How will the feds crack bin Laden's hard drives?

[dreamdancer 0]

interesting...

Quote

The seizure of Osama bin Laden's hard drives left many wondering what the US might discover - "the mother lode of intelligence", or impossible-to-crack encrypted data? It turns out that while the encryption used may be mathematically impenetrable, the human factor can provide a way in to the data, even after bin Laden's death.

One crude method is to decrypt the data would involve a "dictionary attack" - simply trying permutations of words in the dictionary in an attempt to guess the encryption password. Depending on the password's length and complexity, the process could take decades. An alternative and hopefully quicker approach is to use known facts about bin Laden and previously seized al Qaeda data to narrow down the options.

"They can take every single word off every single piece of media and use that to create a custom dictionary," says Chris Mellen, vice president of professional services at AccessData, which provides computer forensics software to the US government. The idea is that bin Laden might have used words or phrases with particular significance."You're creating a smart dictionary attack versus a dumb dictionary attack." There is also the possibility that bin Laden used a similar password in a system with lower security. Finding those increases the power of the custom dictionary.

These methods will be among the first used to try and crack bin Laden's drives, and Mellen says they can quickly deliver results. "If you're going to get it via low-hanging fruit, you'll get it within the first seven days. When you get past that, it becomes very difficult to even put a time-frame on it."

In that case it's hard to see what the US can do to access bin Laden's data, and every moment the passes reduces the likelihood of gaining usable intelligence. They may even be forced to give up - in 2010, the FBI admitted defeat after attempting to crack drives of a money-laundering Brazilian banker.

http://www.newscientist.com/blogs/onepercent/2011/05/the-seizure-of-osama-bin.html

stay away from moving propellers - they bite
blue skies from thai sky adventures
good solid response-provoking keyboarding

[shropshire 0]

It's getting more and more like the story line from a Clancy 'thriller(?)'.

(.)Y(.)
Chivalry is not dead; it only sleeps for want of work to do. - Jerome K Jerome

[beowulf 1]

This is old news. They must have just watched that old hacker movie, War Games. Brute force password attacks have been around for a long time. Customizing a dictionary is one of the oldest tricks.


BTW if it were my encrypted hard drive it would take them forever to decrypt. I would use a randomly generated password of at least 8 characters or better.

[PhreeZone 20]

Toss in a Unicode character in there and it really is next to impossible to crack if you are using anything stronger like AES at 256 bits or at the worst 3DES at 128. In this case since the pass code will be in a non-English format you can be assured that the dictionary is going to be customized. Odds are that most will go unopened due to the strength of the encryption for a few years if he was using software that was worth its price.

Yesterday is history
And tomorrow is a mystery

Parachutemanuals.com

[wayneflorida 0]

Doesn't really matter if they crack them or not.

I guarantee you that there are nothing but 1's and 0's on them.

[PhreeZone 20]

Quote

I guarantee you that there are nothing but 1's and 0's on them.

A nightmare for a robot is a 2

Yesterday is history
And tomorrow is a mystery

Parachutemanuals.com

[dreamdancer 0]

Quote

Quote

I guarantee you that there are nothing but 1's and 0's on them.

A nightmare for a robot is a 2

or a half...

stay away from moving propellers - they bite
blue skies from thai sky adventures
good solid response-provoking keyboarding

[shah269 0]

What makes you think the guy was smart enough to encrypt his hard drive?
Odds are he was running windows and was using whatever the OS was using.
He's a trust fund baby, those guys usually aren't all that smart.

Life through good thoughts, good words, and good deeds is necessary to ensure happiness and to keep chaos at bay.

The only thing that falls from the sky is birdshit and fools!

[Gravitymaster 0]

Based on the photos they released of his "Situation Room" I'd say he was likely running Windows 95. Or even worse, Windows XP.

[beowulf 1]

Why would you consider Windows XP to be worse then 95?


The two absolutely worst Windows OS's are Melinnium and Vista.

If he were running Windows ME then he was really stupid!

[shropshire 0]

I'm surprised if he was running any Microsoft OS - Way too much Pork inside

(.)Y(.)
Chivalry is not dead; it only sleeps for want of work to do. - Jerome K Jerome

[Gravitymaster 0]

I meant to say Windows Vista. Arguably, the worst operating system ever. I rue the day I bought a computer with that piece of junk on it and praise the day when I replaced it with Windows 7.

If Osama was using Vista, they will never be able to crack the code because the OS will keep crashing.

[beowulf 1]

Now that makes sense!

Except for the crashing part. They wouldn't actually use the OS on the hard drive. They would most likely make an image of the hard drive and either write it to a different hard drive, hook it up to another computer as a slave drive or have software that can mount the image itself. Then work at figuring out the password used to encrypt the individual files or the entire hard drive.

Well that is how I would approach it.

[Gravitymaster 0]

Quote

Now that makes sense!

Except for the crashing part. They wouldn't actually use the OS on the hard drive. They would most likely make an image of the hard drive and either write it to a different hard drive, hook it up to another computer as a slave drive or have software that can mount the image itself. Then work at figuring out the password used to encrypt the individual files or the entire hard drive.

Well that is how I would approach it.

Well, I can tell you that even if you have the password, with Vista, it's no guarantee you will be able to open a file.

[wsd 0]

Quote

Toss in a Unicode character in there and it really is next to impossible to crack if you are using anything stronger like AES at 256 bits or at the worst 3DES at 128. In this case since the pass code will be in a non-English format you can be assured that the dictionary is going to be customized. Odds are that most will go unopened due to the strength of the encryption for a few years if he was using software that was worth its price.

You do realize that many crypto programs have already been cracked before they are released right?

The thing to remember is the resources and money that a certain organization can throw at it.

Many crypto programs are developed and the developers have a good relationship with that org.

If you have that type of computing power the task is really lessened.

But what do I know, I only have a InfoSec education.

[Bertt 0]

here's how they'll really do it:

1) A bag of Osama paraphernalia will be taken to the NSA.
2) A process more mysterious than underpants gnomes will take place.
3) A report will be written.

You don't have to outrun the bear.

[PiLFy 3]

You might know this, then. I remember reading about hi-powered banking encryption being cracked by a group who used linked-supercomputers(?) a few years back. I think it was 128 byte(?) encryption. Experts quickly issued a damage-control release stating that most hackers don't have access to anywhere near that level of super-computer(s). I had read that in a blurb of an article @the time. Ring any bells?

If they can crack the highest encryption levels in existence? I'm betting they'll be reading his secret recipes soon enough.

[champu 1]

Quote

You might know this, then. I remember reading about hi-powered banking encryption being cracked by a group who used linked-supercomputers(?) a few years back. I think it was 128 byte(?) encryption. Experts quickly issued a damage-control release stating that most hackers don't have access to anywhere near that level of super-computer(s). I had read that in a blurb of an article @the time. Ring any bells?

If they can crack the highest encryption levels in existence? I'm betting they'll be reading his secret recipes soon enough.

128 byte [sic, don't know if you mean 128-bit or 1024-bit, but regardless...] is not the highest encryption level in existence. More to the point, though, "highest encryption levels in existence" is a bit of a silly term. I think you're presuming all attacks against encryption are brute force, which is definitely not the case, particularly when you've got the whole system in your possession.

[PiLFy 3]

Phew... For a second there. I thought someone might come back w/a useless, smart-butt reply. All just because we're in SC.

I knew I was off. Hence the question marks. I was just curious if the person I replied to remembered, & would flesh it out for us.

[KidWicked 0]

Quote

Quote

Toss in a Unicode character in there and it really is next to impossible to crack if you are using anything stronger like AES at 256 bits or at the worst 3DES at 128. In this case since the pass code will be in a non-English format you can be assured that the dictionary is going to be customized. Odds are that most will go unopened due to the strength of the encryption for a few years if he was using software that was worth its price.

You do realize that many crypto programs have already been cracked before they are released right?

The thing to remember is the resources and money that a certain organization can throw at it.

Many crypto programs are developed and the developers have a good relationship with that org.

If you have that type of computing power the task is really lessened.

But what do I know, I only have a InfoSec education.

What would that education be exactly?

Coreece: "You sound like some skinheads I know, but your prejudice is with Christians, not niggers..."

[wsd 0]

More than you would comprehend.

[wsd 0]

Quote

You might know this, then. I remember reading about hi-powered banking encryption being cracked by a group who used linked-supercomputers(?) a few years back. I think it was 128 byte(?) encryption. Experts quickly issued a damage-control release stating that most hackers don't have access to anywhere near that level of super-computer(s). I had read that in a blurb of an article @the time. Ring any bells?

If they can crack the highest encryption levels in existence? I'm betting they'll be reading his secret recipes soon enough.

Unless OBL was using one time cipher pads I do not doubt it will be cracked, it probably was not encrypted at all other than password.

The password was either backpussy or BoysNight

[ryoder 1,590]

Quote

Odds are he was running windows and was using whatever the OS was using.

Clippy:
It looks like you're planning a terrorist attack.
Would you like help?
* Get help with planning the attack.
* Just plan the attack without help.
* Don't show me this tip again.

"There are only three things of value: younger women, faster airplanes, and bigger crocodiles" - Arthur Jones.

[PhreeZone 20]

You are probably thinking of the Distributed.net crack of the RC5 key (64 bit encryption) a few years back. That was a major break through in brute forcing the key . They basically used processing power on a mesh network to attack the key and brute forced it. I thought it was hot shit reading it on SD years ago when it was news. In reality stepping from 64 bit to 256 is a whole new level. Its not just 4 times more complex its thousands of times more keys to run though.

Most encryption can be broken with enough processor time but the weakness usually is not in the encryption but in the implementation of the encryption. Side-Channel attacks, key caching, etc are all issues that reduce the strength of it. With AES 256 (I know a bit about this one since I deal with FIPS140-2 devices on a daily basis) it was vetted by NIST and there has been a lot of study done on it globally to see if there are weaknesses and there are some but nothing to the point that it makes the encryption worthless.

Yesterday is history
And tomorrow is a mystery

Parachutemanuals.com

[billvon 2,991]

General rule of thumb -

You can readily identify the people who don't know much about military and government encryption algorithms - they're the ones posting on public boards claiming they do.

It's like anything else. That drunk guy at the local bar telling everyone he's a SEAL? Probably not really a SEAL. The guy you've never met before telling you he has a top secret clearance and he's working on space weapons? Not too likely.