Export-level Encryption Proves Insufficient

rossjudson writes: "The Independent is running an article about the shoe bomber terrorist. The interesting bit for Slashdot readers is at the bottom -- apparently the 40-bit encryption in the export version of Windows 2000 was cracked by a set of computers using a brute force method. So let's confront the question: Should the US prohibit the export of high-encryption software? Here is a case where the default values (40 bit) clearly helped recover valuable information from a system." There's another article in New Scientist focusing on the encryption issue.

Re:It doesn't matter because:

[eXtro]

This isn't difficult stuff - anyone with high school math and an introductory programming course (in just about any procedural
language) would be able to hack together an encryption program in no time.

This statement is false. The knowledge of high school math won't help you develop cryptography at all. Most people with advanced math knowledge will only develop weak cryptography as well. What's really needed is somebody elses work, an algorithm, and the knowledge on how to implement it in software. As soon as you think you're going to develop a secure algorithm on your own you're screwed.

Re:Shoe bomber = idiot

[HisMother]

> And then on 9/11 we found out how organized and intelligent they could be

I'm frankly getting tired of hearing this. Organized, kinda. Intelligent, not hardly. A 15 year-old boy in Florida just dive-bombed a skyscraper, for chrissakes. All they did was take flying lessons, buy airline tickets (leaving a huge trail all over the place -- how intelligent was that?) bring knives, and take advantage of our collective national sense of complacency. The two guys in "Dumb and Dumber" could have pulled this off.

Re:Idiots

[MjDascombe]

And appearantly the majority of /.ers too.