I can't believe that came from your mouth!
Posts tagged encryption
Court Compels Hard Disk Decryption
Jan 26th
In the first case of its kind, a woman has been ordered by a court to decrypt her hard drive so that prosecutors can use the decrypted files against her in court. She tried to plead the fifth amendment and not turn over the files, but was somehow overruled. This is different from border crossing cases where customs officials have compelled decryption for use in searches- since the laptop is treated like a “container file” and the container is not actually on US territory.
From Wired here by way of Ed at RightRant:
A judge on Monday ordered a Colorado woman to decrypt her laptop computer so prosecutors can use the files against her in a criminal case.
The defendant, accused of bank fraud, had unsuccessfully argued that being forced to do so violates the Fifth Amendment’s protection against compelled self-incrimination.
The authorities seized the laptop from defendant Ramona Fricosu in 2010 with a court warrant while investigating financial fraud.
The case is being closely watched (.pdf) by civil rights groups, as the issue has never been squarely weighed in on by the Supreme Court.
They have the data on that drive already. But if you have to verbally disclose a password to decrypt, how is that not self incrimination? I am usually on the law enforcement side of things when it comes to cyber evidence, but in this case, the accused has solid rights. They can take property under due process, but they cannot compel you to speak a single word against yourself, and that includes a password. It will be interesting to see what happens with this case. What she should have said is she uploaded all of the files to MegaUpload.
Like This Post? Rate it and tell your friends! Click the Share button below.
(1 votes, average: 6.00 out of 6)
Loading ...Cracking the Code in the US CyberCommand’s Logo
Jul 8th
The logo was front and center on Drudge today and several people have been interested in the Hexadecimal code that rings the logo. It didn’t take long for Panda Labs to crack the code:
From PandaLabs here:
The characters around the seal appear to be an MD5 hash value of 9EC4C12949A4F31474F299058CE2B22A
So, what does this hash value represent? Many have suggested that it is the following QR code (below), which translates to “Poder Cibernetico”. (Latin for Cyber Power)
Instead, if we take the CYBERCOM mission statement and calculate the MD5 hash value for the text, we arrive at the same hash on the seal.
CYBERCOM Mission Statement: “USCYBERCOM plans, coordinates, integrates, synchronizes, and conducts activities to: direct the operations and defense of specified Department of Defense information networks and; prepare to, and when directed, conduct full-spectrum military cyberspace operations in order to enable actions in all domains, ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries.”
Aww, clever, yet boring. You gotta be awfully proud of a mission statement to hash it and use it in your seal.
Like This Post? Rate it and tell your friends! Click the Share button below.
(1 votes, average: 6.00 out of 6) Loading ...GSM Encryption for Cellphones Cracked
Dec 31st
An encryption expert demonstrated the ease of cracking the GSM algorithm at the Chaos Communication Congress in Berlin. This means that anyone can now intercept your cellular signals and decrypt them.
From the Financialtimes here:
Computer hackers this week said they had cracked and published the secret code that protects 80 per cent of the world’s mobile phones. The move will leave more than 3bn people vulnerable to having their calls intercepted, and could force mobile phone operators into a costly upgrade of their networks.
Karsten Nohl, a German encryption expert, said he had organised the hack to demonstrate the weaknesses of the security measures protecting the global system for mobile communication (GSM) and to push mobile operators to improve their systems.
“This vulnerability should have been fixed 15 years ago. People should now try it out at home and see how vulnerable their calls are.”
The GSM Association, the industry body for mobile phone operators, which devised the A5/1 encryption algorithm 21 years ago, said they were monitoring the situation closely.
3G wireless algorithms are encrypted differently and are not vulnerable to the hack.
Like This Post? Rate it and tell your friends! Click the Share button below.
(No Ratings Yet. Rate It!) Loading ...British Government Screws Half of British Citizens
Nov 21st
At least the half that gets welfare checks for having children.
Two disks, put in the snail mail system, mailed from the Tax department to the audit agency, never arrived. Why this data couldn’t be transferred electronically in encrypted form is anyone’s guess.
From the AP here:
Two computer disks bearing addresses, bank account numbers and other details of about 25 million people — almost half the British population — were popped into internal government mail and never arrived.
The government says there is no sign the data has fallen into criminal hands.
The disks disappeared while being sent by internal mail from the tax and customs department to the government’s audit agency. They contained names, addresses, birthdates, national insurance numbers and, in some cases, banking details for 25 million adults and children.
Treasury chief Alistair Darling said the disks held information on the 7.25 million families in Britain claiming a child benefit — a tax-free monthly payment available to everyone with children.
The disks were password protected, but the information on them was not encrypted.
I’m taking a guess that they are talking about DVD or CDRom discs here. How the hell do you password-protect a DVD but not encrypt it? I didn’t think that CDRoms could be password protected either, and if its not encrypted, nothing will prevent a sector by sector recovery of the data.
Like This Post? Rate it and tell your friends! Click the Share button below.
(No Ratings Yet. Rate It!) Loading ...
