Jump to content

FBI Hackers Fail to Crack TrueCrypt


Monroe

Recommended Posts

Sounds like an ad for the company but I place it here just for reading and maybe discussion. Today at the Giveaway of the Day site ... they have an encryption software program ... in the many comments so far, someone posted about a Brazilian banker's hard drives being very secure from hacking. I had never read this story ... this is old news from 2010 ... I wonder if they were ever able to get into the hard drives?

"For years now TrueCrypt has been providing free encryption. But don’t be mistaken. Its not the average encryption that it provides. It provides the encryption of the highest degree.

Check out this excerpt from the Wikipedia page:

In July 2008, several TrueCrypt-secured hard drives were seized from Brazilian banker Daniel Dantas, who was suspected of financial crimes. The Brazilian National Institute of Criminology (INC) tried unsuccessfully for five months to obtain access to his files on the TrueCrypt-protected disks. They enlisted the help of the FBI, who used dictionary attacks against Dantas’ disks for over 12 months, but were still unable to decrypt them."

-----------------------

FBI Hackers Fail to Crack TrueCrypt

http://news.techworld.com/security/3228701/fbi-hackers-fail-to-crack-truecrypt/

The FBI has admitted defeat in attempts to break the open source encryption used to secure hard drives seized by Brazilian police during a 2008 investigation.

The Bureau had been called in by the Brazilian authorities after the country's own National Institute of Criminology (INC) had been unable to crack the passphrases used to secure the drives by suspect banker, Daniel Dantas.

Brazilian reports state that two programs were used to encrypt the drives, one of which was the popular and widely-used free open source program TrueCrypt. Experts in both countries apparently spent months trying to discover the passphrases using a dictionary attack, a technique that involves trying out large numbers of possible character combinations until the correct sequence is found.

-------------------------

Brazilian banker's crypto baffles FBI ... 18 months of failure

28 June 2010

http://www.theregister.co.uk/2010/06/28/brazil_banker_crypto_lock_out/

Cryptographic locks guarding the secret files of a Brazilian banker suspected of financial crimes have defeated law enforcement officials.

Brazilian police seized five hard drives when they raided the Rio apartment of banker Daniel Dantas as part of Operation Satyagraha in July 2008. But subsequent efforts to decrypt files held on the hardware using a variety of dictionary-based attacks failed even after the South Americans called in the assistance of the FBI.

The files were encrypted using Truecrypt and an unnamed algorithm, reportedly based on the 256-bit AES standard. In the UK, Dantas would be compelled to reveal his passphrase under threat of imprisonment, but no such law exists in Brazil.

The Brazilian National Institute of Criminology (INC) tried for five months to obtain access to the encrypted data without success before turning over the job to code-breakers at the FBI in early 2009. US computer specialists also drew a blank even after 12 months of efforts to crack the code, Brazil's Globo newspaper reports.

The case is an illustration of how care in choosing secure (hard-to-guess) passwords and applying encryption techniques to avoid leaving file fragments that could aid code breakers are more important in maintaining security than the algorithm a code maker chooses. In other cases, law enforcement officials have defeated suspects' use of encryption because of weak cryptographic trade craft or poor passwords, rather than inherent flaws in encryption packages.

...

Edited by monroe
Link to comment
Share on other sites


Well, besides being "old news", if I were the FBI and I was actually capable of breaking the truecrypt encryption, I would never admit it.

JFYI, some recent possible "enhancements":

http://reboot.pro/topic/19690-truecrypt-patched-for-supporting-arbitrary-offsets/

and, if you change the three letter agency name, remember the XKCD's approach to the problem :whistle::

http://xkcd.com/538/

jaclaz

Link to comment
Share on other sites

and, if you change the three letter agency name, remember the XKCD's approach to the problem :whistle::

http://xkcd.com/538/

jaclaz

Joking aside in the US if you were caught you would be protected under the 5th amendment. http://goo.gl/bfV605 . Yet again it is not always the case. http://en.wikipedia.org/wiki/Key_disclosure_law#United_States

Edited by Flasche
Link to comment
Share on other sites

Joking aside in the US if you were caught you would be protected under the 5th amendment. http://goo.gl/bfV605 . Yet again it is not always the case. http://en.wikipedia.org/wiki/Key_disclosure_law#United_States

No.

That is theory, practice is different.

In the US (like everywhere else BTW) it greatly depends on the actual name of the three letter agency and n how much they want to know from you.

Look up what an extraordinary rendition is:

http://en.wikipedia.org/wiki/Extraordinary_rendition

If "they" are after you, "they" will get you (and get whatever information you may have from you, one way or the other).

Usual comment:

...but, but .... that is illegal !

Sure it is, and you can sue them (afterwards) IF you manage to get back :whistle:

jaclaz

Link to comment
Share on other sites

If this 3 letter agency happens to be the c** then you are doomed. http://www.telegraph.co.uk/news/worldnews/northamerica/usa/9710121/Scientist-Frank-Olson-was-drugged-with-LSD-and-murdered-by-CIA.html , http://en.wikipedia.org/wiki/Project_MKUltra .

here's a fun little conspiracy video that involves the c** darkest secrets with the Polybius arcade.

Link to comment
Share on other sites

It is obvious the law has to change, but sadly, their are too many people out their who can't control their fluids, because it is a natural thing to become dependent on the government, and work till you drop, paying from paycheck to paycheck. A glorious way to solve the job situation in an soylent green economy, create fictionalized problems, that only affect a few people, if you pushed in their face, via the news, town hall meetings, and uholy, pro benefits. Hurray the world is saved.

I 100%, disagree money crimes, even if they are federally insured, because money is something that is real. You can own fools gold, but can never fool gold itself. Those bankers probably figured it out already, either way the law is messed up, who can complain.

Edited by ROTS
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...