Police Need 90 Days To Crack Hard Drives
Twyko64 writes "The UK police may need 90 days to hold terrorist suspects because it takes that long to crack a suspect's PC hard drive." From the article: "Combining the analysis, the translation and second stage analysis, add inter-country co-operation and interview strategy formation, and from the police point of view, the existing 14 days is inadequate and 90 days doesn't look excessive. Another factor is encryption sophistication. If 256-bit triple-DES or similar techniques are used then decryption could require supercomputer-levels of cracking."
Most times a police department cannot even ANALYZE data properly if a machine is not running some modern form of Microsoft Windows on an x86 platform.
They have automated TOOLS that go through and find Web browser histories, caches, and cookies.
On machines where users do not run Microsoft Internet Explorer and use Outlook for email, often times departments are SOL.
If you "get" pointers add me as a friend (116)!
That just means they'll keep you for 50 years without a trial (or however long it takes them to crack your encryption). Interesting that those that use encryption are automatically considered criminals.
I thought that was why the UK introduced the RIP act (http://www.hmso.gov.uk/acts/acts2000/20000023.htm )? Could they just demand that the person comes up with the keys -- if they don't, hold them through the RIP act and brute-force them, if they do -- then they've either got evidence or the innocent person can go free?
It seems that they are just using this as an excuse to hold someone indefinately?
That government can crack triple DES in more than 14 but less than 90 days on their secret supercomputer. No wonder they dropped opposition to crypto exports. The question is, which algorithms/key sizes can we use that is likely still uncrackable?
The underlying objective is for the UK to adopt the US model of 'terrorist' detention. Extending the permitted period for detention of 'suspects' without charge to 90 days is a step in the desired direction for this. And as people are saying, 90 days won't be enough time to crack anything that's properly secured. In 90 days, our boys in blue, who don't really get this IT stuff very well, might perhaps be able to crack an UNENCRYPTYED drive. Not all terrorist suspects have hard drives, anyway. I guess they'll have to let the ones who don't go straight away.
It's never so bad that it can't get worse.
They can't and don't, but what the hell, it's a pretext. The police have never liked this whole deal of having to let people go if you don't have enough evidence to charge them with anything. The longer they can get to find something that will stick, the more criminals they successfully prosecute and the safer we all are.
Now, if you'll excuse me I have to open my new estate agency, pontine transit solutions a speciality...
Real Daleks don't climb stairs - they level the building.
You think that they can afford to hire some lunix rocket surgeon as a computer forensics expert on what the local PD pays?
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
What if I don't use a programmed algorithm?
The old "manipulate the image in the picture" effect would allow me to hide data in an image, and it could be done to where only modifying the image to specific hue or color adjustments reveals the data. It would be something that someone could memorize, and open files read-only to find, modify in RAM, and never save back to the drive once the message is known. There could be thousands of photos in someone's photo album, and only a few that actually contain data too, so that it's hard to even find the files used, let alone to figure out how they're used.
I could also know that certain letters in a text file based on some derivation of a number sequence for position of the letter or word is the message. Anyone that I'm corresponding with could also know the sequence, but if neither party writes it down then it's much harder. It would also work for storage of sensitive data, and be even better security since there'd be only one person who'd know how to recover it.
The most effective way to hide something or protect something is to ensure that nothing is ever written down about recovering it, ever. If there's no key to find then it's again down to brute force.
Do not look into laser with remaining eye.
Generally they try to capture a complete computer containing all the algos used for the steganography. That way they don't have to search for a needle in a haystack. It's a bit like the code devices of WWII. It was always easier to capture a code machine than try to brute force the code itself
This is actually wrong. Kirchoff's principle applies as equally to steganography as it does to cryptography; even with completly knowledge of the algorithm it should be computationally infeasible to determine a secret message is implanted in the cover text.
Secure stegangraphy is truly undetectable.
Simon.
That's because they are criminals. Failure to turn over your encryption key is an offence under the RIP Act, punishable IIRC by up to two years imprisonment.
I guess that's why one may use TrueCrypt with its support for two-level plausible deniability. I.e. it's practically impossible to prove there isn't more on the encrypted volume than you see, unless you have an enormous time to spend on trying to crack the hidden nested volume.
Beware: In C++, your friends can see your privates!
Ok what about with rainbow tables, vast stores of precomputed hashes? They say that with a 64GB table, it'll take a few minutes to crack any Windows lanmanager password up to 14 characters in size using "all possbile characters on a standard keyboard (not including those alt+xxx characters)" on a standard 666 MHz system. Some individual table sets have been known to reach 600+GB in size. How do the likes of 3DES and AES stand up to that? I'm an encryption noob.
So then you need a method of being able to hide precisely what is encrypted and what is not. Look around and you'll find systems for filling a file system with chaff files to make finding the real data more interesting. One I looked at ended up with a filesystem with all the files apparently the same size, with constantly changing timestamps and all apparently contain random data. This system then allowed you to apply keys to make certain files readable while leaving the rest as noise. The point of this is that even the empty file system is full of rubbish files. It is impossible to tell (without the complete set of keys) precisely what is really data and what is just generated chaff. This gives you a lever of plausible deniability - if you are asked for the keys to the repository, you can hand over the keys and let them at it. It would be difficult (never say never) to correctly identify encrypted files amongst the chaff which were not covered by the keys provided.
Cheers,
Toby Haynes
Anything I post is strictly my own thoughts and doesn't necessarily have anything to do with the opinions of IBM.
I do think they should pay full compensation if nothing comes of their investigation. A detained person can't work, and will quite probably also lose their job. Given the police force's tendency towards extreme paranoia and abuse of power, especially when given sweeping powers, the government must be willing to pay up, and pay up big, anytime they make a mistake.
Maybe we should start differential taxation - if you support extended imprisonment without trial and excessive police powers because you think it will make you safer, then you must also be willing to pay extra for it. I don't want my taxes wasted on this game of idiots.
There was a time, around the mid-1800s, when Americans would identify themselves as just that -- Americans. This was back in the early days of the republic, and there was still a cultural (and sometimes a real) memory of the war of independence. Self-identification as American was part of the pride.
Now, back then, there were self-identified Americans who were actually born in France or England or Germany. To anyone else, they were French or British or German. Their kids, not having any personal experience of the family-homeland, also identified themselves as Americans, though saying you were British-American or French-American or German-American wasn't really an option, since all American families actually hailed from somewhere else in the past. Assimilation (the melting pot) was a very powerful force for white Americans. In a social sense, blacks of the era simply didn't have the social power to self-identify, and their identity was further stripped by having to take their master's surname. Native Americans (or North American aboriginals, if you prefer that appelation) had their own tribal identification, which still remains to this day.
As you get closer to 1900, there were huge waves of immigrants from all over the world, and these were people who wanted a clean slate. They wanted nothing more than to be assimilated. In some families, the language of the homeland was forbidden. Educational institutions sought to have kids learn and speak english without accent. The pride of the immigrant American at the turn of 1900 buried the notion of self-identification of the homeland. My four great grandfathers and mothers (on both mom and dad's sides) spoke very little english because they came to the country when they were too old for schooling, but their kids (my grandmas and grandpas) all spoke English in the upper-midwestern American accent, and while they could understand some of the old languages and maybe speak and read a bit, they were Americans and identified themselves as such.
Consider, then, the melting pot. By the time it got around to me, the national heritage of my family was Belorussian, Lithuanian, French and Norwegian. I only speak one of those languages, but how could I possibly self-identify with any of those nations? I can't, and I don't, but mustly because I still take some pride in being an American, regardless of how my country seems to be perceived at present.
However, their are groups who have been marginalized over time, who seek to re-enforce their sense of identity to elevate their pride. Some black Americans prefer to align themselves with their African roots. Some Irish-Americans identify themselves that way because they seek a tie to their family heritage that may have been repressed as a part of assimilation. Interestingly, the force of assimilation has decreased in American culture. We're a much more multi-lingual, multi-cultural nation, now, and that's also being reflected in the way certain people self-identify. In America, you are free to identify yourself in any way that you prefer, and that's what people do.
Hope it helps.
.. pa-ra-bo-la, pa-ra-bo-la, 2 pi R, 2 pi R, where's your latus rectum, where's your latus rectum, 2 pi R