The FBI’s counterintelligence squad in South Florida was able to crack Glenn’s code, Parsons said. Glenn read up on the art of espionage and used an elaborate encryption system, TrueCrypt, with a decoy computer drive to distract investigators from another hidden drive that he protected with a complex 30-character password, army counterintelligence expert Gerald Parsons testified. He’s also being investigated for “sexually exploiting” Honduran minors.īut the nexus point for this stash of military documents was TrueCrypt. He has previously been expelled from a military base for committing benefits fraud and hacking into US databases for Iraqi businesses. Glenn, however, has both a troubled legal past and a hazy legal future. He also pointed out Glenn never tried to distribute the documents or attempted to use them for financial gain. He pointed to Glenn’s retention of a secretary’s hard drive that had no discernible value to anyone as evidence of Glenn’s “hoarding” habit. His lawyer had argued that Glenn was nothing more than a “technological hoarder” - someone who collects this sort of stuff just to be collecting it. The judge who sentenced Glenn to 10 years in prison asserted Glenn grabbed these documents out of a desire to “damage” the “security” of the United States. military plans and information regarding the Middle East. In January, he admitted he hacked into the base commander’s classified email account and copied thousands of messages and more than 350 attached documents, much of which dealt with U.S. employee working at a US military base in Honduras, apparently made off with documents considered to be “military secrets.” What is certain is that the FBI has been able to gain access to a TrueCrypt user’s account. Or maybe it had something to do with TrueCrypt’s sudden decision to halt development and declare the software “insecure.” Had the FBI managed to “break” TrueCrypt or was its lack of a reponse to this request a signal that it was talking to the people behind it? So, why all the secrecy? Perhaps it was just the agency’s default mode taking over. In this case, the FBI cited an FOIA exemption related to “trade secrets and commercial information,” which none of this was. When the FBI withholds documents, it often does so because the subject of the FOIA involves an ongoing investigation. In addition to the ridiculousness of much of the withheld information being easily-accessible online, there was the question about what this denial meant for TrueCrypt. When will quantum computing be available? Who knows, if we ever discover how to make that level of quantum computing actually work.A little over a month ago, we covered a FOIA response (if you could call it that…) from the FBI concerning TrueCrypt, in which it withheld all 69 pages of responsive documents. For instance, it would take trillions of years for the most powerful computer network attack setup to break RSA-2048 encryption, but it's projected that quantum computing might take less than a minute. It's interesting how technology will change these problems dynamically over time. But in the real world of breaking encryption, we are more frequently dealing with chip-based mobile devices that cannot be attacked as easily as say an encrypted ZIP file or a Bitlockered drive or partition - where we can hook up a network with Passware nodes on a dozen computers, using a variety of attacks including common custom dictionaries, defined brute force methods, and lists of used passwords scraped from various sources, including hack dumps. (and if it doesn't involve salting.) Probably not the best example for comparison since mobile forensics is a different beast than a simple encrypted container. 6 digit passcodes with only numbers on a simple container would likely only take a few minutes, depending on the processing power at hand. Irrelvant submissions will be pruned in an effort towards tidiness. Vote based on the quality of the content. Topics include digital forensics, incident response, malware analysis, and more. This subreddit is not limited to just the computers and encompasses all media that may also fall under digital forensics (e.g., cellphones, video, etc.). The field is the application of several information security principles and aims to provide for attribution and event reconstruction following forth from audit processes. A community dedicated towards the branch of forensic science encompassing the recovery and investigation of material found in digital devices, often in relation to computer crime.
0 Comments
Leave a Reply. |