http://www.newscientist.com/blogs/onepercent/2011/11/digital-csi-teams-foiled-by-fu.html By Paul Marks senior technology correspondent New Scientist 18 November 2011 Full-disc encryption is good at keeping your computer secure. So good, in fact, that it's got digital CSI teams tearing their hair out. Computer security engineers, including a member of the US Computer Emergency Response Team, are complaining in a research paper this week that crooked bankers, terrorists and child abusers may be getting away with crimes because it is proving impossible for digital investigators to unlock their encrypted hard drives. As New Scientist related in February, full-disc encryption is a major consumer security leap. It scrambles everything on a drive when you turn off your computer, time out or log out. But the flipside, of course, is consternation for some crime fighters. The authors of the paper say they face four major problems. First, forensics don't always realise FDE is running on an evidence-carrying computer and turn it off - so all is lost. Second, when officers copy a disc for analysis not realising it is FDE-encrypted, teams waste hours of valuable crime lab time trying to make sense of gobbledegook. Third, plugging in analysis hardware can trigger a trusted-hardware-only rule to encrypt everything. Fourth, some US suspects plead the fifth amendment and refuse to give their passphrases, while others lie and give the wrong one, claiming the FDE had failed or that they must have forgotten the passphrase. To cope with the FDE era, the US CERT-led team want improved scene-of-crime routines and better preparation of search warrants. Their conclusion is somewhat hopeless however: [...] _____________________________________________________ Subscribe to InfoSec News - www.infosecnews.org http://www.infosecnews.org/mailman/listinfo/isnReceived on Mon Nov 21 2011 - 01:48:41 PST
This archive was generated by hypermail 2.2.0 : Mon Nov 21 2011 - 01:55:13 PST