Reason # 876,320,666 to use TrueCrypt on EVERYTHING

[AZRedhawk44]

http://washington.cbslocal.com/2013/06/05/dept-of-homeland-security-laptops-phones-can-be-searched-based-on-hunches/

DHS says agents can have a "hunch" and that's justification to search, duplicate, or seize your electronic equipment.

A "hunch."

I guess if they have an inkling or a notion, they can go so far as to waterboard you.

And if they actually SUSPECT you of something, it's either rendition time or droning.

The legal process is so passé.  Rights, trials... gets in the way of killing people and stealing booty.

[eyebrows]

Do you think encryption will help? Look at the guy they are threating to jail because he won't decrypt his files. Granted its a slightly different situation but it won't be long until DHS's hunch is all they need to order decryption or else face jail. If its not already that way.

[mtnbkr]

The key is not to travel with any sensitive data.  Use a strong VPN to download it once you arrive at your location, then securely delete it once you no longer need it there, but do not travel with it.

Chris

[AJ Dual]

Do you think encryption will help? Look at the guy they are threating to jail because he won't decrypt his files. Granted its a slightly different situation but it won't be long until DHS's hunch is all they need to order decryption or else face jail. If its not already that way.

I'm thinking that one of those fail-safes where the duress password permanently encrypts/destroys the data, and the subsequent "Obstruction of Justice" charges or whatever they'd slap on you might be preferable to indefinite detention for "contempt of court".

[Fitz]

Set it to delete after three tries. Tell them a bogus, but super hard, password, then moan about how those meanies fat fingered it and deleted all ur dataz

[zxcvbob]

I'm thinking that one of those fail-safes where the duress password permanently encrypts/destroys the data, and the subsequent "Obstruction of Justice" charges or whatever they'd slap on you might be preferable to indefinite detention for "contempt of court".

Do you know how long it takes to wipe a disk?

[AJ Dual]

Set it to delete after three tries. Tell them a bogus, but super hard, password, then moan about how those meanies fat fingered it and deleted all it datas

Plausible denial.

What's a phrase a Fed could never type without shaking?

"Pr1v@t3 53c+0r B3n3f1t p@ckAg3"

Do you know how long it takes to wipe a disk?

Actually, it's moot and we're just joking, because no matter how it's encrypted, the first thing a competent computer forensics expert would do, assuming you were worth the time/money/effort, is get a low-level hardware layer OS-independent disk image. Something with fail-safes or a failed attempts/scrambler option is useless in that scenario, because they should be able to try as many times as they like from the backup.

If they're really worried, physical dissasembly of the HDD platters will be done, and they'll be read in other hardware than the original drive.

Something using Flash/NVRAM might be a bit trickier if there's gatekeeping IC's that are part of the encryption scheme, and they're sufficiently integrated into the package. Some of the secure flash drives work along these lines, with varying degrees of security.

[Nick1911]

I'm thinking that one of those fail-safes where the duress password permanently encrypts/destroys the data, and the subsequent "Obstruction of Justice" charges or whatever they'd slap on you might be preferable to indefinite detention for "contempt of court".

Two things I learned from the forensics division of the computer information technology department at Purdue:

1: There is a hardware device between the disk in question and the forensics machine that specifically blocks attempts to write.
2: The fist thing done is to make an exact bit for bit copy of the suspect disk.

[AJ Dual]

Two things I learned from the forensics division of the computer information technology department at Purdue:

1: There is a hardware device between the disk in question and the forensics machine that specifically blocks attempts to write.
2: The fist thing done is to make an exact bit for bit copy of the suspect disk.

I was editing to add these caveats... 

However, people may be surprised/not surprised at how incompetent some state crime labs can be. 

[freakazoid]

That's why you have thermite inside in case of any attempted opening.

[Regolith]

That's why you have thermite inside in case of any attempted opening.

Then they tack on arson to the evidence destruction and obstruction of justice charges, possibly with an "attempted homicide" addendum if they're feeling particularly ornery.

[Nick1911]

That's why you have thermite inside in case of any attempted opening.

Instead of, as Regolith noted, risking some rather serious charges -- just use hidden volumes!  Being covert will get you much further then fighting the state directly.  Just think of the kind of scruteny you would be under when the IED is discovered inside your computer case... verses handing over a password that that reveals you happen to like visiting /r/gayfurrymidgitporn/...  [Remember:  You "clean" volume must have something embarrassing/immoral/private but *fully legal* in it.  It will satisfy the states desire to find what you were "hiding", and deter them from further digging as they hit pay-dirt.]

[zxcvbob]

The real solution is just to encrypt EVERYTHING, like the subject says.  Especially stuff that is *not* sensitive.  If they can't tell what's valuable and what's not, they have to decrypt everything, and they don't have enough horsepower to do that on a large scale if people use strong encryption.

[French G.]

Who are all you superspys anyway? I have a $300 laptop and a tracphone. Good luck finding something sensitive. Travel with no electronics.

[CNYCacher]

The real solution is just to encrypt EVERYTHING, like the subject says.  Especially stuff that is *not* sensitive.  If they can't tell what's valuable and what's not, they have to decrypt everything, and they don't have enough horsepower to do that on a large scale if people use strong encryption.

They don't have enough horsepower to decrypt a tiny 1MB drive of what most *experts* would consider *weak* encryption.

Encryption is like radiation. Nobody understands its strength because it's logarithmic. Whereas most people hear radiation and vastly overestimate its strength, most people hear about encryption and vastly underestimate its strength.

For all intents and purposes, an encrypted drive is un-crackable by any agency.  They are not going to get into it without the key.  I don't care what new supercomputer you heard about either, or how fast it is; it's like telling me the new Lamborghini is going to retrieve my data from Alpha Centauri in a reasonable timeframe.

Also, I am pretty sure I read within the last few days that the most recent case where a person was to be compelled to decrypt a drive has been overturned by a higher court.

[RevDisk]

Do you know how long it takes to wipe a disk?

If your data is encrypted, not very long. You don't have to overwrite the whole disk. Just the table that tells you where is what. No way of recreating it.

But that wouldn't matter, because it's standard practice to make a bit level copy of a HD before trying to decrypt files. Play cute, and they'll still have the original encrypted material plus more charges to stack against you. A hidden volume is somewhat helpful and impossible to prove, but usually fairly easy to guess.

They don't have enough horsepower to decrypt a tiny 1MB drive of what most *experts* would consider *weak* encryption.

Encryption is like radiation. Nobody understands its strength because it's logarithmic. Whereas most people hear radiation and vastly overestimate its strength, most people hear about encryption and vastly underestimate its strength.

For all intents and purposes, an encrypted drive is un-crackable by any agency.  They are not going to get into it without the key.  I don't care what new supercomputer you heard about either, or how fast it is; it's like telling me the new Lamborghini is going to retrieve my data from Alpha Centauri in a reasonable timeframe.

Also, I am pretty sure I read within the last few days that the most recent case where a person was to be compelled to decrypt a drive has been overturned by a higher court.

Pretty much. Encryption is beyond the neighborhood cops, and usually beyond most federal cases. But as long as they can compel you to decrypt it, you're always going to be hamstringed. Or they can just torture it out of you.

[Boomhauer]

The real solution is just to encrypt EVERYTHING, like the subject says.  Especially stuff that is *not* sensitive.  If they can't tell what's valuable and what's not, they have to decrypt everything, and they don't have enough horsepower to do that on a large scale if people use strong encryption.

[AZRedhawk44]

Ayup.

Meaning encryption works as long as government is legitimate.

[Tallpine]

Ayup.

Meaning encryption works as long as government is legitimate.

We're past that point 

[CNYCacher]

Exactly.  Unless you give them the key, or they guess it, they will not be "cracking" the encryption.

Encryption levels are like an arms race, with key size getting larger and larger over time. Most people reading this have heard terms like "128-bit encryption" and "256-bit" encryption.  What those mean is that there are 2¹²⁸ or 2²⁵⁶ possible keys to guess from if you want to try to brute-force crack it.  So you would have to try a key, and then apply that key to the decryption function, and then look at what you get out of it and see if it makes sense as data or if it is still gobledygook.  Then try another key, 2¹²⁸ times.

But the thing is this: It isn't a race at all.  Keysizes over time have grown at a rate that is ridiculously large in terms of the processing power needed to crack them.  I'll give you an example from 10 years ago when I was writing RSA encryption/decryption algorithms in college.  Back then, 128-bit RSA was the industry standard. I wrote an RSA encryption algorithm and a matching cracking algorithm. Then I ran the cracker against increasing levels of encryption until I had a 50% chance of cracking the encryption in a minute.  You want to know the size of the key I could crack in a minute 50% of the time?  32 bits.

So, I was a quarter of the way to 128, right?  Nope.  It's logarithmic.  I was a quarter of the way to 34 bits, half-way to 33 bits, and possessed approximately 1 billionth of the processing power to crack 64 bits.

But my computer was really slow 10 years ago, right? And today's computers are faster.  Meh.  Lets assume a computer today is 1024 times faster by accelerating Moore's law to 12 months instead of 18 or whatever it is.  That buys you 10 bits, so we would be up to 42 and a billion of these modern computers would be somewhere around 74 instead of 64.

In reality, my computer today isn't 1000 times faster, but pretend it is and it can break 42 bits in a reasonable time.  Now give me a billion of them (+30 bits) on earth.  Give me a billion earths just like this one (+30 bits).  We still have 26 bits to crack.  Without adding computing power, we could just take more time.  So Instead of 1 minute, allow 2^26 minutes, which is 127 years.

That's what's required to break 128, and you need twice as much as all of that to break 129, which no one ever even stopped at on their way to 256, which isn't even something that can be comprehended.

Things like 4096-bit encryption mentioned in the comic is just "This one goes to 11"

[freakazoid]

Then they tack on arson to the evidence destruction and obstruction of justice charges, possibly with an "attempted homicide" addendum if they're feeling particularly ornery.

You are just protecting your financial information against any would be thieves, you didn't know that the government was going to suspect you of doing something illegal since you are an honest upstanding citizen.

Is it illegal to booby trap your house against thieves?

[cassandra and sara's daddy]

You are just protecting your financial information against any would be thieves, you didn't know that the government was going to suspect you of doing something illegal since you are an honest upstanding citizen.

Is it illegal to booby trap your house against thieves?

yes

[Regolith]

yes

Do not pass go, do not collect $200...

[HankB]

. . . Is it illegal to booby trap your house against thieves?

In Texas, it is if the "mechanism" used in the trap is intended or likely to kill or seriously injure the thief. So a shotgun pointed at the door with a string that would fire it if someone forces their way in would likely be illegal, but triggering a shot of pepper spray wouldn't cross that threshold.

So depending on its size, an explosion or thermal device which would melt the HD *might* be considered an illegal booby trap, but if you had, say, an SSD and forcing the case open triggered a capacitor discharge that fried the memory without causing an explosion that would hurt the person opening the chassis, they'd have a hard time making "trap" charges stick.

As for destroying evidence . . . IANAL, but in this scenario, YOU didn't destroy it, the guy who forced the chassis open did. They'd have a hard time convincing the jury otherwise, especially since you only did that to protect your info from identity thieves.