Slashdot Mirror

← Back to Stories (view on slashdot.org)

Full Disk Encryption Hard For Law Enforcement To Crack

Posted by timothy on from the you-say-problem-I-say-potato dept.

If you'd rather keep your data private, take heart: disk encryption is a lot harder to break than techno-thriller movies and TV shows make it out to be, to the chagrin of some branches of law enforcement. MrSeb writes with word of a paper titled "The growing impact of full disk encryption on digital forensics" [abstract here to paywalled article] that illustrates just how difficult it is. According to the paper, co-authored by a member of US-CERT, "[T]here are three main problems with full disk encryption (FDE): First, evidence-gathering goons can turn off the computer (for transportation) without realizing it's encrypted, and thus can't get back at the data (unless the arrestee gives up his password, which he doesn't have to do); second, if the analysis team doesn't know that the disk is encrypted, it can waste hours trying to read something that's ultimately unreadable; and finally, in the case of hardware-level disk encryption, tampering with the device can trigger self-destruction of the data. The paper does go on to suggest some ways to ameliorate these issues, but ultimately the researchers aren't hopeful: 'Research is needed to develop new techniques and technology for breaking or bypassing full disk encryption.'"

14 of 575 comments (clear)

  1. "more research?" by TheCouchPotatoFamine · · Score: 4, Funny

    well we [the industry] will be just happy selling encryption with the tagline: so secure - no one can break it - except your average McForensic dude with a software package you can torrent. See, secure!

    --
    CS majors know the time/space tradeoff, but they never get taught the 3rd, crucial, tradeoff of the set: comprehension!
    1. Re:"more research?" by MightyMartian · · Score: 4, Funny

      Clearly these police departments are not familiar with using VisualBasic to make a GUI.

      --
      The world's burning. Moped Jesus spotted on I50. Details at 11.
    2. Re:"more research?" by Fnord666 · · Score: 3, Funny

      but dare talk to a friendly lawyer about this and they'll likely bite your head off. and if you are in voire dire and dare tell anyone that you are even aware of what JN means, you are immediately dismissed as a juror. worse: if you don't let on during VD and then vote your concience, you can be jailed for contempt!

      That's why I wear a "I Support Jury Nullification!" button to jury duty. I still get to work at the normal time on those days.

      --
      'The tyrant will always find pretext for his tyranny.' - Aesop's Fables
  2. obligatory by dr.Flake · · Score: 4, Funny

    http://imgs.xkcd.com/comics/security.png

    --
    Why are other peoples sig's always more witty ???
    1. Re:obligatory by Anonymous Coward · · Score: 3, Funny

      It's not torture, it's a freedom tickle.

  3. Re:Giving up passwords by bhtooefr · · Score: 3, Funny

    Except he doesn't have to.

    He can be punished for not doing it, but there's no law of physics that FORCES him to give up the password.

    Hence why spies have cyanide pills and such - such that it then becomes impossible for them to even give up the password.

  4. Re:Giving up passwords by Anonymous Coward · · Score: 0, Funny

    if you are 'innocent' why do you encrypt your data in the first place?

  5. Re:xkcd "comics" are never obligatory. by Anonymous Coward · · Score: 5, Funny

    Wow. Did a stick figure run over your dog or something?

  6. REFRIGERATED crustacean pix? by Anonymous Coward · · Score: 5, Funny

    You are in violation of the laws forbidding the manufacture, sale and possession of chilled prawnography.

    1. Re:REFRIGERATED crustacean pix? by ColdWetDog · · Score: 4, Funny

      You are in violation of the laws forbidding the manufacture, sale and possession of chilled prawnography.

      A good strong shell ought to keep him out of trouble. Don't Bash it if you've not tried it.

      --
      Faster! Faster! Faster would be better!
    2. Re:REFRIGERATED crustacean pix? by chromas · · Score: 5, Funny

      Judging by his name, I'd say he's been out there a while.

    3. Re:REFRIGERATED crustacean pix? by Nethead · · Score: 4, Funny

      Surely you meant: tcsh tcsh.

      --
      -- I have a private email server in my basement.
  7. Re:I wish this was the case in the UK by sunderland56 · · Score: 5, Funny
    We need an encryption package that has *two* passwords:
    • One normal one that decrypts as usual;
    • A second one that formats the disk and installs a standard version of Windows

    You use password #1, but if arrested you give up password #2.

  8. Re:xkcd "comics" are never obligatory. by Anonymous Coward · · Score: 2, Funny

    Wow. Did a stick figure run over your dog or something?

    No, his girlfriend left him for a stick figure. She wanted to try a bigger penis.