laden's personal machine (if he even has one) it would be much better protected (though maybe we give too much credit?) ... but the point is; and the reason the export restriction might make sense is that end users accept and use what's given to them ... this goof was given 40bit encryption, so he used 40bit encryption ... who knows he may have even used his mother's maiden name as the password; we just didn't have a good arabic version of crack --
People are lazy, peons are peons and user space problems always exist, even for terrorists
Okay, breaking WIN2K passwords - no biggie. Getting around the NTFS file permissions, no biggie. Cracking a WORD password, brute force later versions, others trivial, no biggie.
:-) Just to hang on to mind you, no real use for it of course...
Getting the file decrypted that had been encrypted using the WIN2K filesystem?
Umm, okay I want to know what software was used to attack this please. I've yet to see anything out there designed to break file system encryption in WIN2K but if someone has a link I'd REALLY appreciate it
Oh, and two guys bebopping around in Afghanistan had ready access to this? I think I smell fish here!
Build it, Drive it, Improve it! Hybridz.org
This story only proves that these terrorists were complete idiots.
I have written to 'Ask Slashdot' on this subject a long time ago, and no one ever posted it. Then I emailed the person in the slashdot faq, and no response.. so here it is here, since it is related.
As an international student (CS major) in the United States, I find those rules and regulations quite absurd. I happen to come from one of those... what do you call them? 'terrorist' countries.. yeah, that's it. Because of the passport I hold, I am not allowed to download/use Netscape/Mozilla/IE for instance with 128-bit encryption.
What does that mean? It means that the law says, hey, if you are a citizen of this country, you cannot check your email on the web. That also means that i can't, for instance, connect to my school's machines to do/submit my homework.
I asked in my original post (which was never posted) if there were exceptions to cases as mine, where it would be next to impossible to do my everyday school work with those rules and regulations regarding US encryption. After much research on the subject, I have found none.
Here is my take on it.. as long as the encryption is not top-secret, and everyone knows about it, there is absolutely no point in putting those restrictions. But, hey.. what do I know, right? I'm just a citizen of a country who is labelled terrorist.. so terrorist that the US blew up our pharmeceutical factory so we can't produce medicine.. talk about terrorist.
What the crypto regulations really do is prevent most people in the USA from adopting it. None of the three-letter agencies want everyone encrypting their E-mail or network traffic by default. That simply wouldn't do -- if everyone did it, how would they know who actually has something to hide? So they make it a pain in the ass for software developers to incorporate it into their software and they make it a pain in the ass for most users (Who don't know to go to international sites where you don't have to fill out a form to download the software) to get it.
The irony is that now they're bitching because the network is so insecure and how a cyber-attack could bring down public utilities and banks and things. Well they're just reaping what they've sown. The network would have tended to cryptographic authentication and tighter security except for the artificial and fundamentally useless restrictions the federal government has put in place.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
How can the first post be redundant?
How can the first post be redundant?
How can the first post be redundant?
Losing charma now...I can feel it...
Cracking a Windows 2000 password may very well be very difficult to do, but getting into a password protected computer is actually rather easy. I have used before a floppy I downloaded off the web which contained a simple boot to a simplified Linux OS (Red had i think?) and had the lil floppy change whatever user accounts (including administrator) to a new password of my choice.
Ok, did you read the article?
For all the noise that's being made about how easy it is to get high-encryption software & how laws cannot or will have no effect on criminal behavior.... Guess what?
It worked. The terrorists used the east easily & readily available tool -- the default windows 40-bit encryption.
Conformity is the jailer of freedom and enemy of growth. -JFK
Ever notice how commercial Unix vendors still use telnet?
...) partly due to "export" crypto laws.
It's too much hassle to ship separate crypto versions of a software product. It's too much hassle (read MONEY) to worry about changing crypto laws, and offending the gov't as a _customer_, and maintaining and distributing separate products.
When export crypto is enforced it has a chilling effect not only outside the US, but inside the US as well. Software shops are not free software hobbyists.
I am viscerally disgusted every time I have to deal with completely broken security (e.g. plaintext email, telnet, ftp, nis,
I hope this post is not lost in the chaff.
If you need text styles to communicate then you don't have a message.
I wonder if this is punishable by the DMCA?
Schneier's Applied Cryptography gives an average time estimate for a hardware brute-force attack in 1995. With $100 K and 40 bits of key the time is 2 seconds. And think about this: for 56 bits and $10 M the time is... 3.5 hours. Not bad. And this was in 1995, folks. Of course it is an estimate, but "supercomputers" spending five days to crack it... maybe they didn't have $100 K to spend or something.
>Al-Quaeda/Bin Laden operatives are not the crime geniuses the US government say they are. As a matter of fact, they appear as pretty
>incompetent to me.
Herein lies the real point. The plane bombings weren't brilliant for their intelligence, but for their boldness. I won't denigrate it too far, because it was a rare (for terrorists) example of thinking outside the box. But not only was it not that sophisticated, it was a one-shot ploy. The attack method could only be used once, as Flight 93 and shoe-heel boy showed. The Rules of Engagement have changed forever, and ordinary citizens WILL rise up and get involved.
>The [CIA | NSA] should have intercepted that data before 9/11 -- or, at the very least, got those machines before the reporters did. They also
>appear as pretty incompetent to me, and I don't know if that's good news or not...
IMHO, the Bush administration made two mistakes here. I don't know if 9/11 would have happened without them, but it sure didn't help.
1: Their eyes were off the ball, as they focused on missle defense and negotiating with Russia. It's still not clear that there will ever be a ballistic missle threat, or how soon it may appear. But we appeared to be ignoring real threats to chase after imaginary ones.
2: They disengaged from the peace process in Israel. It didn't seem to be doing any good, but neither was not trying to do anything. It simply added to the hatred, though that may not have been significant.
Yes, when US lives are at stake. Let the criminals make their own encryption to kill themselves.
The US is not the only country capable of highgrade encryption, and even if it were, there is NOTHING stopping some non-us citizen to get his/hers hand on the highgrade encryption software (warez anyone) ... so quit being so damn naive!
Something that runs parallel to this is the world of Neil Stephenson's "The Diamond Age." It goes something like once there exists a secure and anonymous network for individuals to exhange information and transactions, the current world order collapses. Why? Because governments can no longer track the flow of money.
Yes, we can all agree that throwing "blowfish" into google will give any computer-savy person all the resources he or she needs to have secure encryption. Yes, the shoe bomber was stupid for not employing stronger measures than export-strength crypto, but he's not the only stupid person out there.
There are likely plenty of people who don't bother/know enough to get stronger crypto; they could be people you're counting on, and you can bet the terrorists can crack 40-bit just as fast as we can. Foreign police departments, airlines, companies you do business with, that have access to your trade secrets, all could be exposed. As has been repeatedly pointed out, terrorism is a global problem. Given the assumption that governments have more resources than a terrorist network, it is therefore more likely that they will be able to break stronger encryption than the terrorists will, therefore all resources (domestic or foreign) that could be of use to the terrorists should be protected by crypto as strong as possible. If this results in the terrorists gaining access to strong crypto, well, that's what the NSA is for.
The bottom line is that export restrictions don't *stop* anyone from using strong crypto, but it does put up some significant barriers, and not everyone held back by those barriers will be terrorists.
The crypto is already out. Forbidding "export"? Why? It's like banning the export of algebra.
The fallacy mayhap is a result of the acceptance of the concept of non-things like "intellectual property". Since a song or a story has the cache of an actual physical object under the new batch of laws, somehow cryptological methods are also like physical objects, and can be stopped at the border by Customs if they find it hidden in someone's suitcase.
Like all "Homeland Security" notions, banning the immaterial mathematics of crypto only satisfies the need for people to feel safer. If that shoeboy had used 128-bit encryption, the calls for programmer blood would be deafening us. But, remember, he wouldn't need crypto to bring a shoe on the plane, so all the possible recriminations would have been for naught.
The objust of terrorism is to bring terror to your enemy, to disrupt and destroy and distract, and it looks like the collective consciousness of the U.S., Canada, Europe and Australia are falling into the state of panic and foolishness desired.
Secondly, to the '40 bit crypto is nothing' cretinds : What 40 bit crypto? Are you honestly telling me that you beleive key length is the only thing to affect crypto? Doesn't the algorythm count for anything any more? Which takes long 56 bit DES or 56 bit XOR?
I don't think it's too much of a leap of faith to beleive the NSA know more than a bunch of /.ers since they were 40 years ahead of the public at one point, and if you beleive 56 bit DES is as easy as cycling through every key like 56 bit XOR, your just prooving that point. Look at the internal structure of DES, it's a design miracle.
Yeah, I know off topic.
There's a lot of talk going on here about how stupid the terrorists were to use only 40-bit encryption.
Consider that it took several weeks of armed combat to compromise the physical security of these machines. What I mean is that these machines were in Kabul. As I understand, the 40-bit encryption applied to the disk, not to any data sent out over networks. So, their first line of defense was the fact that the machines were in Afghanistan. Given that, the 40-bit encryption almost seems paranoid, not sloppy.
I have no factual information about it, but I would guess that a lot of institutions and companies that have physical security (i.e., you can't just walk into the building), have a somewhat relaxed policy when it comes to the size of the encryption key used for their hard disks (PGP-encrypted e-mail, sure, but 128-bit encryption for every local disk? Me thinks not).
Anyway, just my 2 cents.
MSN 8: Now Microsoft even has bugs in their ad campaigns.
Lots of people are saying
"Look how stupid Al-Quaeda are"
"They must be dumb to use it"
"Look, export restrictions helped us"
All of these statements are based on big assumptions.
First, why do we assume they thought their data was encrypted and secure forever from anyone? There are othe reasons for using the windows file encryption.. just to prevent casual accidental access to a file by another user, for instance. It's there, why not use it?
Who says export restrictions helped? This is the WSJ, not the CIA! If the data was so vital, don't you think that laptop would be in the hands of the government?
Who says having stronger crypto would have mattered? I'm willing to bet that uncle sam can crack 128 bit in a rather short period of time.
(Yes, I know how much computing power that would take)
And... someone please correct me here, because I'm not 100% on this.. but..
This was windows file encryption. The key is stored somewhere in your profile, encrypted by your password perhaps.
Windows passwords are EASY to brute force.
Which did they crack here? The windows password, or the actualy 40 bit key for the encrypted file? I'm willing to bet it was just a windows password.... oooh, that's hard.
Yes, we should ban strong encryption, because criminals can use it. Also, we should ban Islam, since there are other religions that people can join, and a lot of these terrorists guys are Muslims.
Yet another example of pathetic Slashdot moderation. The parent post to the one in which I'm replying DIRECLTY COMPARED GUN CONTROL WITH ENCRYPTION CONTROL and is moderated +3 "insightful", yet this one and a followup were moderated as offtopic despite replying directly to the `insightful' point. Lame.
My question is why in the hell is The Wall Street Journal in possession of these computers and working to open them up?
Common sense would make one think that if there was anything of importance on these hdd's, the FBI/CIA/NSA/WHATEVER would be working on this, NOT a fucking newspaper!
Last time I checked (about 2 weeks ago) the exportation from the U.S. of powerful encryption software was ILLEGAL. This is exactly why software such as PGP has to be printed out in source-code form and exported that way.
There are a lot of arguments about how a reasonably motivated terrorist can just code their own strong crypto. But that kind of misses the point.
I would imagine that most decryption is done in bulk, sifting through for the occasional terrorist tidbit. Even if some terrorists do use 128+ bit, it frees up a hell of a lot of resources if the majority of the load is still easily crackable. It also allows the authorities to montior more different sources so now they can add minor suspects rather than having to focus on the major ones.
So, yes, for the most sophisticated criminals, export laws don't make a difference. For the total bulk work that the NSA etc. do, reducing the number of people with strong crypto makes their lives easier.
I guess the moderator disagreed with the parent posting and all its replies, and moderated them all "off-topic". I think that the moderator needs to go and read the moderation rules. I tried to meta-moderate the ignoramus, but unfortunately I didn't get a chance to comment on this thread :( This moderator has abused the moderation system. Moderation isn't about trying to hide posts that one disagrees with. None of the posts were above 1, so why moderate them down? Sure, the posts were offtopic to the original post, but they were ON-TOPIC to the post that they were replying to further up the thread. If we tried to maintain such tunnel vision with our posts, the discussion and debate in this forum would be very dull indeed.
According to DMCA laws, this article explains how to crack a Windows 2000 EFS, so it's illegal!!!!!!!!!!
I can't actually imagine that even the NSA can
crack 128-bit encryption (modulo quantum computing). It is more likely that the computers
were a plant-- ("So hey, you work for WSJ?-- yeah, I got some computers") What is the point of planting 128-bit encrypted files which cannot be read by anyone?
Using brute force on an encrypted file system isn't a very good solution the the problem. It would be a lot easier to gain access by changing the user passwords with a boot disk. see http://home.eunet.no/~pnordahl/ntpasswd/ Microsoft claims that you need to reinstall win2k if you forget or lose your password. That's simply not true. If you can physically turn on or off the computer, most security messures go out the window. The same is true with Linux, except with Linux, the method isn't so cloak and dagger.
The terrorists could just use the one-time pad method which a seven year old could probably even understand - it's just simple addition of random (pre-generated) digits to each character code.
If I was a terrorist I sure wouldn't bother relying on commercially written code to keep my messages secure. Add the use of a simple steganography algorithm to hide the message in the LSBs of a noisy image or WAV and you're all sorted! Meanwhile Joe Public's e-mail gets scanned by Big Brother 'cause he uses commercial US software.
Your ad here.
or he could have just gone to a warez site and grabbed a pirated copy of the american version.
...was letting the computer get away in the first place. The irony is astounding...
Regardless of the encryption used, I can't help but wonder if the mere fact that encryption IS used raises suspicion... that someone is trying to hide something (or is simply paranoid).
Those that suggest you "dance like no one is watching" really want to see you make a complete fool of yourself.
Conclusion: We know the guy is an idiot... what would happen if a SMART person tried this?
If a SMART person tried this, we wouldn't be having this conversation because we would never know why the plane crashed.
What impaired person modded this Troll?
Help fight continental drift.
Some of these people have remarked upon, but others they haven't.
1) Whether they used export-grade or real encryption made absolutely no difference in this case in terms of preventing terrorism, saving lives, etc. All that prevented that plane from blowing up is that this guy had bad luck lighting his detonator cord and somebody noticed him. Even if there were no encryption of any sort in the world it would have made no difference in this case. It was all a matter of dumb luck, bad shoe-bomb design, and an attentive person. The only use the file has now is as evidence, and of course there are valid concerns as to its legitimacy.
Conclusion: perhaps we should be concentrating on keeping bombs off of planes (which we are finally starting to do, albeit in a half-assed ass-covering sort of way) instead of on crypto exports.
2) This file was kept on a communal Al-Qaeda PC. It happened to be encrypted using Windows EFS, but most of the other contents of the machine--many of them just as valuable as inteligence or evidence--were not.
3) Again, this file was encrypted on a desktop machine in Kabul. The only possible way Americans could get a look at it would be on the unlikely chance that we took over the entire country of Afghanistan. Otherwise the CIA/NSA/etc. never gets a look at this file, encrypted or no. Presumably the reason the file was encrypted was to prevent other members of Al-Qaeda who had access to the machine from looking at it, not to foil Americans. For these purposes 40-bit Windows EFS is probably just fine.
4) A correlary: presumably when Al-Qaeda wants to encrypt something that the CIA/NSA/etc. actually might have a chance to intercept, they use real encryption. i.e. they presumably use PGP for their email. (Although reports have them into steganography instead, presumably because with intercepted encrypted email at least you know who sent it, when, and to whom.)
In other words: there's nothing to see here. If this is the best the anti-cryptos can come up with then export-crypto would be quite safe in a reasonable world. (Of course no one said Washington after Sept. 11 was anywhere near reasonable.)
> The problem with that is that your implementation
> may be flawed - this accounts for the bulk of the
> cracked encryption. That's why it's best to use
> known good encryption.
I don't think this is very likely. While it's easy to write buggy C code, most complete descriptions of an encryption algorithm come with test input and output. If your implementation of the block cipher works on these, it's pretty damn unlikely that it is wrong in general.
Others are so easy to implement (RC4) that bugs are pretty far-fetched.
Comment removed based on user account deletion
No. It is idiotic to believe that if the U.S. doesn't export it, people outside the U.S. won't be able to get it and use it to evil ends. If this were the case, the U.S. would be much better off banning the export of military hardware. But of course that will never happen because the American arms dealers have the American Congress in their pockets. But which do you think does more harm in the world, Apache webservers with HTTPS extensions or Apache attack helicopters with Hellfire missiles? Maybe we should lobby the U.S. Congress to make Boeing sell their "export" Apache attack helicopters to their more brutal allies with Nerf missiles instead. I'd be all for that.
....now there needs to be a distributed 128-bit cracker available so every American can help fight the War against Terrorism!
I was getting ISOs for Debian the other day and noticed that there was a US Only version and an International version. I figured that the difference was probably due to US Crypto export laws, but was puzzled because the International version was larger.
A few minutes of poking around showed that the International version was the one with GnuPG etc, not the US Only! That's just poetic, if you ask me - everyone gets their crypto, and the people with the stupid law are the ones that get the inconvenience (remote mirrors, longer downloads, etc.). I'd be tickled if that becomes the start of a trend.
"Space Exploration is not endless circles in low earth orbit." -Buzz Aldrin
Another student I talked to didn't realize the hash was poorly constructed and subject to a meet-in-the-middle attack, so he ended up buit forcing the algoritm. He said his solutiontook about 3 hours to run. I assume this was on on of the MIT shared dialup servers, which usually have enough people on them that they're fairly slow. My 226 MHz PII usually seems faster. So, I usually ballpark that my machine could bruit force 32-bit encryption in 3 hours.
Given this, we can assume that a single 2.2 GHz P4 could bruit force 32-bit encryption about 10 to 12 times as fast. That would mean bruit-forcing 34-bit (yes, I uped the work factor by 4x) in about 2 hours. That would mean bruit forcing 40-bit encryption in about 64 hours. This means about 2^31 RC5-16/32/8 key setups and encryptions. If a different algorythm was used, you're probably looking at plus or minus 50% and a lot of assumptions have been made. However 3 days is a reasonable estimate for the time required to bruit force 40-bit encryption on a single desktop purchased today. The problem is infinately parlelizable, and if you cade it right, you can take advantage of SSE/AltiVec to double your speed. This means about 1.5 days if you use the __VECTOR__ aware version of gcc on LinuxPPC. I would guess that a 1 GHz PPC chip is equivalent to a 2 GHz P4 for these kinds of calculations, so an overclocked new iMac could probably crack 40-bit encryption in about 1.5 days, as could a good dual P4 or AthlonXP.
Hmm... if I wrote a portable C encyption cracking benchmark, would /.ers be game for running it on thier home systems? I could make it 32-bit or 34-bit encryption to make sure this story doesn't die before you can post your results. The only thing is I'd need to know the Mac and Win32 header fil names for time().
Copyright Violation:"theft, piracy"::Anti-Trust Violation:"thermonuclear price terrorism"<-Overly dramatic language.
That 2^31 encryptions line was oprhaned. It was supposed to go at the end of the previos paragraph.
Copyright Violation:"theft, piracy"::Anti-Trust Violation:"thermonuclear price terrorism"<-Overly dramatic language.
Galatians talks about how the world used to be trapped by disciplinarian laws before Jesus came and established the supremacy of love as the most effective form of authority.
It certainly makes rational sense that if someone is trying to hurt other people, that he should be restrainted and sent to "time out" so that he can think about what he's done and be forcefully prevented from hurting anyone. However, society should also think about why it's social contract broke down and elicited the basest behavior from its people.
To that effect, I say that government cannot protect me any longer. I do not expect police, a military, or any other forceful authority to protect me from those whose ignorance leads them to cause mischief. God will not save you, Jesus will not save you, and the government will certainly not save you. You must save yourselves, such that the more you expect government to save you the worse the world will become. You can choose a gun to protect you, but the pen is mightier than the sword, and a kind gesture is even mightier still. Government is useful for providing services, but peace, security, and freedom are states of mind. They cannot be given; they must be earned through positive actions and building bridges of understanding. We must emancipate ourselves from mental slavery, because none but ourselves may free our minds (Marley). And by "ourselves", this does not imply the government just because it claims to represent all people. Our governance is the will in our hearts and minds to want to form a better world free of destruction, poverty, and hatred. The governments of the world will not be able to do this. Democracy rests with the people only, and only in the government to the extent that they are people.
The administration might have had a better chance of getting the crypto policy they wanted but for the history of Hoover's abuse of office. The FBI has never come to terms with the fact that the concerns that the FBI might abuse the intercept powers they demanded were legitimate. Hoover's diservice to democracy was two-fold. First he attacked democracy directly by attacking democratic values, using the power of his office to persecute his political opponents, he even had Charlie Chaplin exiled for the 'crime' of satirizing him. Second Hoover attacked democracy indirectly, by abusing the powers of the state he made it necessary to curtail them. Having abused those powers in the past, the state cannot use them now that they might be necessary to defend democracy.
Win2K uses DES, which is notoriously vulnerable to today's raw CPU power and dedicated, custom-built machines. [eff.org]
DES is not 'notoriously vulnerable', it can be broken by a well financed and tecnically adept adversary, but it is not a negligible degree of protection. The weakened 40 bit crypto used in SSL can be cracked with readilly available resources however.
The point that everyone appears to be missing is that export of W2K to Taleban controlled Afghanistan was illegal. If the Taleban can get hold of illegal copies of W2K they can get hold of illegal crypto upgrades.
Al-Quaeda/Bin Laden operatives are not the crime geniuses the US government say they are. As a matter of fact, they appear as pretty incompetent to me.
That is not unusual, in fact it is the rule. Terrorist movements are founded by fruitcakes for fruitcakes. Bin Laden had the somewhat bizare idea that restaging Pearl Harbor would cause them to withdraw from Saudi Arabia and let him conduct a coup. There were at least six major Al Qaeda operations planned during the Clinton Presidency that were foiled.
Incidentally it is somewhat hard to credit GOP claims that the military has been decimated under Clinton when that same military was able to conquer Afghanistan in a matter of weeks with only a fraction of its strength. The last time Afghanistan was conquered it was Ghangis Khan doing the conquering.
Looking for an Information Security student project suggestion?
Try http://dotcrimeManifesto.com/
Strong crypto is a cheep and easy way to provide reasonable security. Their are other way that are even more secure.
One Time Pad. One time pads are about as secure as you can get if they are properly used. Anybody should be able to impliment one after a two week course of BASIC programming.
And don't forget the world war (rev 2.0) Code Talkers. They used a jargon version of their a Native American language that was unbroken by the Japanese. Languages used by small isolated populations make a great code system because their grammer and syntax tend to drift to a very complex state.
Combine a small tribal language with a One Time Pad and you have an rock-solid system that can be done by hand!
-s
I'm assuming that 40 bits is vulnerable because you are able to quickly test each permutation against a file to see if it looks like you've found the key. If the files were compressed, then unless you knew the compression algorithm and could try it out against an entire file, your test speed would drop dramatically, no?
Not that that would help Mr. Shoebomber, as he was using an encrypted filesystem where there are bound to be lots and lots of clues as to whether you've got the right key (i.e., the filesystem makes sense, has valid pointers, etc.).
Surely this can be some small factor, at least?
- jon
Ganymede, a GPL'ed metadirectory for UNIX
and it probably happened just the same way as it would in any organisation... Pointy Bearded Boss tells computer-guy to 'make the computer secure' or something. Computer guy thinks "Bollocks to that, we're in the arse end of Afghanistan, who's going to come and get it?" ,uses the default available, and goes for a coffee. PBB gives him a slap on the back and everyone has a nice glowy feeling.
Next thing, al-qaeda is owned by the l33t nsa haxors, and their credit card numbers are all over irc.
bummer for the sysadmin.
Why is the govt against strong crypto exports? Terrorists might use it, they say. Many people point out, this reasoning is quite flawed, because ... criminals break laws, etc. But, never-the-less, the govt wants to ban exports.
Might they have another, more legitimate reason to do so? I can think of one.
The NSA has a very large and effective project called Echelon, which allows it to sniff a lot of international satellite traffic. It's successfully filtering a huge volume of data on foreign govts and businesses. This is the biggest feather in the NSA's hat.
I believe they are worried that other govts and businesses will embrace strong crypto for routine communications. Getting an entire huge organization to use add-ons like PGP would be hard, but getting them to use something at the OS level or something built into the app, that would definitely work and would definitely screw up their lovely machine.
The NSA has a very good source of intel here and wants to make the most of it, milk it as long as they can. Mass exports of strong crypto would definitely allow other govts to counter that.
As to why they allow Win2k w/ 128 bit encryption: I seriously believe that it has a back door. Until we see the code, we'll never know.
=surfcow
I notice you posted that as AC.
I probably could crack some jokes about that, but it doesn't seem to be worth it...
"First lesson," Jon said. "Stick them with the pointy end."
Criminal stupidity is the best tool for law enforcement.
If this moron had downloaded PGP, he wouldn't have been caught. If he's not smart enough to download something that available, he's not the crook you should be proud of catching.
It took five supercomputers several days to crack a 40-bit key. Current cracker tools can break that in a matter of hours on a not-so-high-end PC. Can someone tell these people that IBM AT's are not supercomputers.
This is dead-on accurate. The line between "terrorist" and "freedom fighter" is pretty damn thin, probably even non-existant. Mostly, the thing that determines what label applies is which side you are on.
By current standards, the actions of the French Resistance in WWII would be considered "terrorism". However, the partisans of the French Resistance will probably never be refered to as terrorists, because their opponents (the Nazis) are nearly universally recognized as being evil and (more importantly) they were on the winning side
IMHO what seperates the terrorist from a legitimate partisan is that the latter will not intentionally target civilians. The Pentagon was a valid military target by the accepted standards of warfare and international law; the WTC was not. If the 9/11 bombers had taken over the planes on the ground and evacuated the passengers first before making their kamakazi attacks, and if they had restricted themselves to military & government targets, the US would not have the near-universal international support we are currently enjoying for our military efforts in Afghanistan. If you want to be treated as a soldier and not a murderer, you need to play by the accepted rules of warfare. The fact that al-Queda and other terrorist groups fail to understand this basic premise just goes to show how ignorant and delusional they really are.
Why is it that the proponents of "one nation under God" are so eager to get rid of "liberty and justice for all"?
Please excuse the nasty spelling in my last post.
where's my chalk...
I will preview before submitting...(repeats 100 times)
---
"I can't complain, but sometimes still do..." Joe Walsh
the cracking program was written in Java.
Yeah, I agree with you.
I recently read _Body of Secrets_ which is about the NSA. One of the things pointed out in that book is that quite a few shady deals (e.g., international arms deals) go down in plaintext because they involve individuals who are not part of the same organization and have not standardized on any crypto system or cipher or what have you.
I mean, of course the Soviets (during the cold war) encrypted communications over insecure channels. But for people like international arms dealers, things are different. They have to communicate in plaintext because there really isn't anything easily available to them (or at least there didn't use to be). I mean, I imagine that if you are an arms dealer, you can't necessarily expect all of your clients to use PGP or whatever. So the NSA's view was that if and when strong crypto becomes ubiquitous, then such deals may be harder to detect using, e.g., Echelon.
I think this pretty much explains the entire motivation for banning the export of strong crypto. They wanted to do whatever they could to slow or halt the adoption of strong crypto by shady characters involved in international deals.
I mean, it is easy to say that people who need to communicate in secret will use strong crypto and no one can stop them. But one could also say that if people know having sex with strangers without a condom can lead to contracting a dangerous and incurable disease, then they will use condoms when they have sex. I think the facts show that neither statement is *entirely* true.
MM
--
By including this sig, the copyright holders of this work or collection unreservedly place it in the public domain.
Win2K EFS does have some major flaws
1. file and dir names are not encrypted. So you can tell that "shoe_bomb_designs.ppt" and "my_fellow_terrorists.xls" are worth botherting to spend CPU time attacking...knowing which files to crack first must help a lot
2. page files and hibernate files are not encrypted, so anything in memory is saved to disk when you hibernate.
think about that, when you use an NT laptop.
What the hell is this supposed to mean:
"Even so, it took the equivalent of a set of supercomputers running for five days, 24 hours a day, to find the key."
Equivalent?
Was it a set of supercomputers running for five days, 24 hours a day, to find the key or not?
What kind of crappy, FUD news reporting is this anyway?
1) It's out there now anyway. Good 128+-bit encryption is readily available from servers outside the US. Even if the US stopped exporting tomorrow that would still be the case. The genie is out of the bottle.
2) There are maybe a few thousand terrorists in the world. There are a hell of a lot of people with legitimate uses for strong encryption - lest anyone forget, if you run a business and the US spooks eavesdrop on your (possibly sensitive) e-mail they are quite likely to give the info straight to your (American) competitors.
3) I give it 5 years before quantum computers make all this irrelevant anyway (to the spooks at least; they can afford to be cutting-edge). When that happens we're all in the shit anyway.
You seemed to have forgotten that 20 or so assholes flew 767's into two of our largest buildings killing around 4,000 people in the process.
Bottom line. If we create something here in the USA, we don't have to share it with anyone, and the rest of the world can invent their own fucking encryption if they want to use it. Suck on that!
As a Canadian citizen, you should feel privledged to have a neighbor that is as powerful as the US is, and has such warm relations. Go vent to someone living in Pakistan or India where they are on the verge of microwaving every living thing in both countries except the cockroaches.
Give me a damn break. "I wanna go somewhere else!" cause I can't buy the US version of Win2K. Here is some export cryption for you:
U R A dumb$h1t
Decode that asshole
Assuming that sometimes journalists don't always get the facts correct, could it be that instead of cracking the 40-bit code that the Journal instead cracked the password? I imagine a script that tries all combination of characterrs until it unlocks. If that is the case, then it doesn't matter that the encryption was 40-bits, 128-bits, or a million bits. Bad passwords are always the weakest link. I'll bet they used either the password "Osama" or "AlQueda."
This would make all the discussion about export grade encryption a red herring.
Ok.. so in order to view the encrypted data, all they needed was access to the Windows 2K operating system. What exactly was wrong with using Winternals LockSmith and changing the admin password? We do it all the time at work on locked down machines with encryption - mainly accountants who have forgotten their passwords, and whos info is so sensitive that they even have the administrator accounts locked out.
I compare this to gun control and prohibition, if you outlaw something(or severely limit it's availability) the bad guys will still find a way to get it. We need to stop this mentality of banning(severely limiting) things, we have ample history that it doesn't work yet we do it over and over again. I don't have a solution, I just know what doesn't work.
Soon, Bill will claim that this is a reason why the government should strengthen the Windows monopoly (SSSCA anyone?) rather than break it up. After all, if al-Queda had used a non-Microsoft OS, the FBI might have less evidence against Reid.
"it took the equivalent of a set of supercomputers running for five days, 24 hours a day, to find the key."
Why bother with this? EFS is transparent to the user - once logged on the user can 'encrypt' files by changing their properties.
ie. the file is protected only by the login password.
Therefore
* boot from a floppy under DOS
* use NTFSDOS to remove the password file (SAM in Windows)
* reboot under Win2k
Since the passwords are gone you can now logon as
root (Administrator) and access all files - even
encrypted ones
60 seconds start to finish
The password file in Win2K is hashed, but not truly encrypted, so they can grab it off the hard disk and start cracking it. Ooh... new Distributed.net project, the most popular ever! Distributed Win2K password cracker. A good Arabic, English, Fresh, and German disctionary hybrid cracker should work very well. Run each password cndidate in parallel against each account for maximum efficiency.
People talk about how exportrest rictions shoul be lifted or kept or defaults should be at 40-bit encryption. However, they fail to realize that for people who don't care enough to download PGPdisk or change the crypto settings, the file encryption weakness is almost certainly the user's pssword, not the individual file encryption keys.
Most citizens use such poor passwords (even here at MIT, the few passwords I've seen look good at first glance, but are pitifully easy to crack via haybrid dictionary crackers) that I would guess 32-bit encryption with random keys would be better.
Also, based on my experience, 5 days on severl supercomputers seems a bit fishy...
I took Rivest's Network security class last term and one of mytclassmates failed to see a weakness in a 32-bit hash function based on RC5, so he bruit forced it in about 3 hours. Granted flukes mappen, I'll have to write a 32-bit encryption cracking benchmark, but it seems like his slow machine should be able to crack 40-bit encryption in 16 days. I think he ran his calcs on a shared dialup workstation, a SPARC 5, IIRC. I'll bet that a single task machine (a 2 GHz P4 or a 1 Ghz G4) would crack it about 10x as fast.
"The equivalent of several supercomputers running for 5 days" probably transates to a pair of slow G4s (they're considered supercomputers by some definitions) running for 5 days. Granted, DESX is slow, but they should have at least 4 bytes of known plaintext based on the file extension. 4 bytes of known plaintext and 40 bit encryption means that you should end up with an average of only 256 candidate keys, so even hand-checking the cndidates shouldn't take 5 days. Don't believe the hype. 40-bits is cracker-jack-box-secret-decoder-ring encryption. 5 days sounds like an upper bound, not an average, and an upper bound on some decently slow "super computers".
Copyright Violation:"theft, piracy"::Anti-Trust Violation:"thermonuclear price terrorism"<-Overly dramatic language.
If the fact that evidence has been discovered as a result of government imposed weak encryption is being offered as justification for same I've got some other suggestions.
Let's eliminate the red-tape of obtaining a search-warrant, the right to remain silent and the right to a fair trial.
Should assist in the authorities in putting lots of dangerous people behind bars where they belong.
A match? That's clearly not particularly clever. Even your average smoker (stupid enought to be volunteering for a slow, expensive and painful death with no promise of virgins at the end of it all) has worked out that a cigarette lighter is a far more reliable source of flame.
Boffoonery - downloadable Comedy Benefit for Bletchley Park
Why bother printing anything ?
After all, all you have to do is go to a US website offering encryption for download, tick the box stating that you are allowed to download the software and wait for it to be transferred.
Not many companies actually check if you are US or not. They just want you to say you are, so they can say "That guy said he's US, we couldn't know he wasn't.
Summary: on the Internet you are told that you shouldn't download outside US but nobody cares. This is especially true for Open Source.
Software should be free as in speech, but if we also get some free beer, all the better.
Here is what the OpenBSD project thinks of export restrictions
I'm a little hazy on the export laws..
Well-designed crypto software would allow arbitrarily long keys to be used through runtime user specification or perhaps a #define in the source code. If a well-designed crypto program is compiled with a #define keylength 40, it would have a built-in keylength of 40, probably not run-time specifiable. It would be possible, but not easy to edit the binary to change this value.
But in source code form, it would be trivial to change this value to a higher keylength, like 128 or 1024 or however strong you want. Recompiling would also be trivial.
So my question is, does "only weak encryption software is legal for export" mean that the only exportable software uses =40-bit encryption AND is in binary format? Is open-source crypto completely non-exportable?
-3Suns
~~~~
The Revolution will be Slashdotted
This is a point that has always bothered me a lot.
It seems that there are 2 arguments usually used against export restrictions:
1. "Information should be free"
2. "The laws won't work, anyway"
None of these has ever really appealed to me, for these reasons:
1. It seems to me that some people have a problem differentiating between the "is" and the "ought". The net means that it is *possible* for anything digital to be decentralised beyond censorship - witness DeCSS. But this is not the same thing as saying that any particular thing *should* be spread like that.
I agree DeCSS should, because I don't agree with the MIAA/RIAA on copy control.
With a little more hesitation, I agree that Mein Kampf should be disseminable; the importance of educating people as to the lies that are out there outweighs the effect that they will have on a few, weak, pathetic minds.
But there are other things I don't think should be out there, even though they can be. Plans for nuclear weapons. And strong crypto falls into the same category. Would I feel happier knowing that the plans for Sept 11 mark 2 were being transmitted with 40 or 58 or 1024 bit encryption?
2. I don't think this is so valid. So things can leak across borders; laws will be broken. But even if something has spread a little, why spead it further if it's not desirable to? There's no binary differentiation in the world between available to all and non-available to any. So some nuclear learning is in libraries? Big deal. Is it worse to require people seeking it to go to these places rather than be able to get it anonymously from their home? According to the media, some of the Al Qaeda scum borrowed some documents containing "information" from the Kansas City public library. I'd say there's a damn sight higher chance of the FBI etc catching them from there (library cards, fingerprints, eyewitnesses) than if they'd gotten it via dialup from Tora-Bora Online.
Restrictions might not make something *impossible* to get, but there's no reason not to make it as hard as possible.
And as to the idea that something will be recreated independently anyway. The answer is "so what". Let them do it. Or try to. Many won't be able to. Many won't be able to do a good job. I like the idea of the NSA spooks sitting behind their Big MoFo(tm) computers chortling because some terrorist bunny goofed and introduced a big weakness into their algorithms (qv the Enigma machine in WW2). Maybe only the really rich or dedicated ones will be able to do it properly. No problem; their traffic will stand out against all the rest. At the least, they've been made to work for it, not get it for $79.99 (including rebates) at CompUSA. It's a sort of terrorist script-kiddiez problem.
It seems to me that one argument really lies behind the other two, in many cases:
3. "Well, *I* want to be able to use strong crypto to protect my own comms, and I don't like the idea of restrictions put in place to prevent it." or possibly "I don't like the Government restricting anything that could affect my freedom, even if analogically and not directly".
This only holds if all people are equally trustworthy as the person who says that. Unfortunately, as events have proved, that isn't the case.
The distrust of government is a very American (Jeffersonian) trait which was highly justifiable in its time and has contributed so much to America's development. But I really question whether it's so valid anymore, now that a couple of assholes can kill not 10s, not 100s, but 1000s of people at a go. And if they get nukes... (Compare how they would have fared in trying to do mass murder in 1900 or 1800 or 1776). Technology (not just planes, bombs, nukes, germ warfare, but the ability to bust dams, trash bridges and pollute water supplies) has changed the rules.
I want to be able to go watch Green Bay win the superbowl without worrying that some terrorist bastards are doing something that they have kept hidden through ways that could easily have been prevented.
The thing that I want to bring up is that in the US, it is ILLEGAL to break encryption. What these journalists did was illegal. (Assuming that they went back to the states to break the encryption. Or even used the newspaper's machines that were in the US.)
:)
It is illegal under ALL CIRCUMSTANCES to break encryption protecting copyright-protected works, which this cretainly was. Let's see, an encrypted file system, which they broke into, was protecting (at the very least) Microsoft's Windows 2000 and IE, which are protected by copyright.
Also, the documents that the previous person wrote was protected by copyright, right?
You might say to me, "but it's OK, they were doing it for a good cause, to save lives."
Well, you would be right, but it DOESN'T MATTER.
The DMCA says so. These reporters should be thrown in jail for their efforts, I mean, if they were computer programmers they would have been!
When everyone sees just how stupid this law is we might just get it overturned.
What proof do we have that this alleged decryption actually took place?
Pushin' 'n dealin', shovin' 'n stealin'
The first person who blames Microsoft for this is going to get SUCH a pinch...
Just because smart folks can get around it doesn't mean we should make it easier for fucking maniacs to blow up airliners by lighting their shoes on fire.
In most very port countries (Afganastan?), their internet connections aren't through local backbones so if you use simple reverse lookups, you will find they are all located inside the US (or major countries in Europe) according to DNS.
If I remember correctly, the most common tool kit for open source crypto was mostly written in Australia.
To quote "The Little Prince", chapter 10, discussion between the little prince and the king of asteroid 325:
I live in Brazil and I find very funny this idea that by banning the export of US cryptography technology, you can prevent the rest of us from having the same level of security. We are capable of developing it ourselves, you narrow-minded xenophobic yo-yos!
The company where I work also employs one of the top cryptographers in the world, and he isn't American.
I am still hoping your power-mad government manages to pass the law it wants to pass, making illegal all cryptography without a US government "back door," because American security vendors lose all credibility and that will be a monster opportunity for my company to make reliable security products and sell them to the rest of the world.
"It is nice to know that the computer understands the problem. But I would like to understand it too." --Eugene Wigner
[...]
>
> Hey man can they decrypt cypher texts from a decent encrpytion algorithm
Depending on the algorithm, yes.
> (what does pgp use?)
PGP uses asymmetric encryption, which is also known as public key
encryption. RSA (Rivist, Shamir and Adleman) Labs held the patents,
which expired a year or two ago, for public key cryptography.
The algorithm is based upon the current "fact" that factoring the
product of two prime numbers is *difficult* (notice I didn't say
impossible). In general, you can substitute any one-way (and note
that "one-way" needs to be interpreted as computationally difficult
to go in the other direction) NP-hard or NP-incomplete task.
Primes just happen to be the current mathematically expedient
method.
There's a lot of other stuff wrapped around that algorithm that makes
it usable and there are numerous attacks, most of which center around
discovering or weakening the private keys which must be held in
absolute secrecy.
> that uses like a 4096 bit key yet? Theres some people
> where I work at that seem to think that it can be done. That encryption
> book I bought back in 95 says fat chance (before the sun goes super nova).
You probably were reading "Applied Cryptography", right? This book
is on it's thrid update. You should probably browse the most recent
copy in a bookstore/library (or download it with MyNapster, my favorite
GNUtella client). Schneier has also written a good follow up to his
Applied Cryptography book called "Secrets & Lies: Digital Security
in a Networked World", in which he explains how some of the assertions
he made in "Applied Cryptography" about cryptography solving problems
were completely wrong. It's a completely non-technical book, but
good reading none-the-less.
There's a large gap between theory and practice and all encryption
algorithms fall given enough time. There are several events/trends
that I have noticed that give one reason to pause:
1 - Twinkle optical factoring:
http://www.lns.cornell.edu/spr/1999-05/msg0016243
(remember, this guy is the "S" in RSA)
2 - NA PGP Client Software key specification hack:
http://www.cert.org/advisories/CA-2000-09.html
3 - NSA/FBI trojan/hardware backdoor keystroke loggers
http://slashdot.org/article.pl?sid=01/11/28/17320
http://slashdot.org/articles/02/01/04/1735230.sht
http://www.keyghost.com/
4 - Quantum computing:
http://slashdot.org/article.pl?sid=01/12/20/00622
I have some minor quibbles with some of the mathematical methods
used in public key encryption... namely prime number derivation is
statistical process and you're not necessarily guaranteed to get a
large prime out of the function used to derive them. Also, some of
the hashes used in message signing processes don't necessarily
uniquely identify the data they hash... but hey, I'm a mental midget
compared to the folks that invented the process... I'm simply
not capable of quantifying the what the impact would be on the
actual encryption process and how it might effect cryptoanalysis.
Twinkle is probably real for a handful of countries and can be built
by even the most modest nation-state NSA equivalents. It's only good
to 512bit keys, but who's to say that some cleaver mathematician
couldn't extend/parallelize the apparatus a bit. The NSA has a *huge*
research budget; I'm positive that they've taken the concept as far as
it can go... how many bits? Who's to say how far... I'm sure there's
only a handful of people in the world who actually know.
PGP key specification tweaking is real and has been put into commercial
software (actually, if you look at lotus notes, you'll see that IBM
did something vaguely similar to the public key encryption system used
in that software as well). You're probably safe if you're using GPG
or some other open source product that undergoes constant peer review
and code maintenance. Of course, if you're communicating with a far
end that's using some lame unofficially NSA tweaked software, then you
run the risk of them re-transmitting text you encrypt with your strong
key using their weak key... in which case you can expect a certain
amount of leakage, but, in theory, you'll be able to repute that it's
yours (and it's not like that's a legal standard or anything).
The big gotcha' with all encryption is the compromising of keys
(symmetric keys or asymmetric private keys). I see some of the more
recent crypto software is starting to sport "virtual keyboards"
that you point and click at to input your keys... two problems with
that... Van Eck radiation:
http://www.infowar.com/class_2/99/class2_112099a_
and trojans... it's a bit of a cat and mouse game really; however,
all said and done, it's usually *far* easier to steal someone's
keys rather than try to break them using traffic cryptoanalysis.
Besides, if you get good at stealing keys, you never have to reveal
how good you've become at cracking them in the lab... I think
there are some legal issues, as well, involving the prohibition
of using the NSA to "spy" on US citizens (while they're in the US).
The most preterite reference that I've run across with regard to
this issue was the fact the Kevin Mitnick used encryption on
some of the evidence that the government was in possession of. To
my knowledge this encryption was *never* cracked:
http://www.kevinmitnick.com/52098.html
That's not to say that the US government wasn't capable of cracking
his keys... in fact, this points out the savvy of the prosecutors,
intent on doing as much damage as they could, who did not want to
present evidence that was obtained in violation of the NSA's charter,
thus providing a potential legal (potentially constitutional)
challenge to their case.
Anyway, the government has gotten a lot smarter since 199x and now
the material compromise of private keys is standard operating
procedure... personally, I think we've strayed very far from:
The Constitution of the United States of America - Amendment IV
The right of the people to be secure in their persons, houses,
papers, and effects, against unreasonable searches and seizures,
shall not be violated, and no warrants shall issue, but upon
probable cause, supported by oath or affirmation, and particularly
describing the place to be searched, and the persons or things to
be seized.
911 changes a lot of things, so we very well might see the NSA and
US government in general being a hell of a lot less coy about what
their capabilities and limitations actually are.
That little rant aside...
Quantum computing. This will change everything... entire sets of
NP-hard problems disappear with the availability of even a single
quantum computer with a significant number of "bits". I won't even
pretend to understand everything there is to know about might be
possible; however, I know that there are people who are already
writing "code" and developing operating interfaces (even though they
do not have a quantum computer on which to test... very much like
Babbage building the mechanical computer that set the stage for the
introduction of electro-mechanical computes). Factoring products
of primes is one of the problems that quantum computers can
potentially solve in real-time. If the US has a working quantum
computer, then again only a handful of people probably know/get
time on it.
My advice in general?
Use open source, peer reviewed software
consider using a solid-state memory device to store encryption keys:
http://pendrive.com/intro.php
(the Feds can't subvert/seize what they don't have access to;
material subversion of private keys is their current modius
operandi)
change keys often... at least once a month; some exchange methods
change keys as often as once a message or even once a symbol (one
time pads).
use a layered strategy (encrypted file system housing public key
encrypted messages that cover a symmetric key encrypted plain text;
use PGPfone or an out of band method to exchange symmetric keys)
use stenography and nontraditional media (sound/pictures) that
doesn't lend itself to easy analysis.
use a virtual systems to encapsulate a sessions from a potentially
compromised base platform (things like vmware and connectix's
virtual PC)
use microsoft products selectively, for cypher text transport only
and/or/in general as little as possible.
don't use encryption for anything that would cause a government
(local, state or federal) to take an interest in knowing your
encryption keys. If they're going to black-bag your residence
to install a keystroke logger, what else are they going to find/do?
I think most people fail to understand that final point. One sure
way to attraction attention is to act/look suspicious/conspicious.
If your operation has finial terminus (an end point at which the
opposition can't touch you), there's absolutely zero reason to
stand out by using encryption. If you must operate under constant
scrutiny and fear of punishment... well good luck, you're going to
need it.
> Are they still NOT using a good key length/algorithm in NT?
Microsoft has a crypto API. How well it's implemented god (and the
NSA) only know. One thing to remember... you can have the world's
best crypto, but if the base platform is easily compromised and the
keys exposed, it doesn't make a bit of difference. I don't believe
that Microsoft uses strong encryption/good key lengths in any of
their product's default settings.
[...]
So why didn't he go lock himself in the lavatory and light it, instead of trying to do it in his seat?
10 PRINT CHR$(205.5+RND(1)); : GOTO 10
I think we really need a complete prohibition of calling anything less secure than a 128-bit symmetric cipher "secure". It is fraudulent advertising.
First off, export laws are now set at 128 bits, not 40. Anyone read the article? The computer was running Windows 2000, an operating system released before export controls were relaxed. Of course it had insufficient encryption capabilities! Windows XP now ships with 128-bit encryption in its export version, too.
What, precisely, is the story here?
- A.P.
"Remember when the U.S. had a drug problem, and then we declared a War On Drugs, and now you can't buy drugs anymore?"
This is some work for our friends at the NSA.
W cL a7xYCfIh9oyCCm
V 4u UpyBaXCGAe+9QJ
W Kx Zs2pwmNtpNxA==
Of course, you can play with it at home, too.
-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.0.6 (FreeBSD)
Comment: For info see http://www.gnupg.org
jA0ECQMCOIPYpvJfmAlg0n0Bmiemgf7miNlkZkyxRJt3aMp
xIQphLARsootKjpVse0mhZuNqYQvzXBR5BgMty7I9C4xhmU
+DCZ+RVUmiEzbwxYVNGNVTD8GbXelTEWCVqf4w4IZ/pmeEZ
=ACrT
-----END PGP MESSAGE-----
That's actually pretty sad then. I need to check this out - runWIN2K but have never had anything that I felt needed to be encrypted. I seem to recall that the Admin gets an escrow key and that it can be removed from that account (?) at the risk of losing data if things go badly but... If all yo uneed is a password and no per file kind of key then it pretty well sux unless you encrypt everything and even then.... YUCK! Going to have to research this some because if that's the case then the cracking they did had NOTHING to do wiht the 40bit encryption and had everyhing to do with the crappy LanMan hash stored by default. Hell there are tools that will inject the password of your choosing as Admin and allow you to get in and grab the other account's hashes for cracking pretty easily. So long as you can return the original SAM to it's previous state (easy) then you can crack a second admin account, logon with it, and then pop the Administrator account. Been there, done that - it really wasn't that hard. It took 5 machines to crack those passwords? They must've been in a big hurry (lol). If your right this is a joke :-)
Build it, Drive it, Improve it! Hybridz.org
The exact same question I asked when I heard about this. I was "told" by a coworker who had recently flow that lighters weren't allowed on flights but that matches weren't getting yanked?!
Dunno' but that's the only explanation I've been given and it sounded like B.S. to me - I've not flown since the 11th...
Build it, Drive it, Improve it! Hybridz.org
And that can supposedly tell when it's being tampered with and sound an alarm? Hrm, think he'd have been caught faster or just caught a litle slower? I think he would still have been caught unless there's some way you can lock the door and REALLY prevent entrance. If that's possible then there's another thing that needs to be improved onthe airlines!
Build it, Drive it, Improve it! Hybridz.org
hehehe big big ego! :P
.dk or .se, which seem to have the kind of life that I'm looking for, and are kinda neutral countries.
don't talk about the WTC please, USA killed more peoples in the Afghans war and other sanction and politics. 1 life = 1 life, not true than a killed Americain must be venged by 10 afghans kills!
So don't talk about that.
And when I say I wanna go somewhere else, I'm talking about
So stop thinking that USA is the center of the world!