Sony PCGA-BP71 Battery www.all-laptopbattery.com |
Posted: November 18, 2017 |
It is, of course, entirely possible the FBI or some other agency was able to extract the password from Glenn while interrogating him – the man changed his plea to guilty halfway through the case, and may have sung like a canary. Or perhaps his computer systems were bugged, revealing his encryption key. You can read his plea bargaining here [PDF].The prosecution's wording has bothered the rabble of infosec nerds and security researchers on Twitter, who have been sensitive to any mention of TrueCrypt since the project's shocking shutdown. The community is largely skeptical of Parsons' claims.Ross Anderson, a professor of security engineering at the University of Cambridge's Computer Laboratory, told The Register he had assumed the TrueCrypt shutdown was a warrant canary of some kind, but that is by no means certain. Meaning, it may have been a signal that the project had been compromised and was forbidden from explicitly warning people to this fact.Some do fear that an intelligence agency had, in some way, been responsible for the discontinuation of what was previously a premiere tool to protect privacy. TrueCrypt was used by all sorts of people, from petty criminals to whistleblowers and journalists to technologically sophisticated, if repressive, regimes. EE has recalled thousands of Power Bar phone chargers just days after a woman ended up in hospital when one of the devices exploded, causing injury to her hands and damage to the victim's property.The UK's biggest mobile operator said it was aware of a small number of incidents where the power pack had overheated, posing a fire safety risk.It has also suspended its Power Bar swap service until the recall has been completed and the portable batteries have been restocked with a fresh batch.Dodgy devices relate to batch E1-06, EE said. Customers can find out if they have one of the affected Power Bars by searching for the model name on the side of the charger.The company advised customers to stop using the device and to return it to a local EE store. It said:Power Bars from any other batch aren't affected by this recall.It's our intention to replace these chargers once we've completed our investigations; we'll be in touch once these have been concluded. We're really sorry for any inconvenience this may cause.EE claimed that the issue was isolated and added that it wasn't seeing any issues of overheating with other batches and they meet all safety standards.Late last month, 26-year-old medical student Katy Emslie revealed that an EE Power Bar that had been charging in her laptop while she slept exploded and shot across the room, before landing under her bed causing a fire. She burned her hands trying to put the fire out and was treated at A&E, including plastic surgery, for five hours following the ordeal.Talking to The Register, Kenn White, cofounder and co-director of the Open Crypto Audit Project – responsible for picking apart TrueCrypt's source code – said that it was important to remember when considering the testimony's diction that decrypt just means unlock, and should not be taken as prima facie evidence that the FBI had broken TrueCrypt's cryptography.Without access to the sealed exhibits in this case, it is difficult to understand what is meant by 'decryption,' White told us. Supplying a known password is decrypting. Is retrieving data from a running, open encrypted disk volume 'decrypting'? We don't know. Asked if it was too easy to overestimate the security provided by disk encryption in particular situations, such as when a volume is open on a running machine, White said: Very much so. He added:Even among technologists, this is a common misconception. An encrypted disk can either be inactive with the contents remaining confidential, or active and the data and credentials are in memory (and therefore able to be retrieved).The security guarantees that TrueCrypt provides *only* hold for unmounted data. Which is, crucially, the same guarantees made by Microsoft BitLocker, Apple FileVault, and Linux DM-Crypt).If an adversary can intercept keystrokes, access a mounted drive, or otherwise compromise a machine using disk or file encryption, very little can be done to protect that data.Professor Anderson noted that there is too little information provided from which to presume that TrueCrypt was broken: If the FBI or the Honduran police had a trojan installed on his PC during the lead-up to the bust, it would have snarfed the key, and it's also possible that he just used a weak key.As for Glenn's complex 30-character password, White told El Reg that a strong, complex password implies that it is unlikely that the authorities were able to blindly brute-force the password from a TrueCrypt volume. See Jeremi Gosney's (slightly dated) recovery statistics using Brutalis, for example.
While detained ahead of his trial, Glenn made a phone call to his mother in which he asked her to relay a request to tell his housemate in Honduras to disconnect the black box with the blinking lights on top of the batteries.The prosecution states that this black box was the Synology storage device containing the TrueCrypt compartment with the stolen documents. It also alleges that the reason [he] tried to send a message to [the housemate] to disconnect the black box is because he wanted to prevent law enforcement from discovering what the Synology contained.My impression ... was that Glenn was attempting to force-dismount the drive, making forensic recovery of the encrypted data far more difficult, said White.Back in 2013, the FBI arrested Silk Road's Dread Pirate Roberts, legally known as Ross Ulbricht, in a public library in San Francisco. The Feds had patiently waited until he was already logged into his laptop, on which he was chatting to others as Dread Pirate Roberts – specifically to avoid the kind of situation Glenn may have been attempting to produce.The agents were able to grab the laptop, which was using whole-disk encryption, while it was still logged in, allowing them to siphon off information.In the case of the Silk Roads arrest, the FBI agents went to fairly elaborate lengths to distract Ulbricht and to ensure that his laptop remained running and did not go into sleep mode or require screen unlock, White told us. This would make forensic analysis much easier, both for memory and disk imaging and data recovery. We may never know what the FBI managed to do. One witness's testimony in the case remains withheld from public on national security grounds. Keeping the methodology a secret may quite well be a bluff to scare people from TrueCrypt and similar tools. Talking to The Register, Kenn White, cofounder and co-director of the Open Crypto Audit Project – responsible for picking apart TrueCrypt's source code – said that it was important to remember when considering the testimony's diction that decrypt just means unlock, and should not be taken as prima facie evidence that the FBI had broken TrueCrypt's cryptography.Without access to the sealed exhibits in this case, it is difficult to understand what is meant by 'decryption,' White told us. Supplying a known password is decrypting. Is retrieving data from a running, open encrypted disk volume 'decrypting'? We don't know.Asked if it was too easy to overestimate the security provided by disk encryption in particular situations, such as when a volume is open on a running machine, White said: Very much so. He added:Even among technologists, this is a common misconception. An encrypted disk can either be inactive with the contents remaining confidential, or active and the data and credentials are in memory (and therefore able to be retrieved).The security guarantees that TrueCrypt provides *only* hold for unmounted data. Which is, crucially, the same guarantees made by Microsoft BitLocker, Apple FileVault, and Linux DM-Crypt).
If an adversary can intercept keystrokes, access a mounted drive, or otherwise compromise a machine using disk or file encryption, very little can be done to protect that data.Professor Anderson noted that there is too little information provided from which to presume that TrueCrypt was broken: If the FBI or the Honduran police had a trojan installed on his PC during the lead-up to the bust, it would have snarfed the key, and it's also possible that he just used a weak key.As for Glenn's complex 30-character password, White told El Reg that a strong, complex password implies that it is unlikely that the authorities were able to blindly brute-force the password from a TrueCrypt volume. See Jeremi Gosney's (slightly dated) recovery statistics using Brutalis, for example. While detained ahead of his trial, Glenn made a phone call to his mother in which he asked her to relay a request to tell his housemate in Honduras to disconnect the black box with the blinking lights on top of the batteries.The prosecution states that this black box was the Synology storage device containing the TrueCrypt compartment with the stolen documents. It also alleges that the reason [he] tried to send a message to [the housemate] to disconnect the black box is because he wanted to prevent law enforcement from discovering what the Synology contained.My impression ... was that Glenn was attempting to force-dismount the drive, making forensic recovery of the encrypted data far more difficult, said White.Back in 2013, the FBI arrested Silk Road's Dread Pirate Roberts, legally known as Ross Ulbricht, in a public library in San Francisco. The Feds had patiently waited until he was already logged into his laptop, on which he was chatting to others as Dread Pirate Roberts – specifically to avoid the kind of situation Glenn may have been attempting to produce.The agents were able to grab the laptop, which was using whole-disk encryption, while it was still logged in, allowing them to siphon off information. In the case of the Silk Roads arrest, the FBI agents went to fairly elaborate lengths to distract Ulbricht and to ensure that his laptop remained running and did not go into sleep mode or require screen unlock, White told us. This would make forensic analysis much easier, both for memory and disk imaging and data recovery.We may never know what the FBI managed to do. One witness's testimony in the case remains withheld from public on national security grounds. Keeping the methodology a secret may quite well be a bluff to scare people from TrueCrypt and similar tools. A new take on a hackathon is being tried by the team behind more traditional geek gatherings such as Swedish Beers and Heroes of the Mobile Fringe. They are going to do it outdoors. Yes, outside. In fresh air.Hacklands combines key elements from hackathons (where software and hardware developers get together to make stuff with other interested parties), barcamps (where people organise their own discussion sessions or workshops) and a festival (with music (well, Kanye West), food, camping, glamping and a campfire).
|
|||||||||||||||||||||||||||||||||||||||||||
|