Self Encrypting Hard Drives

[cardine]

What'd be the defence for that?

"So you bought your hard drive 5 years ago, yet you've forgotten the password? Do you regularly forget it?"

if yes = I think most courts would find it hard to believe you format your hard drive every few months from forgetting the password.

if no = then you're either lying, or have a scrap of paper with it written down. Where's the piece of paper?

Circumstantial evidence is not enough to find somebody guilty in a criminal case.

 

[-joe-]

Circumstantial evidence is not enough to find somebody guilty in a criminal case.

It can be, if the circumstantial evidence is beyond a reasonable doubt, which in this case, I think it would be. What conclusions could you draw, other than one of these?

1. They're lying.
2. They have it written down/with a friend, but they're not telling you.
3. They format their hard drive they've had for (let's say) 5 years, every couple of months due to forgetting the password.

 

[cardine]

It can be, if the circumstantial evidence is beyond a reasonable doubt, which in this case, I think it would be. What conclusions could you draw, other than one of these?

1. They're lying.
2. They have it written down/with a friend, but they're not telling you.
3. They format their hard drive they've had for (let's say) 5 years, every couple of months due to forgetting the password.

I can give you many others.

1. They don't have their entire HD encrypted, they just have a virtual disk encrypted. They haven't decrypted that virtual disk in the last 2 years despite using the laptop daily. They've forgotten that password.

2. They have it written on a very small piece of paper. That small piece of paper is always located under their chair. Oh, it's not there? It was the police who raided that room, not me!

3. Only friend "X" knows and that friend is either dead or in China/Russia.

All of those might be unlikely but I do not think that it can be beyond a reasonable doubt.


And who uses the same HD for 5 years?

 

[(O_o)]

AES ftw

 

[-joe-]

I can give you many others.

1. They don't have their entire HD encrypted, they just have a virtual disk encrypted. They haven't decrypted that virtual disk in the last 2 years despite using the laptop daily. They've forgotten that password.

2. They have it written on a very small piece of paper. That small piece of paper is always located under their chair. Oh, it's not there? It was the police who raided that room, not me!

3. Only friend "X" knows and that friend is either dead or in China/Russia.

All of those might be unlikely but I do not think that it can be beyond a reasonable doubt.


And who uses the same HD for 5 years?

Fair enough, although 1 and 3 require pre-planning, so they need sorting in advance. (although 3 would be difficult, as you'd either have to kill your friend, or find one that lives in China/Russia, and never accepts anyone on Skype/AIM etc. Number 2, I agree, that'd require no pre-planning and would be plausible.

I think my HD's about 5.5 years old

 

[(O_o)]

http://www.cl.cam.ac.uk/~sps32/AES_in_the_blink_draft.pdf

Abstract—This paper is a short summary of a real world
AES key extraction performed on a military grade FPGA
marketed as 'virtually unbreakable' and 'highly secure'. We
demonstrated that it is possible to extract the AES key from
the Actel/Microsemi ProASIC3 chip in a time of 0.01 seconds
using a new side-channel analysis technique called Pipeline
Emission Analysis (PEA).

 

[DudeKnows]

To all of those thinking the gov would have a backdoor, you have to remember two simple things about the government.

1: The cool tech they get and build, they get because of university research for the most part. If the worlds universities can't break AES256, neither can the government. Think about that. It applies to a lot of government 'questions' like that. If the smartest professors and bodies of brilliant students can't touch something, neither can the government. If they COULD, the universities would figure it out as well.

2: If the government DID have back doors, they would NOT use them on people like us. Even if you were hoarding kiddie porn and shit like that, they wouldn't use the back door for you. Why? Records. If they used the back door to bust you, they blow it. They can't use it anymore. That means the manufacturer is fucked, the government is in trouble, the case may not stick, and everyone knows about the issue and thus gets rid of whatever it is that provides a back door. It would be a fucking PR DISASTER to use one in a court case.

The ONLY time they WOULD use a backdoor (if one were to exist) would be for black-bag type operations. The kind that the news never hears about, and a judge never oversees. If you are taken away in a head bag by armed mercenaries in them middle of the night and shipped off to some foreign secret CIA prison, THEN the backdoor might be used, because you won't ever have the chance to tell anyone about it.

So you REALLY REALLY have to piss off some powerful and secret people in order to worry about a backdoor.

So based on your statements youre saying that all the brightest minds work at universities? Come on man, you dont believe that shit, do you?

You should be talking more about how you learned to talk out your ass than that nonsense.