Lock Out the FBI for $200

  • Thread starter Thread starter BioCatholic
  • Start date Start date
Status
Not open for further replies.
B

BioCatholic

Guest
**The widespread belief that any database, hard drive or electronic device can be hacked was disproved when a man accused of having child pornography on his computer managed to keep federal authorities out of his hard drive for more than a year — for the price of an average cell phone.

That computer protection used by the suspect is easy to obtain, even common on most computers, and, according to security experts, is almost impossible to breach, even for the FBI.**

abcnews.go.com/Technology/LegalCenter/story?id=4264587&page=1

Pretty Good Privacy is what this article refers to, and was invented by Phil Zimmermann, who was charged with several Federal crimes relating to munitions export of encryption back in the 90’s.

Zimmerman is widely regarded for publishing the entire source code of PGP in a hardback book, and then distributing it under the right to free speech.

I bought PGP back in 2002, because I wanted good encryption, and I also wanted to support the author who really stuck it to the tyrannical Feds.

The FBI probably will never break the hard drive. Symmetrical and asymmetrical hashes with an MD5 digest of the password will take roughly 100 years with a 128 node, 512 processor supercomputer.

The feds are fighting a losing battle with encryption. RSA is now 2048 bits, rinjadel, Blowfish, twofish, RC4-RC6, SHA1-512, can all be used in combinations where it would take 10^30 years to break in most cases.
 
Excellent. I’m all our pals in Pakistan and thereabouts are ecstatic… :rolleyes:
 
From the article: “In the late '90s, there was a government initiative, in which the government required any encryption mechanism to save keys [or passwords] and give keys to the government,” Gligor said. “It failed.”

I trust the government about as far as I can throw it.
 
This doesn’t sound good. I don’t want child abusers to be able to hide porn on their computer. :eek:
 
manualman said:
Excellent. I’m all our pals in Pakistan and thereabouts are ecstatic… :rolleyes:
Click to expand...
deb1 said:
This doesn’t sound good. I don’t want child abusers to be able to hide porn on their computer. :eek:
Click to expand...
The fact that someone can use an invention for evil is no reason to deprive honest folk of it. I’m sure we could inconvenience child pornographers and our friends in Pakistan by banning computers altogether, but then there goes Catholic Answers as well.

If my memory serves when Zimmerman created PGP and other encryption tools came on the market the Justice Dept. ?] proposed that users be required to register their passwords with the gov’t, supposedly to be held in a secure database and only accessed with a court order.
Yeah, right.

In the current case the gov’t wants to force Boucher to reveal his password, claiming it is the same as a physical key which they would have a right to by getting a search warrant for the laptop. His lawyers, so far successfully, have argued that making him give up the password is forcing him to testify against himself.
 
I wrote my own username and password database software to keep track of my bank accounts, forum passwords ect. All i do is double click a list box item, and the username and password are sent to the webpage forms in the right format (Mozilla is really easy to do this).

All the fields of each database item are RC4 encrypted with a SHA512 hash digest of my password, and then the database file itself is encypted with an assymetric RSA 2048 bit key that has quite a bit of entropy when generated.

To decrypt the file in order to have the software parse the database correctly, it would take 1^12 years. Then, to find a Sha512 collision to match the digest with the password would take about 10,000 years or more.

One thing more, 10 incorrect password tries results in the software performing XOR encryption with a random primer number on the database file. The only weakness would be if a hacker knew how I kept track of the attempt count and could reverse it.

I thought about selling it as Shareware, but I didn’t want to deal with Federal regulations with all this. All I know is if someone steals my laptop or home PC, they wont ever, ever be able to get anything if they wanted to. Maybe if financial institutions used stronger encryption, there wouldn’t be so much identity theft.
 
Status
Not open for further replies.
Back
Top