HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 35 guests and 1 member online
 
Advertisement

You are here: Home arrow Ethical Hacking Discussions and Related Certificationsarrow Cyber Warfarearrow Do you think they will get into the Harddrive
EH-Net
May 23, 2013, 11:56:45 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Do you think they will get into the Harddrive  (Read 3353 times)
0 Members and 1 Guest are viewing this topic.
Joshsevo
Sr. Member
****
Offline Offline

Posts: 278


View Profile
« on: November 22, 2010, 01:48:03 PM »
Found this story on MSN.

Found it intersting that the HD was highly encrypted.  Obviously it would be by someone of this skill level. 

But do think they (the US govt) will really be abel to get into the HD by breaking the encryption on it.

http://www.msnbc.msn.com/id/40306517/ns/us_news-security
Logged
Security+, Network+, C|EH, CHFI, CPT
sil
Hero Member
*****
Offline Offline

Posts: 549



View Profile WWW
« Reply #1 on: November 22, 2010, 02:12:52 PM »
You have to love media/gov marketing/hype/voodoo/FUD. In the article they state: "heavily encrypted" laptop ... Followed by: "containing a "massive quantity of stolen financial account data," How would they know there is a massive quantity of stolen anything unless 1) They decrypted it 2) They're using FUD

I use TrueCrypt and in the event I were to become arrested, I wouldn't disclose any information on how to decrypt anything. That is for my lawyer to sort out. I have ZERO to hide yet in this situation, the news report would be the same: "Hacker with encrypted laptop containing..." Containing what? How can they make statements like this. While I in no way am defending this guy, its deplorable that in this country, it's supposed to be "innocent until proven guilty."

As for decrypting data, applying a targeted bruteforce might yield them the password to decrypt it. Don't be fooled by the hype of cluebie news reporters. For example: If I create a 4096 bit RSA key for PGP to encrypt data, sure its beyond decryption. However, if my password is/was "scoobydoo", a bruteforce attack against that would decrypt it in minutes (if not seconds).

True story, take it with a grain of salt... "So a hacker gets arrested, in his possession are an OpenBSD laptop, and when questioned by the feds: 'Do you know Unix?', he responds sure I do, know it like the back of my hand..." On trial the hackers answer was explained/became:

Quote
DA to Special Agent: "And what did Mr. Smith tell you when asked of his Unix experience?"
SA on stand: "With a smirk he gleefully boasted how well he knew Unix"
DA to Special Agent: "Was there anything out of the ordinary on his laptop?"
SA on stand: "Very strong encryption programs..."

Very strong encryption programs... Never knew it would be illegal to have strong encryption programs (it isn't illegal by the way). This continued and after a whole shellacking of twisting and distorting things... An innocent man went to prison. That's a grain of salt for you. So when I make statements like: "I wouldn't give them squat" (passwords) its for a very valid reason. Rule of thumb: You have the right to remain silent... This isn't a crime, nor is withholding your password until you speak with your lawyer. If I were this guys attorney, I'd have a field day with the press who obviously convicted him without allowing him to stand trial
Logged
http://www.infiltrated.net/mgz/puppylecter.jpg
mallaigh
Jr. Member
**
Offline Offline

Posts: 65



View Profile
« Reply #2 on: November 23, 2010, 12:21:56 PM »
Quote
"If a guy from Malaysia can get into networks like this, you can imagine what the Chinese and Russians, the people with real capabilities, are able to do," said one former senior U.S. intelligence official, who monitored cyberthreats and asked for anonymity in order to speak candidly.

My favorite sentence of that whole article, because we all know you have to be from China or Russia to be a good hacker.   *facedesk*
Logged
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.062 seconds with 22 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.