Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Use of Encryption Foiled the Cops a Record 9 Times In 2013

timothy posted about 3 months ago | from the achievement-unlocked dept.

Encryption 115

realized (2472730) writes "In nine cases in 2013, state police were unable to break the encryption used by criminal suspects they were investigating, according to an annual report on law enforcement eavesdropping released by the U.S. court system on Wednesday. That's more than twice as many cases as in 2012, when police said that they'd been stymied by crypto in four cases—and that was the first year they'd ever reported encryption preventing them from successfully surveilling a criminal suspect. Before then, the number stood at zero."

cancel ×

115 comments

Sorry! There are no comments related to the filter you selected.

First post! (4, Funny)

GameboyRMH (1153867) | about 3 months ago | (#47379463)

Rapelcgvba SGJ!

Re:First post! (-1)

Anonymous Coward | about 3 months ago | (#47379815)

try soylent news

Rot14 (1)

MouseR (3264) | about 3 months ago | (#47379471)

really confuses NSA.

I smell a rat. (5, Insightful)

Anonymous Coward | about 3 months ago | (#47379507)

There are obviously thousands of people using encryption because they have a legitimate reason to hide something, and criminals also have something to hide, so it stands to reason that they'd also use encryption.

So why aren't there more cases of encryption impeding an investigation? Possibilities:

1) Only stupid people (who don't use encryption) are caught - yeah, not with numbers /that/ low;

2) The numbers are being deliberately under-reported;

3) A lot of encryption is breakable or has backdoors;

4) Most people under investigation have software planted on computers or hardware keyloggers.

Re:I smell a rat. (5, Insightful)

JimFive (1064958) | about 3 months ago | (#47379627)

You forgot:

5) Most crimes leave evidence that is not on the criminal's computer.

Re:I smell a rat. (1)

Charliemopps (1157495) | about 3 months ago | (#47379729)

You forgot:

5) Most crimes leave evidence that is not on the criminal's computer.

or
6) The encrypted cellphone is thrown into the evidence bag and never looked at again because the arresting officer couldn't get it open.

I'd think it would be pretty rare that the police knew there was something encrypted that could help their case and just couldn't get to it. In most cases the encryption not only protects the data, it also hides its existence all together.

Re:I smell a rat. (4, Insightful)

roc97007 (608802) | about 3 months ago | (#47380237)

> 6) The encrypted cellphone is thrown into the evidence bag and never looked at again because the arresting officer couldn't get it open.

Beat me to it. I'd put it more generally as "the police were stymied by encryption 2,316 times last year, but only recognized the fact nine times".

Re:I smell a rat. (1)

FuzzNugget (2840687) | about 3 months ago | (#47380199)

Also: he's probably overestimating the number of people using disk encryption. "Obviously" is not good enough for these assertions.

Re:I smell a rat. (0)

Anonymous Coward | about 3 months ago | (#47382305)

5a) If a crime does not leave evidence that is not on the criminal's computer, and the police cannot defeat the encryption, then the police can't conclude that there was a crime in the first place, and therefore don't count this as an instance of being "foiled".

Re:I smell a rat. (5, Insightful)

rogoshen1 (2922505) | about 3 months ago | (#47379659)

that oblig xkcd comic about a heavy wrench defeating encryption is more likely.
"we'll drop the sentence to 1 year in prison if you give us the keys, or you can fight us, and we'll go for 25 to life."

(protip: the wrench can be a metaphor)

Re:I smell a rat. (1)

Anonymous Coward | about 3 months ago | (#47379811)

"Eat shit, motherfuckers. If you had me on charges with that kind of sentence potential, ya wouldn't NEED my keys. Wuddya, think I'm stupid?"

Re:I smell a rat. (0)

Anonymous Coward | about 3 months ago | (#47380431)

... and that's when they do. They have a lot more resources than you do. If you think cracking your disk is the key to prosecuting you, you're wrong. Your disk is the key to you pleading out by ratting out your conspirators.

"Informants" (read: bribery) (0)

Anonymous Coward | about 3 months ago | (#47381195)

Or just bribing actual criminals who you've never even seen before to rat you out, by granting reductions on hugely-inflated drug addiction sentences. The current prosecutorial regime could convict anyone of anything they wanted, with a 99.9% or better success rate. If you think being innocent will lead to a finding of "not guilty", you're sorely mistaken.

Re:"Informants" (read: bribery) (1)

MickLinux (579158) | about 3 months ago | (#47382601)

Which, if this chain of thought is correct, leads to the conclusion that in those 9 cases, either police were NOT corrupt (and so could be foiled) or were corrupt, and wanted to be foiled.

I'm not sure that the chain of thought is correct. In some areas --Illinois for example, I would expect it to be.

Re:I smell a rat. (4, Informative)

davydagger (2566757) | about 3 months ago | (#47379867)

that is somewhat bullshit.

9 times out of 10, someone trying to crack your encryption is not going to be someone who is able to use that amount of leverage. Most likely they are going to subversively copy your data, or

As far as I am concerned, I don't need my encryption to completely uncrackable. If all encryption does is provide tamper evidence, and doesn't allow undetectable snooping I am OK.

Also, ability to crack encryption in an investigation/forced to decrypt for trial, is not the same as undetectable mass survailence. If all encryption does is force cops to go back to needing warrants and subopeanas, and due proccess, I think its done its job quite well.

Re:I smell a rat. (3, Informative)

roc97007 (608802) | about 3 months ago | (#47380247)

> 9 times out of 10, someone trying to crack your encryption is not going to be someone who is able to use that amount of leverage.

It's not about having that kind of leverage. In an interrogation, a cop is not required to tell you the truth. Never forget that.

Re:I smell a rat. (3, Insightful)

nospam007 (722110) | about 3 months ago | (#47380347)

"It's not about having that kind of leverage. In an interrogation, a cop is not required to tell you the truth. Never forget that."

It doesn't matter what the cop says, YOU have to shut your mouth.
Don't talk to the police, ever!
It can only hurt you.

Re:I smell a rat. (-1)

Anonymous Coward | about 3 months ago | (#47380493)

> Don't talk to the police, ever!
> It can only hurt you.

Can we stop with the "ever" stuff already? It is rare, but there certainly ARE appropriate times to talk to the police. Say, for example, someone just raped your mom and is running "that-a-way". A cop arrives. You're not going to have a tête-à-tête with them?

Saying "never, ever" only makes you sound like a simpleton, and is treating your audience like a collection of imbeciles.

Re:I smell a rat. (0)

Anonymous Coward | about 3 months ago | (#47380783)

We went that-a-way and didnt see anyone. Are you telling the truth? Are you impeding a police investigation? Did you misdirect us on purpose because your in on it? Come down to the station with us and we can ask you some further questions....

Re:I smell a rat. (2)

CharlieG (34950) | about 3 months ago | (#47380857)

Well, How about (for real) a body was dumped in front of my house. They asked "Hey, we know that at 10:30ish this body was dumped in front of your house, did you happen to see the car?" (there were whiteness to the kidnapping a few miles away). Of course I told them what I knew "Nope officer, didn't hear/see a thing till I looked out the window and saw a bazillion flashing lights, sorry" "OK, Thanks"

Re:I smell a rat. (2)

SpzToid (869795) | about 3 months ago | (#47382327)

Here's the legal argument for not talking to the police: https://www.youtube.com/watch?... [youtube.com]

Re:I smell a rat. (2)

L4t3r4lu5 (1216702) | about 3 months ago | (#47382417)

This only applies for the US, where anything they say "... can be used against them..." Sworn testimony, or evidence given under caution or arrest, in the UK for example, can be used by both prosecution and defense.

Still, you're definitely supposed to talk to a legal representative prior to talking to Police in any jurisdiction.

Re:I smell a rat. (0)

Anonymous Coward | about 3 months ago | (#47379895)

If you can dodge a wrench, you can dodge jail time.

Re:I smell a rat. (-1)

Anonymous Coward | about 3 months ago | (#47381255)

okay, that shit was funny

Re:I smell a rat. (2)

AmiMoJo (196126) | about 3 months ago | (#47380217)

What is the punishment for refusing to hand over keys? In the UK it is only 2 years, so if you are accused of anything with a longer sentence or some other punishment like being on the sex offenders register you might as well take the two years. Also, "I forgot" is supposed to be a valid defence, unless they have evidence beyond reasonable doubt that you didn't forget, but I wouldn't rely on that.

Re:I smell a rat. (2)

roc97007 (608802) | about 3 months ago | (#47380253)

I think relying on "I forgot" is probably a good strategy if you have nothing to lose.

Re:I smell a rat. (1)

demonlapin (527802) | about 3 months ago | (#47381101)

They can't punish you for not revealing your keys. They can, however, throw the book at you on any charge they can prove.

Re:I smell a rat. (1)

s.petry (762400) | about 3 months ago | (#47381689)

The person you responded to said "UK", yes the laws are different there and last I heard you can be jailed in the UK for not unlocking what the cops tell you to unlock. Of course I don't live in the UK so that report I read may have been inaccurate or changed (but I don't believe so).

Re:I smell a rat. (1)

TheLink (130905) | about 3 months ago | (#47381957)

That's why the "bug" I submitted should be fixed: https://bugs.launchpad.net/ubu... [launchpad.net] ;)

Re: I smell a rat. (1)

John Howell (2861885) | about 3 months ago | (#47380869)

And that is why there is protection against compelled disclosure of keys. Can you prove someone hant forgotten a password? What if like true crypts double volume, they just gave cops the key to the volume with nothing on it? What if it needed a kefile that has now been deleted or changed?

Re:I smell a rat. (1)

TheLink (130905) | about 3 months ago | (#47381987)

But that's why this "vulnerability" should be fixed:
https://bugs.launchpad.net/ubu... [launchpad.net]

Imagine if by default if you don't uncheck a checkbox a popular distro has full disk encryption enabled and/or creates an encrypted container.

Then they can't use the "wrench" on everyone that happens to have that distro, because it really is very plausible that the person doesn't have the keys to the container.

As for the arguments against it - if you're in a country where they are still willing to use the "wrench" on someone who is likely to not have the keys, you're screwed already. In such countries if they're not happy with you, you're in big trouble whether you use crypto or not.

Re:I smell a rat. (4, Informative)

Shakrai (717556) | about 3 months ago | (#47379737)

There are obviously thousands of people using encryption because they have a legitimate reason to hide something

My hard drives are encrypted simply because my entire life is on them and I'd rather not have everything you need to steal my identity fall into the hands of whomever broke into my house and stole my PC. I take similar precautions with physical documents that could be used to the same end. My SSA card and Passport are kept in the Safe Deposit Box except when needed, other forms of ID are always kept on or near my person, so they're not apt to be stolen in a burglary.

I don't know or care if LUKS and Truecrypt are secure enough to resist access by a well resourced and competent government agency. They provide ample security for the threat vectors that I care about.

Most people under investigation have software planted on computers or hardware keyloggers.

This, along with other side channel attacks (social engineering, or even simply guessing the password, remembering that most people use easily guessable passwords) is the most likely explanation. If the United States Federal Government has ways of breaking modern ciphers they're not going to throw it away to secure mundane criminal convictions.

Re:I smell a rat. (2)

roc97007 (608802) | about 3 months ago | (#47380265)

I read somewhere of a type of safe called a "burn safe". If opened improperly, it destroys the contents. Apparently used for very sensitive physical documents.

Of course, you should probably have backups somewhere, probably in a different burn safe geographically distant.

Re:I smell a rat. (1)

swb (14022) | about 3 months ago | (#47380447)

Backups in a stainless steel cylinder welded shut dropped in 50 feet of water and the GPS coordinates memorized.

Re:I smell a rat. (3, Insightful)

L4t3r4lu5 (1216702) | about 3 months ago | (#47382455)

Your "burn safe" is vulnerable to denial of service. Say you lose the key, or the keypad is damaged; How do you get your documents? What if someone just hits it with a hammer until the system is activated, just to piss you off?

Re:I smell a rat. (1)

Anonymous Coward | about 3 months ago | (#47379797)

Nine times. [youtube.com]

Re:I smell a rat. (5, Insightful)

Anonymous Coward | about 3 months ago | (#47379877)

>
> have a legitimate reason to hide something
>

A person does not ever require a "legitimate reason" to use encryption. A person can transmit information in any way he may see fit or in any way he may simply desire without needing a reason or explanation.

If I want to strongly encrypt a cooking recipe that I email to my grandmother, then it is my business and my business alone.

The point is that criminal intent or any other intent cannot/should not be inferred solely from the act of encryption.

Re:I smell a rat. (1)

CBravo (35450) | about 3 months ago | (#47380147)

Any degree of privacy-requirement is enough for me to start using encryption.

Re:I smell a rat. (1)

dkf (304284) | about 3 months ago | (#47382089)

If I want to strongly encrypt a cooking recipe that I email to my grandmother, then it is my business and my business alone.

And your grandmother's business too, assuming you want actually communicate that cooking recipe to her.

Re:I smell a rat. (0)

Anonymous Coward | about 3 months ago | (#47379887)

5) Suspect was legally compelled to decrypt documents/device.

Re:I smell a rat. (1)

BradMajors (995624) | about 3 months ago | (#47380019)

5) People use encryption in an insecure manner.

Re:I smell a rat. (0)

Anonymous Coward | about 3 months ago | (#47380057)

5) Cops had actual evidence and didn't need to go on a fishing expedition

Re:I smell a rat. (1)

Anonymous Coward | about 3 months ago | (#47380187)

6) The cases were prosecuting other police, people of power or government entities the police didn't 'really' want to prosecute.

In that case, perhaps a simple ROT13 is enough 'encryption' the police cant break the hard drive and get the evidence.

Re:I smell a rat. (0)

Anonymous Coward | about 3 months ago | (#47380257)

Let's define "using encryption" as using stuff where a reasonably well-informed user believes it's decent, and they're exchanging keys correctly, etc. Forget casual use of HTTPS or the link between someone's phone and their cell tower, etc. Don't count those as "using encryption." Now:

There are obviously thousands of people using encryption [which they think probably works].. So why aren't there more cases of encryption impeding an investigation?

Maybe "obviously thousands" (or whatever the actual number is) is a drop in the bucket within the overall sphere of human endeavor. There are hundreds of millions of people in the US.

And even whenever anyone in this minority does happen to get investigated for some suspected crime, that doesn't mean their computer will be involved. No matter how good your crypto is, if you don't see the cop with the radar gun in time and slow down, no cop is going to be saying anything about "te encryption sure is making it hard" in relation to your speeding ticket. Similarly if your infraction is "driving while black" rather than speeding.

Beyond that: let's take a look solely at situations where someone actually is committing crimes, and where some evidence is encrypted. Why wouldn't cops be running into that problem? Because they're not investigating. Remember that most crimes go undetected and most crimes are never investigated. And if you're being sneaky enough to encrypt, then you're probably be sneaky in other ways too, so it's likely that no one is ever looking at your computer in the first place.

By the time they get a warrant to sieze your computer, they probably already have witnesses and other evidence too. "I saw him do that bad thing, and I bet his computer has evidence to corroborate my testimony!"

Re:I smell a rat. (1)

wooferhound (546132) | about 3 months ago | (#47380597)

But how many people did they investigate ?
10, 100, 1000, 10000, 100000ooooo..........

99.99% video camera. 0.01% go around it (1)

raymorris (2726007) | about 3 months ago | (#47381621)

I'd think at least 99.99% of cases don't involve the suspect using their computer at all. One of the most common crimes is using a stolen checkbook or credit card, in a brick-and-mortar store. Thefts might be solved by looking at the store's security video, etc.

In the rare case where you're interested in an encrypted file, you can normally go around it. For example, if you wanted to prove child porn, the cached thumbnails that most image viewers create work just fine. Someone sending instant messages encrypted? Fine, the message log on their device is plaintext. Rarely do you need to crack the crypto.

"Cat's outta the bag" on YOU, Mr. Advertiser (-1)

Anonymous Coward | about 3 months ago | (#47382681)

You've been "shot down in FLAMES" for it too - courtesy of "yours truly" & easily -> http://it.slashdot.org/comment... [slashdot.org]

(FINALLY, it took the TRUTH, about YOU no less, to get you to "ReAcT" in that link above)

Yes, & nothing works like it...

Especially since you can't VALIDLY disprove my FACTS on hosts files giving users more speed, security, reliability, & even anonymity by FAR, doing more with less, & giving users more than any SINGLE browser addon there is, along with shoring up DNS redirect security issues too (bonus)).

Fact is - You evaded that challenge from me to disprove my points on hosts ALL YEAR -> http://it.slashdot.org/comment... [slashdot.org] effetely & vainly downmodding my posts to "hide them" or to *try* to... that only motivated me MORE to do what I have now is all.

Additionally - This all explains why you avoided my challenge, to NO end, downmodding my posts too (yes, marketers ESPECIALLY use sockpuppets to mod themselves up, & opponents down)... now, I know why!

Lastly - Your technical errors also show you don't know SQUAT about computing (other than "webdouche" levels, & like Linus Torvalds who feels the same as I do? That is NOT programming - it's for WEAK WEASELS, like advertisers (like you)) -> http://it.slashdot.org/comment... [slashdot.org]

APK

P.S.=> Bottom-line: You're an advertiser - makes SENSE you'd *try* to put down hosts files & using what marketers use in "jump on the bandwagon" (everyone/nobody/noone words used) tactics too (that's what clued me into your nature actually) -> http://slashdot.org/comments.p... [slashdot.org] but the REAL TRUTH HERE is this: YOU FEAR HOSTS FILES BADLY since you can't do a damn thing about them via native browser methods which dump what addons users use in a a browser to test for them to nullify them (or ClarityRay, which is ineffective vs. hosts but is killing AdBlock for example)... You lose/fail, & see subject-line & thank-you: YOU ARE THE PROOF I HAVE BEEN WAITING FOR, for years... apk

Re:I smell a rat. (1)

Ash-Fox (726320) | about 3 months ago | (#47382493)

There are obviously thousands of people using encryption because they have a legitimate reason to hide something

Some also use it to prevent tampering.

So why aren't there more cases of encryption impeding an investigation?

Perhaps some of those people people whom use encryption properly are more law abiding.

The headline should really read: (2)

ledow (319597) | about 3 months ago | (#47379557)

"UK Government / celebrated top-notch British mathematicians create encryption that's still fit for purpose decades after their death."

An encryption scheme that can be cracked by teenagers, camels, mathematicians, governments, police, military or the guy down the road? Not an encryption scheme. Certainly not one for large-scale deployment in public security projects.

Works as intended. The fact that it may, unfortunately, be a tool used by miscreants as well as law-abiding citizens is an unfortunate side-effect, like hammers being useful for smashing windows AND doing carpentry.

Re:The headline should really read: (0)

Anonymous Coward | about 3 months ago | (#47379903)

'a tool used by miscreants' - yes sadly most often by the ones who believe they are the masters of the law-abiding citizens.

Re:The headline should really read: (0)

Anonymous Coward | about 3 months ago | (#47381919)

They don't even have to bother, they just say the hard drives crashed and were thrown away - then nothing happens.

Scare tactics (5, Insightful)

fustakrakich (1673220) | about 3 months ago | (#47379561)

Public opinion needs to be turned against anything (such as the bill of rights) that could hinder the authorities.

Re:Scare tactics (1)

wiredlogic (135348) | about 3 months ago | (#47381013)

That isn't necessary. The sheeple are already conned into believing that the bill of rights enumerates all rights of the people and the government has the power to regulate anything not on the list as well as some particulars of things that are listed.

I smell a rat got it right (0)

Anonymous Coward | about 3 months ago | (#47379569)

At least this message shows what investigators think about the average perp.

Before and After (0)

Anonymous Coward | about 3 months ago | (#47379581)

Really all that's changed is that they expanded the definition of 'criminal' a little more until it's now a thing.

Couple of years back for example they added "infants in their crib" and "elderly grandmothers whose homes you break into in the middle of the night" to the list of what qualifies a meathead as a perp!

I must be getting old (0, Insightful)

Anonymous Coward | about 3 months ago | (#47379609)

I just reviewed the last four days of Slashdot, and found only two articles that interested me enough to click through. I must be getting old. Or maybe Slashdot has changed.

Re: I must be getting old (1)

Teranolist (3658793) | about 3 months ago | (#47379673)

How about slashdot is getting old? or "modern" to stay on the dice roadmap

Re: I must be getting old (0)

Anonymous Coward | about 3 months ago | (#47380489)

DICE is certainly not 'modern'. More like I mis-read your post accidentally when I read 'modem' instead of 'modern'.
And they are quiet like the 14.4K "turbo highspeed" modem of the mid 90s. Something you might find was accidentally
left in the box when they packed up the things you bought at a garage sale.

Don't let DICE tell you what the market is. Ever.

Yay exponential growth! (2)

MRe_nl (306212) | about 3 months ago | (#47379613)

At this rate we should have full encryption in no time!

Re:Yay exponential growth! (1)

biodata (1981610) | about 3 months ago | (#47379707)

Is it really exponential growth? From 2011 to 2012, growth was infinity%, and between 2012 and 2013 it was only 125%. Growth seems to be slowing a lot.

Is GSM encryption? (0)

Anonymous Coward | about 3 months ago | (#47379715)

I'm wondering what they count as encryption: GSM, WEP, RC4, Cryptoloop, SSL are nowadays just scramblers not encryption.

OVER 200%! (1)

Anonymous Coward | about 3 months ago | (#47379621)

Just wait until someone tries to spin this as an increase of over 200%, and therefore is a great and looming threat that we need to crack down on.

Cops will have to strip to count to 21! (0)

Anonymous Coward | about 3 months ago | (#47379631)

Oh noes!

Criminal hippies (1)

skiminki (1546281) | about 3 months ago | (#47379635)

So, in 2013 there was a record 9 cases where criminals used FOSS?

Small problem? (0)

Anonymous Coward | about 3 months ago | (#47379645)

You will see the government prop encryption up as a boogeyman, but this is actually a very small problem for them.

Well, what happens when it's a bigger problem? Of course, they will outlaw encryption, except for "authorized use only".

xkcd (-1)

Anonymous Coward | about 3 months ago | (#47379647)

Obligatory xkcd: http://xkcd.com/538/

Re:xkcd (1)

Anonymous Coward | about 3 months ago | (#47380589)

It's not obligatory.

Correction...That you know of... (2)

KingOfBLASH (620432) | about 3 months ago | (#47379671)

Bollocks. The only difference between today and the past is that you can easily see an encrypted file, you can know it's encrypted, surmise it's probably got something juicy, and just be unable to break in.

It has the exact same effect as a lot of low tech stuff. For instance, memorizing a secret note than burning it would also leave no trail for law enforcement to follow. As would a secret conversation a thousand years ago you can't overhear because there was no listening devices around back then.

Therefore, I would suggest that actually finding encrypted files law enforcement cannot break into is actually an improvement.

Re:Correction...That you know of... (1)

Shakrai (717556) | about 3 months ago | (#47379777)

The only difference between today and the past is that you can easily see an encrypted file, you can know it's encrypted

Huh? Modern ciphertext is indistinguishable from random noise. Some implementations leave behind clues (i.e., Truecrypt containers are always divisible by 512 bytes), and of course the user can give it away ("KIDDIE PORN COLLECTION.TC" <--- Probably not the best naming scheme) but I'm not aware of any foolproof method to concretely identify an encrypted file as such with modern implementations.

Re:Correction...That you know of... (1)

fnj (64210) | about 3 months ago | (#47379853)

Er, if you find a file whose contents seem REALLY random, you can be pretty goddam certain that it's encrypted. Even binary files practically always contain valid strings in the header - database files, exes, mpegs, jpgs, etc, etc.

Re:Correction...That you know of... (1)

Shakrai (717556) | about 3 months ago | (#47379871)

"Pretty goddamn certain" != "beyond a reasonable doubt"

Can you tell the difference between 1,024 MB of /dev/random and 1,024 MB of Truecrypt container? I didn't think so....

Re:Correction...That you know of... (2)

geniice (1336589) | about 3 months ago | (#47379985)

No but I'm also going to be somewhat surprised if someone has a bunch of 1,024 MB blocks of /dev/random on their hard drive. Well I guess a few statisticians might.

In practice odds are I simply don't care. Most criminals leave far more evidence than the police actually need to get a conviction. If I can't open a file with one click I'm going to go back to looking at your bank statements for interesting payments.

Re:Correction...That you know of... (3, Funny)

wiredlogic (135348) | about 3 months ago | (#47381041)

I prime all my drives with GNU shred since its PRNG is faster than /dev/random and good enough for creating background noise. I've considered writing a program that exhibits statistical anomalies such as Benford's law [wikipedia.org] or randomized MPEG blocks for kicks. Or maybe even valid MPEG encoded noisy frames of Goatse zooming in repeatedly.

Re:Correction...That you know of... (0)

Anonymous Coward | about 3 months ago | (#47381665)

Yah, funny that. I always use large files of random data to test radio modems because it is incompressible. I have on occasion pitied the poor CIA/NSA/GCHQ capturing my tests and trying to decipher it.

Re:Correction...That you know of... (1)

KingOfBLASH (620432) | about 3 months ago | (#47380061)

If that was really true then why does this article exist?

It's clear something is encrypted because you have to have it clear the file system should not overwrite and the markers make it quite clear that it's not just random noise. Even more clear is if you open up a computer you know should be working but it asks for a password to decrypt the hard drive.

Re: Correction...That you know of... (1)

Jason Levine (196982) | about 3 months ago | (#47380311)

Modern ciphertext is indistinguishable from random noise.

This is a big reason why I think SETI-type programs are doomed to fail. If it would be hard to tell the difference between encrypted data and random data, how much harder would it be to tell the difference between an alien encryption scheme and random noise?

Re: Correction...That you know of... (2)

nospam007 (722110) | about 3 months ago | (#47380405)

"This is a big reason why I think SETI-type programs are doomed to fail. If it would be hard to tell the difference between encrypted data and random data, how much harder would it be to tell the difference between an alien encryption scheme and random noise?"

If aliens want to communicate with us, they won't use encryption. They'll make it as easy as possible. (The'y'll probaly send a .DBF :-)
Or we just watch their 'I love Lucy'.
SETI isn't trying to break encrypted files from Space Nazis.

They'd be stumped more often (4, Interesting)

l0ungeb0y (442022) | about 3 months ago | (#47379679)

But so far, the only criminals using encryption are the smart ones who take precautions not to even become suspects in the first place. And just because the authorities were stymied by encryption, or that the suspects used encryption does not mean that the suspects were actually guilty of any crime. Personally, I'd much rather a few crimes go unsolved than live in an authoritarian Police State.

Re:They'd be stumped more often (0)

Anonymous Coward | about 3 months ago | (#47380549)

As Chief Wiggum says:

I'd rather than 1000 criminals go free than chase after them

Re:They'd be stumped more often (1)

MickLinux (579158) | about 3 months ago | (#47382693)

Or, aleernatively... letting a few crimes go unsolved is part and parcel of an authoritarian police state.

Right now, we have on our 'unsolved docket' Lois Lerner, war crimes by US troops in Iraq, high treason by various top operatives violating their constitutional oaths and undermining the rule of law, thus aiding the enemies of the US, embezzlement by bankers who control the Fed, breach of fiduciary duty by BoA under the blackmail of Paulson that he would break the law... and now most recently high crimes by that French bank in criminal money laundering, in one is the biggest ever (9 billion) fine, but unfortunately, we can't find the criminal.

And that's just the US. I haven't hit one percent of the unsolved crimes yet.

Leaving a 'rule of law' nation sucks.

I'm waiting for "bait" files to hit the news (0)

Anonymous Coward | about 3 months ago | (#47379771)

How soon before we hear about a real arrestee who scattered his hard disk with encrypted files (all with different algorithms/passwords of course) and threw in some seemingly-incriminatingly-named files that were nothing but either raw random data or random data that was actually encrypted?

Think of it as a "tar pit" for the police.

Re:I'm waiting for "bait" files to hit the news (1)

geniice (1336589) | about 3 months ago | (#47379995)

Err quite a while. The reality is that with enough effort the police can probably get you convicted of something. There are a lot of laws and you don't know them all. The last thing you want to do is make them look more closely at you.

Out of how many? (1)

pjwhite (18503) | about 3 months ago | (#47379911)

The headline is meaningless without also including the number of cases actually involving encryption. Looking at the article, that number appears to be 41.

From the police report... (2)

MasterOfGoingFaster (922862) | about 3 months ago | (#47379967)

Status: Unable to prosecute due to lack of evidence.

Reason: Suspect used full-disk encryption. Unable to persuade suspect due to lack of wrench availability.

ItsATrap (3, Insightful)

mysidia (191772) | about 3 months ago | (#47380115)

With 90% confidence; I estimate this is a trap. Police can defeat encryption, no problem, usually by coercing the defendant. The reports by the police themselves are geared at getting tougher anti-privacy/anti-encryption legislation and giving bad guys a false sense of security. The feds could likely have broken the encryption, no problem, the issue at hand just wasn't important enough to reveal the capability. Pretending not to have the capability gives politicians better ammunition when improving state powers for legal surveillance, and for forcing the hands of software providers to secretly include specified backdoor tech.

when police said that they’d been stymied by crypto in four cases—and that was the first year they’d ever reported encryption preventing them from successfully surveilling a criminal suspect. Before then, the number stood at zero.

Re:ItsATrap (1)

matbury (3458347) | about 3 months ago | (#47380527)

No, it's a trap when Apple, Google, M$, et al tell users that their IM clients and email are secure, even though they have the encryption keys and readily hand them over to authorities without a warrant.

AFAIK, nobody has a way of breaking end-to-end encryption without compromising one of the surveillance victims' computers or somehow getting hold of the encryption keys.

Re:ItsATrap (1)

MickLinux (579158) | about 3 months ago | (#47382669)

It's doubly a trap when those same companies, which have multiple backup systems on the emails, suddenly cannot recover anything following a series of six separate 'hard drive crashes' on RAID-7 systems, so that the IRS' evidence can no longer prove criminal intent by leaders of the government.

Leaving a 'rule of law' nation sucks.

Re:ItsATrap (1)

AHuxley (892839) | about 3 months ago | (#47380557)

Yes, considering all the help fusion centers offered, tame banks, tame telcos, tame software developers, lack of peer review, the number of informants working on software projects, the number of informants working to find ways into software, tame AV vs keyloggers, tame telco software vs your keystrokes, sneak and peek letters.
Anything 'consumer' digital is a huge trap. From development, your input, encoding, transmission, decoding, display - so many layers and very tame access.
With sneak and peek letters why would the data recovered be kept in the country of origin: USA, Canada, UK could just swap the results found up to their respective security services and swap plain text back to each other - parallel construction.
No FIOA, nothing in the case file, no law reformers, no press, no legal teams to links to another country :)

900% Increase (0)

Anonymous Coward | about 3 months ago | (#47380189)

In other news, law enforcement tells Congress that the number of crimes that went unsolved or unprosecuted over the past two years because of widespread use of encryption increased 900%. Requests new powers and increased budgets to counter the unprecedented threat.

bad math (0)

Anonymous Coward | about 3 months ago | (#47380339)

good example of how not to report rates

friVst 4sot! (-1)

Anonymous Coward | about 3 months ago | (#47380361)

Visit your spare time fucking percent of and its long term and mortifying cycle; take a person. A5k your to this. For OpenBSD wanker Theo

I was going to ask ... (1)

Alain Williams (2972) | about 3 months ago | (#47380515)

what sort of encryption(s) were the cops unable to break - assuming that they were able to tell by looking at the files; failing that what were the ones that they succeeded in breaking? That might be useful as it would guide me in choosing which algorithms to use for encrypting my stuff.

Then is occurred to me that if the cops revealed it I must assume misinformation. They surely would not make their life difficult by telling me how to defeat them -- or would they answer the question honestly ? So: I could ever trust their answer -- is there any point in even asking them the question ?

Encryption in the hands of a layperson (1)

iamacat (583406) | about 3 months ago | (#47381003)

Is like a gun of an average NRA nut - totally useless for security, while advertising to the whole world that you want to get in trouble. These encrypted files on your hard drive have been transmitted over online services and shared with other people. It's far more convenient for police to get a warrant for online data and lean on those people than tinker with your computer. On the other hand, discovery of encrypted files that you are not willing to open is an excellent clue that getting these warrants and harassing your friends is a good use of police time.

Now, when it comes to passwords, your cipher might be 64 bit, but the space of words and phrases that an average person is able to remember is much smaller. Chances are, yours can be cracked with a map reduce task running on Amazon public cloud, for a small fraction of a budget DAs would allocate for a major case. If not, it's just back to harassing your friends and family. And it's not likely you personally are trained to withstand experienced interrogators and fitted with a dental filling cyanide capsule to swallow once you have reached your limit.

Most of those 9 cases probably came from lame police departments that just were not equipped/talented enough to do old fashioned honest investigate works. At the same time, thousands of criminals have evaded capture through old fashioned guile and ingenuity. If you want to evade authorities, for good or evil reasons, it's best to stick to simple things. An iPad hidden under a neighbors door rug is more likely to evade detection than an encrypted one in your house.

What software? (1)

manu0601 (2221348) | about 3 months ago | (#47381055)

Too bad they do not tell what are the resistant softwares.

Security Through Antiquity (1)

vomitology (2780489) | about 3 months ago | (#47381091)

I keep all my 'important' files in .JAR format on 5 1/4 floppies.

Security Through Antiquity (0)

Anonymous Coward | about 3 months ago | (#47381349)

What, both bytes of data?

Re: Security Through Antiquity (0)

Anonymous Coward | about 3 months ago | (#47382067)

I thought JAR format was the same as DOCX...

Get one now! (0)

Anonymous Coward | about 3 months ago | (#47381423)

Use decrypt stick 9000, works every time and can even help with memory recall.

will the real criminals plz stand up (0)

Anonymous Coward | about 3 months ago | (#47382447)

and can someone tell me which encryption software(s) work then? kk thx

rtfa, it's not as bad as it sounds (1)

tommyhj (944468) | about 3 months ago | (#47382661)

It's 9 uncrackable cases, out of 45 encryption-cases, out of 3500 surveillance cases. Sounds pretty good to me. Mostly they would probably get the info some other way, hence not needing to crack encryption.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?