Slashdot Mirror

← Back to Stories (view on slashdot.org)

Police Need 90 Days To Crack Hard Drives

Posted by Zonk on from the they'll-get-better-with-practice dept.

Twyko64 writes "The UK police may need 90 days to hold terrorist suspects because it takes that long to crack a suspect's PC hard drive." From the article: "Combining the analysis, the translation and second stage analysis, add inter-country co-operation and interview strategy formation, and from the police point of view, the existing 14 days is inadequate and 90 days doesn't look excessive. Another factor is encryption sophistication. If 256-bit triple-DES or similar techniques are used then decryption could require supercomputer-levels of cracking."

13 of 693 comments (clear)

  1. 90 days, eh? by BushCheney08 · · Score: 5, Funny

    Nothing for you to see here. Please move along.

    Hmmmm. Guess I'll come back in 90 days for the dupe...

    --
    Be a real patriot: Question authority. Think for yourself. Formulate your own conclusions.
    1. Re:90 days, eh? by Anonymous Coward · · Score: 5, Insightful

      I hope not. Holding suspects for any amount of time without probable cause is bullshit. A hard drive whose contents is not decipherable (as yet if ever) is not probable cause. It is an unknown. If the police do not have reason to hold an individual aside from a hard drive of unknown content, the police have do not have reason to hold an individual.

    2. Re:90 days, eh? by Don_dumb · · Score: 5, Insightful

      Mod that comment up
      If they don't have enough proof to charge someone after even a couple of days, why are they so sure someone is a suspect at all?
      They must have some reason to arrest someone in the first place and I sincerely hope that reason is based on a collection of very compelling evidence. At which point they can charge him/her and have as much time as they want anyway.

      --
      If this were really happening, what would you think?
  2. They're really going to hate it when... by TWX · · Score: 5, Insightful

    They're really going to hate it when suspects start using steganography. Imagine having to brute-force decrypt, only to then have to search for a particular piece of straw in a haystack...

    --
    Do not look into laser with remaining eye.
    1. Re:They're really going to hate it when... by TWX · · Score: 5, Interesting

      What if I don't use a programmed algorithm?

      The old "manipulate the image in the picture" effect would allow me to hide data in an image, and it could be done to where only modifying the image to specific hue or color adjustments reveals the data. It would be something that someone could memorize, and open files read-only to find, modify in RAM, and never save back to the drive once the message is known. There could be thousands of photos in someone's photo album, and only a few that actually contain data too, so that it's hard to even find the files used, let alone to figure out how they're used.

      I could also know that certain letters in a text file based on some derivation of a number sequence for position of the letter or word is the message. Anyone that I'm corresponding with could also know the sequence, but if neither party writes it down then it's much harder. It would also work for storage of sensitive data, and be even better security since there'd be only one person who'd know how to recover it.

      The most effective way to hide something or protect something is to ensure that nothing is ever written down about recovering it, ever. If there's no key to find then it's again down to brute force.

      --
      Do not look into laser with remaining eye.
    2. Re:They're really going to hate it when... by Verteiron · · Score: 5, Funny

      Well, in that case, the USA will ship you off to some country where torture is legal, and CIA operatives will proceed to beat the secrets out of you. Now THAT'S brute force...

      --
      End of lesson. You may press the button.
  3. Blatantly WRONG by Work+Account · · Score: 5, Interesting

    Most times a police department cannot even ANALYZE data properly if a machine is not running some modern form of Microsoft Windows on an x86 platform.

    They have automated TOOLS that go through and find Web browser histories, caches, and cookies.

    On machines where users do not run Microsoft Internet Explorer and use Outlook for email, often times departments are SOL.

    --

    If you "get" pointers add me as a friend (116)!
  4. Illegal not to give the police the key? by Jamu · · Score: 5, Insightful

    If it's illegal to not provide the police with a key to encrypted data, why can't they just put that person in prison for that crime and decrypt the data at their leisure?

    --
    Who ordered that?
    1. Re:Illegal not to give the police the key? by dan+dan+the+dna+man · · Score: 5, Insightful

      This is an excellent point, it is true it is illegal to withold encryption passphrases etc. from the police if they ask you to surrender them. This is why there is a fight in the UK to stop this 90 day 'hold without evidence' the police and government are pushing. The opposition parties have been making this exact point - just bust them on the lesser charge, sling them into jail on something they've *actually done* rather than something they *may have done* and then use that time to gather the rest of the information. Makes perfect sense to me.

      --
      I don't read your sig, why do you read mine?
  5. 256? 3des? no. by jlcooke · · Score: 5, Informative

    3des. 3 x des. des uses 64 bit key. Well, 56 bit if you remove the useless parity.

    3 x 56 = 168. or 3 x 64 = 192. Either way, 256 is is not.

    256 bit AES, then maybe.

  6. Comment removed by account_deleted · · Score: 5, Funny

    Comment removed based on user account deletion

  7. Re:No such thing as "256-bit triple des" by z-man · · Score: 5, Funny

    Pssst, like the NSA doesn't have quantum computers behind that triple fence that can brute force 256bit keys in an instant.

    Now, shut up and help me find my tinfoil hat.

  8. Re:Blatantly WRONG (now with formatting!) by sparr0w · · Score: 5, Insightful

    I think the key to this article is not the piece on encryption, but the piece on inter-county cooperation. In the states, it takes a long time for evidence to be approved by the proper authorities for analysis, just because the people doing the analysis don't want to screw up and have the evidence thrown out in court.

    And as easy as it is to make fun of the police's analysis methods, my guess is most slashdotter's don't even know what it's like to process evidence for a case. It's not just "running automated tools" on some suspect's hard drive. It's getting to know the case, knowing what you're looking for and where to look for it. Many times it's the police themselves that are writing these "automated tools", which only present the evidence in a way less technical minded officers assigned to the case can understand. And what happens once you get that evidence? You have to try to fit it into the puzzle of the case. It isn't CSI, where you find some email detailing the crime that's digitially signed and the suspect confesses to writing it. Often times its finding some random piece of partially-overwritten text and having to see if it fits into the overall case.

    And yes, most digital forensic labs can analyze your precious reiserfs/ext2/ext3/whatever file systems. In fact, I've never run across a lab that couldn't. So don't think you're 1337 linux system will be safe if it's ever involved in a crime. And if they don't have the tools to analyze them, they'll contact a department that does. That's how the real world of forensics works.

    Next time you want to talk about a subject you blatently don't understand, do us all a favor and don't hit the submit button.