Slashdot Mirror

← Back to Stories (view on slashdot.org)

Police Need 90 Days To Crack Hard Drives

Posted by Zonk on from the they'll-get-better-with-practice dept.

Twyko64 writes "The UK police may need 90 days to hold terrorist suspects because it takes that long to crack a suspect's PC hard drive." From the article: "Combining the analysis, the translation and second stage analysis, add inter-country co-operation and interview strategy formation, and from the police point of view, the existing 14 days is inadequate and 90 days doesn't look excessive. Another factor is encryption sophistication. If 256-bit triple-DES or similar techniques are used then decryption could require supercomputer-levels of cracking."

26 of 693 comments (clear)

  1. 90 days, eh? by BushCheney08 · · Score: 5, Funny

    Nothing for you to see here. Please move along.

    Hmmmm. Guess I'll come back in 90 days for the dupe...

    --
    Be a real patriot: Question authority. Think for yourself. Formulate your own conclusions.
    1. Re:90 days, eh? by Xcott+Craver · · Score: 4, Funny
      And I'm Irish on my paternal great-grandfather's side.

      Yeah, and I'm a woman on my grandmother's side.

      Xcott

  2. They're morons who deserve to get caught by Dwonis · · Score: 4, Funny

    *I* always use at *least* 1024-bit AES!

  3. What a waste of time... by tgd · · Score: 3, Funny

    They should just pin the suspect down and pump five rounds into their head.

    Oh wait...

    1. Re:What a waste of time... by Rayonic · · Score: 2, Funny
      They should just pin the suspect down and pump five rounds into their head.

      What, you think they'll start talking after 5 rounds of free beer?
      --
      [PowerPoint] is a tool for capitalist presentation
  4. Re:hire younger hackers by kurt_ram · · Score: 1, Funny

    Well, that is because you have your password written on a sticky note which is stuck to the monitor.

    --
    Clearly, Google is the next Microsoft.
  5. They Could Speed Things Up by unixsavant · · Score: 1, Funny

    By using SUN Grid... noone else is, so plenty of CPU power....

  6. Re:I wonder how long it will take... by diagonalfish · · Score: 2, Funny

    There should be a mod for "+1, Creepy".

    --
    "Eddies," said Ford, "in the space-time continuum." "Ah," nodded Arthur, "is he? Is he?"
  7. Re:No such thing as "256-bit triple des" by Dachannien · · Score: 4, Funny

    Seriously, nobody, including name-your-favourite-government-agency, is brute forcing a 256-bit AES key. Not in 90 days. Not in 90 years.

    0x00000000 00000000 00000000 00000000 00000000 00000000 00000000 00003039? That's the kind of encryption key an idiot would have on his luggage!

  8. Comment removed by account_deleted · · Score: 5, Funny

    Comment removed based on user account deletion

  9. Re:No such thing as "256-bit triple des" by z-man · · Score: 5, Funny

    Pssst, like the NSA doesn't have quantum computers behind that triple fence that can brute force 256bit keys in an instant.

    Now, shut up and help me find my tinfoil hat.

  10. Re:heh. by maxwell+demon · · Score: 2, Funny

    30 days to figure out how to write "Allah" in arabic.
    60 days to figure out how to type an arabic password.

    --
    The Tao of math: The numbers you can count are not the real numbers.
  11. What kind of encryption are YOU using??? by ferrellcat · · Score: 2, Funny

    "You honor, we are going to have to hold the suspect for 2.154E+E122 years."

  12. Re:No such thing as "256-bit triple des" by maxwell+demon · · Score: 2, Funny
    0x00000000 00000000 00000000 00000000 00000000 00000000 00000000 00003039? That's the kind of encryption key an idiot would have on his luggage!

    Good to know. Therefore I'm not an idiot, because mine is
    01234567 89ABCDEF 01234567 89ABCDEF 01234567 89ABCDEF 01234567 89ABCDEF 01234567 89ABCDEF. :-)
    --
    The Tao of math: The numbers you can count are not the real numbers.
  13. Re:They're really going to hate it when... by Verteiron · · Score: 5, Funny

    Well, in that case, the USA will ship you off to some country where torture is legal, and CIA operatives will proceed to beat the secrets out of you. Now THAT'S brute force...

    --
    End of lesson. You may press the button.
  14. Re:With or without specific charges? by lawpoop · · Score: 4, Funny

    You are writing the above as a pubic hair wig?

    --
    Computers are useless. They can only give you answers.
    -- Pablo Picasso
  15. So does that mean... by mengel · · Score: 2, Funny
    That if I use 4096-bit encryption, they'll argue they should be able to hold me for a year, and if I use 8192-bit encryption, for 2 years???

    If you extrapolate it to "We get to hold people for as long as it takes to find whatever we're looking for on their hard drive", then they can argue for holding you for 200 years, depending how you might have hidden data on the hard drive.

    --
    - "History shows again and again how nature points out the folly of men" -- Blue Oyster Cult, 'Godzilla'
  16. Here's what to do: by Ihlosi · · Score: 2, Funny
    1. Encrypt hard drive.
    2. Store keyfile in a safe place.
    3. Get a defective USB stick. Label "HD KEYFILE" in big red letters. Keep it on the computer desk at all times.
    4. Get a 3.5" Floppy. Preferably from pre-1990. Wipe with magnet a couple of times. Label "HD KEYFILE BACKUP" in big red letters. Put on shelf next to computer.
    5. Get a blank CD-R. Fill with PR0N. Label "PR0N + HD KEYFILE BACKUP". Mistreat CD-R a little (preferably adding some scratches on the inside. Leave in CD-Rom drive.


    In case of arrest:
    1. "Um ... you want my password ? If you really want to see my PR0n collection ... it's on the USB stick."
    2. "What ?! It doesn't work ? Good thing I have a backup. It's on the floppy disk."
    3. "What now ?! It's broken ? Good thing I have another backup of it on the CD with my PR0N colelction ... try that."
    4. "The CD doesn't work ? OH NO, ALL MY PR0N is GONE ! AAAAARGH !"

  17. Don't use one time pads by Catamaran · · Score: 4, Funny

    You could be locked up forever!

    --
    Test 1 2 3 4
  18. I can crack my harddrive in a split second.... by Been+on+TV · · Score: 2, Funny

    I can crack my harddrive in a split second by using a sledge hammer.

    --
    The future is in beta
  19. Re:They're really going to hate it when... by iceperson · · Score: 2, Funny

    yeah. and creating a mirror of the data is much too difficult to be feasible.

  20. Re:They're really going to hate it when... by operagost · · Score: 2, Funny

    Do you write scripts for "Twenty-four" by any chance?

    --

    Gamingmuseum.com: Give your 3D accelerator a rest.
  21. Re:No such thing as "256-bit triple des" by NelsonM · · Score: 2, Funny

    0x00000000 00000000 00000000 00000000 00000000 00000000 00000000 00003039? That's amazing! That's the same encryption key I have on my luggage!

  22. Re:256? 3des? no. by stedo · · Score: 2, Funny
    Close, but not quite.

    Des uses 64-bit, really 56-bit. Correct

    3Des uses 128-bit, really 112-bit. It's named 3DES because it does 3 DES encryptions with two separate keys (actually encrypt1-decrypt2-encrypt1). Doing it the obvious (enc1,enc2) way is insecure and can be broken in 2^56 steps (one keysearch) if you have a really big amount of memory, so it does EDE. The D part is there so that you can set E1 equal to E2 and use the same subroutines for 3DES and DES.

    256-bit anything cannot be brute forced. Brute force requires that you iterate through every possible key. Now, according to thermodynamics, it takes kT energy to set or clear a bit, where k is Boltzmann's constant and T is the ambient temperature of the system. The coldest you can run it at is 2.3Kelvin (the ambient temperature of the universe). Any colder, and you need more energy to run a heat sink. So, merely to iterate a 256-bit counter through all it's values (never mind actually using an encryption algorithm) requires (2.3)x(2^256)x(k), which is a lot more energy than could be gained by blowing up the Sun in a nuclear reactor and converting it all to energy. So, no cracking of 256-bit keys.

    Crappy passwords are another thing, though

  23. Sgt. Wintertons Police Diary by sikandril · · Score: 2, Funny

    Day 1: Brought in suspects' computer. For the darndest reason it wouldn't turn on so Sgt. Morris and I went on a 2 hour coffee break. Upon return discovered that computer wasn't plugged in. It was getting late so stamped card and went home. Day 2: Sgt. Morris (who is more experienced than me) put the cd we use for scanning into the suspect's computer but it wouldn't load, no matter what we did. Went on 1.5 hour coffee break. Returned and eventually found out CD was inserted in upside down. Was late so stamped card and went home. Day 3: Managed to 'hack' into suspects' computer! Found suspect's 'dirty stuff' folder, and scanned it by hand for security reasons. After 4 hours was exhausted so called it a day and signed off early. (Note to self: Inquire about purchasing cat's outfit for Mrs. Winterton) Day 4: Suspect seems to have had an affection for fight games (note to self: Add "psychotic tendencies" to suspects portfolio). Played some 'Mortale Kombatt' against Sgt. Morris, who managed to beat me numerous amount of times, adding insult to injury by 'finishing me' in several gruesome ways. Ate sandwich, stamped card and went home. Day 5: Finally beat Morris at Mortal Kombat! Now we're getting somewhere! .......

  24. Oh great so know they've got a workaround. by TractorBarry · · Score: 2, Funny

    Marvellous. So here's how "the bad guys" (tm) will fool the coppers.

    1 Buy computer with big hard drive.
    2 Get geek to store loads of "nonsense" data encrypted with as strong a key as possible (i.e. shopping lists, lists of birthdays, stuff from encyclopedias)
    3 Store "bad stuff" (tm) in head only.
    4 Get arrested, claim you "were wondering what all those junk files were" and wait 90 days whilst the forensics bods decrypt the useless data.
    5 Get let out.
    6 Profit !

    (yes I admit it this is a piss poor version of the Slashdot "profit" post :)

    --
    Sky subscribers are morons. They pay to be advertised at !