Slashdot Mirror


How the Secret Service Cracks Encrypted Evidence

tabdelgawad writes "The Washington Post offers this writeup about how the U.S. Secret Service uses a Distributed Network Attack program to crack encryption on computers and drives seized as evidence. How can brute force still succeed with 256-bit encryption, you ask? Customized password dictionaries from the seized computer's email files and browser cache: People still use non-random passwords."

25 of 658 comments (clear)

  1. Passwords?! by Enze6997 · · Score: 5, Funny

    King Roland: The combination is: one . . . Dark Helmet: One. Col. Sandurz: One. King Roland: Two . . . Dark Helmet: Two. Col. Sandurz: Two. King Roland: Three . . . Dark Helmet: Three. Col. Sandurz: Three. King Roland: Four . . . Dark Helmet: Four. Col. Sandurz: Four. King Roland: Five . . . Dark Helmet: Five. Col. Sandurz: Five. Dark Helmet: So, the combination is: one, two, three, four, five. That's the stupidest combination I ever heard in my life! That's the kind of thing an idiot would have on his luggage!

    1. Re:Passwords?! by ArsonSmith · · Score: 5, Funny

      Note to self: Change combination on lugage when I get home.

      --
      Paying taxes to buy civilization is like paying a hooker to buy love.
    2. Re:Passwords?! by Bingo+Foo · · Score: 5, Funny

      I hope I never think any of my passwords are so clever that I feel compelled to tell everyone about them.

      --
      taken! (by Davidleeroth) Thanks Bingo Foo!
    3. Re:Passwords?! by plover · · Score: 4, Funny
      INTER-OFFICE MEMO

      From: Info Security
      To: All staff
      Subject: Secure PIN requirements

      We have determined that you are using an insecure PIN, because it has a pattern in it.

      Through extensive research, our staff has determined that many PINs are insecure because they contain patterns, birthdays, anniversaries, etc. By excluding all combinations of duplicate numbers, keyboard-pattern entries, and significant numbers, we have determined that the most secure PIN you can use is 7439. Please change your PIN to 7439 immediately in order to ensure our company's assets are properly protected.

      Thank you for your cooperation.

      --
      John
    4. Re:Passwords?! by ScoLgo · · Score: 4, Funny

      I work in the custom luggage industry. Most combo-lock mechanisms that I see are 3-digit. Yes, you can get locks with more digits but three is most common, (which is why I put "(most common)" in my post - maybe you missed that part? I kinda doubt that since you quoted it in your reply). But to answer your question; No, I don't believe there is a number shortage in Sweden at present. They are probably just conserving and planning for the day when there might be an actual number shortage. (Don't ask; it's a Swedish thing :).

      Also, keep in mind that most luggage has these things called 'handles'. If a thief really wants your stuff, they will grab it by the afore-mentioned 'handle', take it home, and drill the fucker open. IOW, luggage locks are only there to keep the honest people honest.

      Another thing: here in the States, you aren't allowed to lock checked baggage anymore. Airport screeners require that luggage be left unlocked to facilitate spot-checking of baggage. (Don't argue with this or you may well be labeled a terrorist.)

      (Cue swelling, patriotic music...)
      I, for one, sleep much better at night knowing that bags everywhere are unlocked and available for inspection by hordes of shiny-faced, wide-awake baggage inspectors all across this great land of ours.
      (Swelling patriotic music crescendoes...)

      </sarcasm>

      --
      "Michael, I did nothing. I did absolutely nothing - and it was everything that I thought it could be."
  2. Not a problem for me by Dark+Paladin · · Score: 4, Funny

    My password is totally unguessable - I mean, who else has the password asdjklf;@#$#@jjdakl?

    No - wait, I meant that *wasn't* my password! Hey, stop ssh'ing into my box! No - not my 20 GB of Sailor Moon music collection!

    Well, guess I'll have to use my backup password of qwurf$#@ff5a` from now on - No, wait -

    Damn it!

    1. Re:Not a problem for me by 0x461FAB0BD7D2 · · Score: 4, Funny

      Pfft. Your password is unguessable? Try my nick!

  3. Now I don't look so crazy... by redmo · · Score: 5, Funny

    for having my hard drive encrypted by a key, on a flash drive, which is encrypted by a password that is generated randomly every five minutes and hased twice before I lock it in my safe deposit box.

    --
    If you're tired, sleep! Wenn Sie muede sind, schlafen!
    1. Re:Now I don't look so crazy... by W3bbo · · Score: 5, Funny

      Law Enforcement can gain access to safety deposit boxes, so your plan is slightly flawed there.

    2. Re:Now I don't look so crazy... by Anonymous Coward · · Score: 5, Funny

      That's why I store my jump drive in my ass, it comes in a handy suppository case!

    3. Re:Now I don't look so crazy... by The+Other+JoshG · · Score: 5, Funny

      Law Enforcement can gain access to your ass, so your plan is slightly flawed there.

  4. Re:I bet they can't crack this! by tbase · · Score: 4, Funny

    Well, not until you put it in my browser cache. Thanks a lot, buddy.

    --

    666-607: 6th floor apartment of the beast
  5. Re:In other words.. by 14erCleaner · · Score: 4, Funny
    Inject spaces or numbers or punctuation into the word if you do. And dont write it down on a sticky note under your keyboard.

    Or just remove punctuation (like apostrophes).

    (Sorry....couldnt resist :)

    --
    Have you read my blog lately?
  6. Secret Services Cracks? by Anonymous Coward · · Score: 5, Funny

    How the Secret Services Cracks Encrypted Evidence

    Looks like someone used Microsoft's Grammar Checker to create the headline.

  7. Random by IPFreely · · Score: 5, Funny
    If I thought these guys had any since of humor at all, I'd make a 1.5 Gb file of random binary from a random number generator and store it in a file with a suspicious name.

    Of course I'd probably end up in Camp-XRay being tortured for the password. That's not where I want to spend my summer vacation.

    --
    There is nothing so silly as other peoples traditions, and nothing so sacred as our own.
  8. Re:You think? by Rorschach1 · · Score: 5, Funny

    "This is probably because people still have non-random memories."

    Pfff. I can remember the opcode for the 6502 halt-catch-fire instruction. I can't, however, remember what I had for breakfast. How's that for random?

  9. Tron by Dachannien · · Score: 5, Funny

    You know, it's amazing that Kevin Flynn had such trouble getting the info he needed to hang Ed Dillinger out to dry, considering that the password for the Master Control Program was "master".

    I guess we've come a long way in the past quarter century. Except when it comes to choosing passwords.

  10. Re:no shit by Slashdot+is+dead · · Score: 4, Funny

    My parents only let me use alphanumerics to name my dog.

  11. Choosing a password. by bmalia · · Score: 5, Funny

    Enter a new password: ***** [penis]

    Sorry, your password is not long enough.
    Enter a new password:

    --
    There's no place like ~/
  12. Re:I feel pretty safe under Fedora. by Quixote · · Score: 5, Funny
    Unless the government has a pressing need to read my private journal about me bitching about how I can't get a date. In that case, those spooks are outta luck!

    ... and so, it appears, are you. ;-)

  13. Password is not correct by MachDelta · · Score: 5, Funny

    At my former job, one of the programs we used would return "Password is not correct" if you input the wrong password.

    So, for a month, my password was "correct".

    Hey, at least I had a handy reminder if I ever forgot what it was. :P

  14. Eat this! by Maradine · · Score: 5, Funny

    Hey, SS!

    Go stick a pig
    -----BEGIN PGP MESSAGE-----
    Version: PGP 8.1

    qANQR1DBw04DB6hKqQuGABkQD/4ndRFLEcpsuHpf24/Moh2W MS bDwKKMWLDYRUG8
    4Jap4LfE3kpiVoiHvKWpSTz2z6lxbknY88 15gzDnFVPCDgH9L/ 0Rzyh7hF1J5xm2
    nVF1z1EkQPgNJhk8nrzSs3fu96D9wSuLEt wZhkXjCaTR02/H9+ AQ8lDFKVDQYYAi
    XI4Z1knJn+kLvXhyDOXfoyBp8htnRsG5AA wGUJc/GOgAbO668a KoitTl8bwK8Amr
    HNgk/wpSGPODVb1VQ3CL8uy1F1efM1UWmO SpddpBa2gWgfs8lm b6KUrfCes38xSe
    tzfZ1b0RxyeKJkkSAwJFRH9pJb3cmXfw75 b05d6LKHphwyXXb1 rrDaw2ct6Qt5lA
    Ot8+RMrUVd1w3EXEZFO2lV0NeHyWlw0V8q qIFNM+UHcIQCP6kE eIj6niRoG87m7X
    EbdUD8Q7rrW8ELD1MBYR/uW0paxJKClUfU mRfoYnj9H4WpHd2X PdIT6AZX23rWK8
    GLJPRDo+1DK5JWGzCDmpCqPCk/hC6IaTY4 dj+A1ee7y/w255AS JxBoteG0EKC1j8
    EEgdDMGn0/7PVP221FfvUmHiEptXaOIfrH jouJ6RdammqmHWYC sjpmATiWHEP6jf
    V1Vw12K2pNTt5h9oVhf0N0g1GyD4jLLmpM OPb0qSCyk8DWaEt0 IZIjqS/QwVV3Ng
    i6516BAAj4IEcxfYcbEyxvfyDqwkxzJ6R2 GSy2D9i1P6/xiy6a ASo8qSeArFO4KZ
    ATj5YyIDe2HnX66b6z9KaJrRlStSAhKr8l E05enZbjjD9zuliM M09a1L9RDGwB1T
    glArSeHh09AKDyYOYRA3eOp6Tdlog4quaQ M8AszGHfdK07+VI7 4sODIqxI46pd/a
    frOd100aZXP0w5928LbQT4HSUw9pQAsILN Oftik4aRCNozbquR 0wJ+UDaX8f2Qf3
    tvX51ONAm2hSsjkWiBO9n2TMnYYV4th1m4 BVR0sFMO/Pw8tktG 70WC3Y6rDt02G9
    ZE6hbscNP2dPGk9Zn1xn0HJSzogOqOYwc7 nCPRIkfrZQ6GUNIQ jDhNphAkJjZQg7
    4X31KiVUuJ4LsTNrpvLwl1P+rvzrPHr3Eg IZRGRTBiSTyC4u9d fF1NLlh/iDHEwH
    MdarZSX1QRgEJt/ncSvfhqHwGo21HR9lZ7 l00xu9nQCt5PA+qf xIkJN4vsIidT0h
    YcopCBgJX61SHI+zdZkvbZ+z0NrrnTx5QD HP7FGrsEsjtrSEDE wEXjKPAltPlmQT
    dzMXIikb/312gs99vRUxKh+4tQlSQKlrWr ms/8QXoDCJ/TGbFR b8vpes6+8ce5ii
    7iIxoRlYaN5QcwPizj9cFy6AQBGHZGnXDO RX0rs8uzlaDNYnP+ PSwMYBPLhLEbzn
    JD0YluWuDrSeGkgFtYzFSf/HPdv8jrHPdV hyvtB0UxjP8VeVGY +ZIMgT+pnKyuGb
    liHKlUowBHmL7pbP5F/A348XNovPFL/YG/ xR7XScBtV7W4dSPu 0uiwSnoprHDY10
    rRO7SHaproOa+CchbNySs2raYmqk02vebG ZKL17aTZzxxwLgcC q0EfCKNuAR09pm
    P54a5qvTc3f3qv5MhvktHrQV6BGzBJvZPs q/bQw8y5OG0j96ym h5CA4YlCfJvdGV
    pfRCp8Np+DUPqT7CswmULPjYlsJJjHsxaT 3z/mHqNvkddu5QPj iIn4BXsLTIUMBv
    +yPSaWVugMtoyBwruemTV9AwgE90W6nw50 GWlHtF9zrDZ4JO8z aubc1mOsEDI1hf
    LPNVSamLx1VY4rwe7yePeAredp8VuT+nJE KGIGd+I0l32NbU1n OB6ju7MtqzYGga
    yiiy1f9TE3GVMogQ00c4OIpWXjNMa2GZFZ kcP1uN1mKiFtMQxF QxiPU+bUJhvCI=
    =qYai
    -----END PGP MESSAGE-----
    and you mother, too!

    M

    --

    trustedworlds.net - gaming, security, and the gunk that lives in between

  15. Re:that's all about the brute force by crimethinker · · Score: 4, Funny
    There's another one my former boss (an Iranian emigree in 1977) told me.

    Three guys from the CIA, Mossad, and the Iranian Secret Police have a competition. Each of them has a burlap sack, and must go into the jungle to capture a wild boar. The CIA goes first. 30 minutes later, he's back, with a wild boar in the sack. Mossad goes next, and he comes back in just 15 minutes with a similar catch.

    The Iranian Secret Police goes next. He's back in 2 minutes. The CIA and Mossad are shocked. "No, you can't have alreayd caught a wild boar."

    "Open the sack and see for yourself." The CIA and Mossad look in the bag and see a rabbit with cigarette burns, bruises, cuts, and possibly a few broken bones.

    "That's not a boar, that's a rabbit. You lose."

    On hearing this, the rabbit shrieks out, "no!!!!!! I'm a wild boar! I've been a wild boar for seven years. I can give you the names of other wild boars who are still loose in the jungle!"

    -paul

    --
    Pistol caliber is like religion: everyone has their favourite, and theirs is the only right choice.
  16. Reminds me of a story... (offtopic) by hanshotfirst · · Score: 5, Funny
    A minister wakes one Sunday morning to a bright sunny day. He decides to play hooky for a day, and calls his Jr. Pastor to cover services for him as he is very sick.

    He then proceeds to get his golf bag and head for the links. The course is beautiful, the sun is shining, and his game is great.

    Up in heaven, St. Peter asks God "Aren't you going to do something about this?" God replies, "Wait and see."

    As the round of golf continues, the minister is shooting the best game of his life. On the 18th tee, The minister swings... God commands the ball and it bounces off the water, out of a bunker, and right into the cup.

    St. Peter is incredulous. "Why are you REWARDING this man for shirking his duty!? I don't understand?!"

    God replies "Who's he going to be able to tell about it?"

    --
    Why, oh why, didn't I take the Blue Pill?
  17. Re:Reminds me of a story... (even more offtopic) by commodoresloat · · Score: 5, Funny
    So a guy walks into a church and goes to confession. He tells the priest: "Father, I'm 75 years old, and I've been happily married and faithful for 50 years. I have two children in their thirties and I've never cheated on my wife. Until yesterday. I was driving down the street and saw these two hot 20-year old coeds hitchhiking. I picked them up and drove them to a hotel. They convinced me to join them in the hotel where I proceeded to have sex with both of them for the next two hours."

    The priest is quiet for a moment and then says, "are you sorry for your sins?"

    The man replies, "Sins? What do you mean?"

    The priest sounds concerned. "What do I mean? What kind of Catholic are you?"

    The man replies, "Catholic? Father, I'm Jewish!"

    The priest is incredulous. "Well then why are you telling me this?

    The man replies, "are you kidding? I'm telling everybody!"