Electronic Frontier Foundation files lawsuit on CBP laptop search
Feb 9, 2008, 2:12 pm
#16
Join Date: Jul 2000
Location: Commuting around the mid-atlantic and rust-belt on any number of RJs
Programs: TSA Random Selectee Platinum, * Gold, SPG/HH/MR mid-tier, and a tiny bag of pretzels.
Posts: 9,255
Assuming no backdoor or key escrow exists (this topic is still under debate, though), I'd agree with you. However, many of the top encryption companies are government vendors or participate in the commercial market - if someone was to take existing technology, customize the algorithm slightly to bar any threat of backdoor/key escrow risk, and pump up the encryption bit level to 256 or even 512, it would make that product truly unbreakable by anyone.
If the feds (probably the NSA) can break modern encryption, why are there court cases where they are trying to compel subjects to release their passphrases? Or installing hardware keyloggers to recover the passphrases?
The answer, of course, is because the feds can't crack modern encryption, or don't want people to know they can. It's far more likely that they can't.
The whole Clipper Chip threat is still out there - and that product will certainly include a built-in backdoor for the government.
As has been mentioned in other threads--they are likely to try to compel you to release your passcode if it becomes an issue. Keep good backups and tell them to keep the drive. Or, make it a keyfile that's unavailable to the feds by warrant or subpeona and give them the drive anyway.
Feb 9, 2008, 7:32 pm
#17
FlyerTalk Evangelist
Join Date: Jan 2005
Location: BWI
Programs: AA Gold, HH Diamond, National Emerald Executive, TSA Disparager Gold
Posts: 15,180
PGP, who is arguably the most discussed (if not top) encryption company publishes their source code. The code has been reviewed by the top civilian cryptography experts and nary a backdoor has been found.
If the feds (probably the NSA) can break modern encryption, why are there court cases where they are trying to compel subjects to release their passphrases? Or installing hardware keyloggers to recover the passphrases?
The answer, of course, is because the feds can't crack modern encryption, or don't want people to know they can. It's far more likely that they can't.
If the feds (probably the NSA) can break modern encryption, why are there court cases where they are trying to compel subjects to release their passphrases? Or installing hardware keyloggers to recover the passphrases?
The answer, of course, is because the feds can't crack modern encryption, or don't want people to know they can. It's far more likely that they can't.
Not a chance. That's why things like AES are selected the way they are--because the feds know that if they try to require key escrow, you end up with people like Phil Zimmerman doing the right thing and releasing good code, anyway.
Feb 9, 2008, 8:47 pm
#18
Join Date: Aug 2007
Posts: 263
As mentioned in another thread, there are products out there that will boot to an empty Linux or Windows partition if you enter one password (when being searched), while booting to the normal partition if you enter the correct password. If you're concerned about these searches (by US or foreign officials), I suggest you install and use them.
Feb 9, 2008, 9:53 pm
#19
A FlyerTalk Posting Legend
Join Date: Sep 2002
Location: LAX/TPE
Programs: United 1K, JAL Sapphire, SPG Lifetime Platinum, National Executive Elite, Hertz PC, Avis PC
Posts: 42,452
http://www.download3000.com/download_42685.html
A manual method of hiding data which has a similar result...
http://adamheckler.wordpress.com/200...isk-partition/
An interesting discussion of hidden partitions sparked by the UK law which makes it a crime to refuse to hand over your password to the government...
http://reddit.com/info/2vp0b/comments
I'm still trying to find that software which does the password-based partition. I learned about it here on FT, so I need to go back through some threads to find it.
Feb 11, 2008, 2:43 pm
#22
Suspended
Join Date: Jul 2001
Location: Watchlisted by the prejudiced, en route to purgatory
Programs: Just Say No to Fleecing and Blacklisting
Posts: 102,095
Here is one product that's interesting...
http://www.download3000.com/download_42685.html
A manual method of hiding data which has a similar result...
http://adamheckler.wordpress.com/200...isk-partition/
An interesting discussion of hidden partitions sparked by the UK law which makes it a crime to refuse to hand over your password to the government...
http://reddit.com/info/2vp0b/comments
I'm still trying to find that software which does the password-based partition. I learned about it here on FT, so I need to go back through some threads to find it.
http://www.download3000.com/download_42685.html
A manual method of hiding data which has a similar result...
http://adamheckler.wordpress.com/200...isk-partition/
An interesting discussion of hidden partitions sparked by the UK law which makes it a crime to refuse to hand over your password to the government...
http://reddit.com/info/2vp0b/comments
I'm still trying to find that software which does the password-based partition. I learned about it here on FT, so I need to go back through some threads to find it.
Was it http://www.truecrypt.org/ ? It works wonderfully.
Feb 11, 2008, 3:52 pm
#23
FlyerTalk Evangelist
Join Date: Feb 2002
Location: San Francisco/Tel Aviv/YYZ
Programs: CO 1K-MM
Posts: 10,763
It hasn't been brute forced yet. It would take trillions of years with a 128 bit key to brute force it, and 256 bit keys are commonly used. I haven't been able to find any evidence that AES has been broken by other means.
Feb 13, 2008, 9:47 am
#24
FlyerTalk Evangelist
Join Date: Nov 1999
Programs: FB Silver going for Gold
Posts: 21,843
Here's a radio sow from Canada about the subject.
http://www.cbc.ca/thecurrent/
The Asian Law Caucus has also filed suit.
http://www.cbc.ca/thecurrent/
The Asian Law Caucus has also filed suit.