Slashdot Mirror
Police Need 90 Days To Crack Hard Drives
Twyko64 writes "The UK police may need 90 days to hold terrorist suspects because it takes that long to crack a suspect's PC hard drive." From the article: "Combining the analysis, the translation and second stage analysis, add inter-country co-operation and interview strategy formation, and from the police point of view, the existing 14 days is inadequate and 90 days doesn't look excessive. Another factor is encryption sophistication. If 256-bit triple-DES or similar techniques are used then decryption could require supercomputer-levels of cracking."
They're really going to hate it when suspects start using steganography. Imagine having to brute-force decrypt, only to then have to search for a particular piece of straw in a haystack...
Do not look into laser with remaining eye.
If it's illegal to not provide the police with a key to encrypted data, why can't they just put that person in prison for that crime and decrypt the data at their leisure?
Who ordered that?
Psssh. That's gotta be a worst case scenario. In my experience, even people who are paranoid enough to encrypt things tend to be careless with their keys. I found one once where the guy had encrypted the hell out of it, and left a copy of the key in the default key gen directory. Some people just throw it in the trash, and then forget to empty the trash, or forget to secure purge it afterward, so the key can be recovered.
For big corporations and places that have enough staff to be able to implement a good crypto policy, I'd be surprised if you COULD crack it in 90 days. 256 isn't anywhere near as high as you could go if you were paranoid, and storing data that you didn't need to read all the time.
ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
Well, in the case of terror suspects, the information that the detainee holds is far more valuable than convicting the detainee himself - a bomber who might provide links to the larger organisation, for example.
;)
Trying to decode the information held within several thousand lumps of human brain tissue would probably take even longer than 90 days
The idea is that you're holding them without any charge until you gather the evidence on the hard drive.
I understand that the police will sometimes be unable to completely make a case until they've gathered all the evidence, but it seems that there should be some sort of intermediate level to say, "We have at least some reason to hold this guy."
Perhaps what's needed is a judge to say, "Yeah, you have enough evidence, and the guy presents enough of a flight risk, for me to let you hold him for three months", even if that evidence would be insufficient for a real indictment.
Because right now it sounds like "We're going to lock this guy up for 90 days with absolutely no evidence at all on our say-so."
So basically, the 90-day period is not because that's how long their fancy "supercomputer" needs to crack it, but because they are unable to cope with the number of computers confiscated from their terrorist suspects. Sounds like they need an additional supercomputer.
"Eddies," said Ford, "in the space-time continuum." "Ah," nodded Arthur, "is he? Is he?"
The UK police may need 90 days to hold terrorist suspects because it takes that long to crack a suspect's PC hard drive
I write this as a 'Merkin, so forgive if I don't fully "get" UK law, but...
At the point where the police would waste 90 days of supercomputer-level CPU power on cracking an encrypted HDD, wouldn't they already have enough other evidence to charge the suspect with an actual crime, and could just ask for that 90 days as a delay before the actual trial?
The idea of the police making people dissapear for three months at a time on a whim scares the hell out of me. Suddenly sarcasm, or wearing the wrong clothes, or "driving while black" becomes punishable by three months in prison? Time to invest in prison/industrial stock...
That's because they are criminals. Failure to turn over your encryption key is an offence under the RIP Act, punishable IIRC by up to two years imprisonment.
The innocent, of course, have nothing to hide.
Real Daleks don't climb stairs - they level the building.
Where did it say that those using encryption are automatically considered criminals? They're suspected criminals who happen to use strong encryption
It was a century of answers and all of them have been wrong...
Wake me in a thousand years
Ouch. Technobabble at its worst.
a) Triple DES is 112-bit encryption.
b) If you are using strong encryption, like a 256-bit AES cypher, no number of supercomputers are going to 'crack' it, whether it's 14 or 90 or 900 days, unless it's a really bad implementation.
c) One would HOPE that the police would have evidence before they start impounding things. But this is about 'fishing' for evidence for 'suspected' terrorists. "You look like a terrorist, so we'll impound your things in the hope that we'll find something". So much for presumption of evidence (which I believe holds true in the UK as well.
Things like this make me sad. Just another way for the authorities to 'protect' it's citizens by making that sure they can see all and know all. Welcome to the Panopticon.
do you honestly believe someone who knows they've been caught, /., welcome to the fairytale land.
and its only a matter of time before all of the evidence will show up,
will actually stay in the country?
yes yes, take away their passports, surely that will stop them...
oh wait, this is
I hope not. Holding suspects for any amount of time without probable cause is bullshit. A hard drive whose contents is not decipherable (as yet if ever) is not probable cause. It is an unknown. If the police do not have reason to hold an individual aside from a hard drive of unknown content, the police have do not have reason to hold an individual.
I think the key to this article is not the piece on encryption, but the piece on inter-county cooperation. In the states, it takes a long time for evidence to be approved by the proper authorities for analysis, just because the people doing the analysis don't want to screw up and have the evidence thrown out in court.
And as easy as it is to make fun of the police's analysis methods, my guess is most slashdotter's don't even know what it's like to process evidence for a case. It's not just "running automated tools" on some suspect's hard drive. It's getting to know the case, knowing what you're looking for and where to look for it. Many times it's the police themselves that are writing these "automated tools", which only present the evidence in a way less technical minded officers assigned to the case can understand. And what happens once you get that evidence? You have to try to fit it into the puzzle of the case. It isn't CSI, where you find some email detailing the crime that's digitially signed and the suspect confesses to writing it. Often times its finding some random piece of partially-overwritten text and having to see if it fits into the overall case.
And yes, most digital forensic labs can analyze your precious reiserfs/ext2/ext3/whatever file systems. In fact, I've never run across a lab that couldn't. So don't think you're 1337 linux system will be safe if it's ever involved in a crime. And if they don't have the tools to analyze them, they'll contact a department that does. That's how the real world of forensics works.
Next time you want to talk about a subject you blatently don't understand, do us all a favor and don't hit the submit button.
this is a BS claim because the 90 days is the time to be held WITHOUT CHARGE, but if your hard drive is encrypted and you refuse to give up the password then you can be charged for that. so there is no need for an extended period of time to hold someone without charge because of hard drive encryption.
our boys in blue, who don't really get this IT stuff very well, might perhaps be able to crack an UNENCRYPTYED drive. Not all terrorist suspects have hard drives, anyway. I guess they'll have to let the ones who don't go straight away.
The National Security Agency is the largest employer of degreed mathematicians in the world. They are not stupid people.
They'll gladly crack encrypted information for allied countries and other US agencies.
These people aren't the Keystone Cops and it's not like a street-level officer will be in charge of decrypting a hard drive.
This is not a dream, not a dream...we are transmitting from the year 1-9-9-9.
Shami Chakrabati from Liberty made a very valid point. Holding someone for the equivalent of a typical 6 month jail sentence with no charge is a very good way to alienate that person and his/her community. How would we feel about losing 3 months of our lives, and after that, being released with "no charge". What would our employers think? What would happen to our houses, mortgages during that time? It's easy to think "90 days isn't so much", but think about what it actually means. Shami is great.
Get your own free personal location tracker
Mod that comment up
If they don't have enough proof to charge someone after even a couple of days, why are they so sure someone is a suspect at all?
They must have some reason to arrest someone in the first place and I sincerely hope that reason is based on a collection of very compelling evidence. At which point they can charge him/her and have as much time as they want anyway.
If this were really happening, what would you think?
Encrypting a drive is enough for probable cause.
In the twisted logic of the law enforcement game, pretty much anything can be used as PC.
Put it this way, when I worked for the state AG's office all we'd need is the slightest whif and the next thing you know we would be hauling out paper records and computers, servers, etc.
And in the U.S. we have secret courts that will issue warrants with virtually no burden of proof. How do you like those apples?
Why don't they just crack the bones of the person being held, I'm sure that :)
would make all their other related cracking requirments go that little be faster
if you know what I mean...
Arash
Arash Partow's Philosophy: Be a person who knows what they don't know, and not a person who doesn't know.
I think this sort of "holding" should be watched very closely because if you don't say or do what the police want, they might hold you a very long time while they "closely analyze" the files on your computer. This is the same excuse used to hold Kevin Mitnick for over two years, violating his civil rights. Terrorist, Revolutionary, Communist, and Hacker have all been tags used over time to give police carte blanche control over any individual. I'm not against special circumstances where international criminals should be held for greater than 90 days but this needs to be monoitored and, when violated, those responsible should be canned. Someone should not be able to take away 3 months of your life without a very good reason or without reimbursing you.
The police want to be able to detain terrorist suspects for 90 days without charge. This is probably a figure they pulled out of the air as a good starting point for negotiations, however Tony Blair has decided that whatever the police want they should get when the magic word is mentioned.
One of the justifications was that they need that long to decrypt and analyse data. In which case, it is already a crime not to hand over a password of encryption key when requested so you can get them in custody on that charge for that long.
The arguments for the 90 days are incoherent, but that's what we have grown to expect from our government, especially when it comes to civil liberties and/or technology.
Also, another reason it's easy to set up a table is because Lanman hashes (and NT hashes for that matter) do not use salts. For one password with a 2 character salt creates over 1000 possible hashes for the same password.
Lanman passwords are also case insensitive so you reduce the pool per charcter by 13.
Yeah, what the hell is that?
Everyone hates us Irish until it comes time to pretend your Irish and drink green beer on St. Patrick's day, especially here in America.
Want proof?
"Paddywagon", hows that. If any other nationality or group was inserted into that term there would be a fucking riot.
Totally OT, but I hate this type of shit.
this is not entirely true...
after 9/11 there were reports of South Asian Canadians being held in US jails on suspicion..
later on they were released because they were cleared off all charges, but they fact is that they were still held for quite a long time without any charge or evidence.
As you say, these people have been arrested but not charged. The relevant point is that people should not be arrested without charge. For anyone who hasn't really considered it, 90 days is a long time and for anyone who has never been in prison, I would suggest it works on a similar principle to rape or a violent assault - it is a sudden message from another that they can do what they like to you and you can't stop them. Anyone who has been inside in a proper prison will at least understand where I'm coming from. I don't mean this as a disrespect to rape victims either. Being grabbed off the street and locked in a room, suddenly cut off from your friends and family can be a terrifying experience and the police don't need "torture" to scare you. Just being told you're going down for "terrorism" and they'll take the next fifteen years away from you if they so please? Just a few days can scar you terribly (google for the Stanford Prison Experiment). Ninety days? You don't want to go through that.
And all this, they can do just because they want to. They can do it to scare you, they can do it to punish you and they can do it all without any evidence at all. br
TFA states that this is unlikely to go through due to personal liberty issues:
"With the measure unlikely to make it into law thanks to widespread opposition from MPs due to its civil liberty implications..."
Also, this isn't about it taking 90 days to crack a hard drive, decrypt the contents, and translate them... it's about an overload of hard drives needing to be cracked, and the lack of resources to do it in a timely manner.
Also FTA: "Dr Mirza said: "There was a massive backlog of computers to analyse. Some of them couldn't be looked at for over 90 days." It could be just as likely that the police are looking at the controversial extension measures simply because the lack of resources mean terrorist hard drives could be part of a wider queuing system."
This is police FUD, they aren't getting a response to the fact that the people responsible for cracking HDs are overworked, with a serious backlog. This is publicity for adding more staff and beefing the budget. Although the FUD may certainly be valid in this case.
Article should be titled "How Long Does it Take to a Hard Drive to Move Through the Queu in Order to be Analyzed."
"Trolls they were, but filled with the evil will of their master: a fell race..." -- J.R.R. Tolkien on Olog-hai
The "if-you've-got-nothing-to-hide" argument is very short-sighted. Sometimes you do have something to hide, and for good reason.
Here's a short list of legitamate reasons for anonymity I once found somewhere. Sorry I can't credit the original author, you know who you are:
The Federalist papers were published under the pseudonym "Publius", and several of the U.S. Founders had to publish pre-revolution political treatises anonymously for their own protection. Voltaire said It's dangerous to be right when the government is wrong. I would advise you to turn off the TV and pick up some history books. I mean no disrespect, just to give you some helpful advice.
For those in the U.S., here are some other good reasons [emphasis mine, of course]:
Amendment IV
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
Amendment V
No person shall be held to answer for a capital, or otherwise infamous crime, unless on a presentment or indictment of a grand jury, except in cases arising in the land or naval forces, or in the militia, when in actual service in time of war or public danger; nor shall any person be subject for the same offense to be twice put in jeopardy of life or limb; nor shall be compelled in any criminal case to be a witness against himself, nor be deprived of life, liberty, or property, without due process of law; nor shall private property be taken for public use, without just compensation.
Amendment VI
In all criminal prosecutions, the accused shall enjoy the right to a speedy and public trial, by an impartial jury of the state and district wherein the crime shall have been committed, which district shall have been previously ascertained by law, and to be informed of the nature and cause of the accusation; to be confronted with the witnesses against him; to have compulsory process for obtaining witnesses in his favor, and to have the assistance of counsel for his defense.
---
Of course these powers will be misused and overused. They make so many things easier by removing restrictions under which police operate and lessening the consequences of their actions. But I keep thinking of the following quote:
A policeman's job is only easy in a police state. - Mike Vargas, in "Touch of Evil" by Orson Welles br
Aide-toi, le Ciel t'aidera - Jeanne D'Arc.
The thing that did my head in in the USA, were all the people who were convinced they're Irish. I'd get some guy there tell me in a pure american accent that he was Irish american? How are you Irish, mate? Were you born there? Do you have an Irish accent? Citizenship? Read Ulysseses? What?
In fact I met almost no actual americans, only hyphenated americans. When someone found I was from Europe, she introduced herself to me as a German-American. So I started talking in German to her and she didn't understand a bloody word. But she said her "Grandad would understand it." I met a guy over there from Mozambique. He said the thing that annoyed him most were people who said they were african-american. It pissed him off because they didn't know a damn thing about africa. It makes NO SENSE! If you're born and raised in America, you're american. Culture is not transmitted genetically and nothing that is makes a bit of difference to who you are.
So if the parent poster is born and raised in Ireland, then he can continue to rant about discrimination. If he's another hyphenated-american, I'm not interested.
And I'm Welsh, btw, and we're the Irish who couldn't swim. It's like anything else - if you let something bother you, people will use it. If you you're proud of who you are, they can't.
Aide-toi, le Ciel t'aidera - Jeanne D'Arc.
Yeah, I'm irrationally proud of the geo-political area where my ancestors fucked, too.
To cut them a little slack, some of the reasons that they want new extraordinary powers written into the laws is that in the fight against the Irish, they often just ignored and violated laws about police procedures and generally got away with it, whereas today there's more visibility, more television publicity, and more European political concerns about human rights, so they want to make sure that when they're doing extraordinary violations of people's civil rights that they've got laws to permit them to do so.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Err - sure. Like in Al Ghureib and Guantanamo, right? Without any possibility of consulting a lawyer, right. Yeeeessss sure. If the U.S. were a constitutional state - OK. But the current government has demonstrated publicly that it doesn't give a shit about constitutional rights or the Geneva convention. If it appears convenient, people are taken to another country where even less shit is given about people's rights. It's not as if we hadn't been there, done that. Strategically, you don't fight a worldwide guerilla organization by staring to control your own citizens electronically.
open (SIG, "</dev/zero"); $sig = <SIG>; close SIG;
What, so now that I do encrypted backups onto removable USB drives using Windows EFS, I'm at risk having to explain myself every time I cross the US border (I'm Canadian)? What's next? VPN software? SSH? SSL'd bookmarks in my browser?
It is the virtual handing over to law enforcement the power to blackmail anybody. All that needs to happen for you to be declared a terrorists suspect is for some one to say it and some else to listen, no evidence, no proof, nothing but the words of individual. If they had the slightest bit of sence they would understand how much power they are giving terrorists over innocent people, if you should fail to assisst them in some minor way, should they get caught all they have to do is name you and the authorities will listen (a law that terrorises).
This is a law of the rich versus the poor. Rich lawyer on standby no problem, free in a few hours and if you don't like some one you can arrange for an accusation against them. Poor, enjoy you 90 day conviction for no crime, just for having dared to annoy a wealthy or connected individual.
Chaos - everything, everywhere, everywhen