Originally posted by lincolnparadox
reply to post by smyleegrl
I agree with you, BUT...
When the police can't open a lock, they call a locksmith.
If the police/judge/DA wants to decrypt those files, they need to hire a computer forensics expert. It will cost, but they have a warrant. The burden of proof falls on the prosecution, as does the requirement to gather evidence.
Why is it so hard to crack RAR passwords?
The RAR archives are notorious for their strong encryption which proves to be resistant to brute-force searches, even when the passwords used are quite weak by modern standards. There are three reasons for this:
RAR relies on well-proven cryptographic algorithms;
Its initialization step is deliberately made very slow, so that the number of passwords one can test per second is quite low;
WinRAR and related tools don't not have any bugs or other security problems;
The last item might seem irrelevant at first, but consider the case with .ZIP files and WinZIP version 7 or earlier: if you got an encrypted archive with more than four files, programs like ElcomSoft's Advanced Archive Password Recovery can break your password for sure, no matter how strong it is. Therefore, you should never use WinZIP for any serious security. This is all because of a flaw in WinZIP's original implementation, which seems to be fixed in recent versions. In case of WinRAR, nobody has found a bug like this as of the time of this writing.
The second item is helped a lot by the first one. The RAR encryption routine requires a key initialization phase, which is intentionally made complex and requires a lot of number crunching. Because of the first item, it cannot be short-circuited: you cannot avoid doing all of the calculations. Indeed, the algorithms used in RAR (namely: the AES encryption algorithm and the SHA-1 hashing routine) are very well studied. Making some serious progress in item #2 would require a significant cryptographic discovery. Therefore, you can safely assume the security of RAR will not be broken soon.
Let's put some numbers. Assuming your cracking speed is stuck at let's say 100 passwords per second, it would take a long time to launch even a small dictionary attack (and a reasonable one can take hours). Testing all 5-chars alphanumeric passwords takes week and a half, testing all numbers up to a billion requires four months, and doing the ultimate search: all 8-chars passwords using any printable character would take about 210 million years! (Of course, this doesn't count the effects of Moore's law. Click here for an amusing applet that takes it into account.)
Originally posted by WP4YT
I don't get it. If they already found some illegal things on his other drive, why don't they just charge him on what they found rather than drag it out? Hmm, because prosecutors always want the hardest penalties possible. Doesn't matter they have enough now to lock him up for 20 years, they need to violate the constitution and risk their case in order to push for life in prison for him.
I'm not sure if they even need a password with what they're doing:
Originally posted by grey580
rar encryption is a different animal. And would still take some time with longer complex passwords.
There is still one technology preventing untrammeled government access to private digital data: strong encryption. Anyone—from terrorists and weapons dealers to corporations, financial institutions, and ordinary email senders—can use it to seal their messages, plans, photos, and documents in hardened data shells. For years, one of the hardest shells has been the Advanced Encryption Standard, one of several algorithms used by much of the world to encrypt data. Available in three different strengths—128 bits, 192 bits, and 256 bits—it’s incorporated in most commercial email programs and web browsers and is considered so strong that the NSA has even approved its use for top-secret US government communications. Most experts say that a so-called brute-force computer attack on the algorithm—trying one combination after another to unlock the encryption—would likely take longer than the age of the universe. For a 128-bit cipher, the number of trial-and-error attempts would be 340 undecillion (1036).
Breaking into those complex mathematical shells like the AES is one of the key reasons for the construction going on in Bluffdale....
The NSA’s machine was likely similar to the unclassified Jaguar, but it was much faster out of the gate, modified specifically for cryptanalysis and targeted against one or more specific algorithms, like the AES. In other words, they were moving from the research and development phase to actually attacking extremely difficult encryption systems. The code-breaking effort was up and running.
The breakthrough was enormous, says the former official, and soon afterward the agency pulled the shade down tight on the project, even within the intelligence community and Congress. “Only the chairman and vice chairman and the two staff directors of each intelligence committee were told about it,” he says. The reason? “They were thinking that this computing breakthrough was going to give them the ability to crack current public encryption.”
Originally posted by Wrabbit2000
Originally posted by maryhinge
reply to post by ownbestenemy
im not into child porn so i would have nothing to hide from the "govenment"
When they came for the Jews, I said nothing, for I was not Jewish.
When they came for the Roma, I said nothing, for I was not Roma.
When they came for the outcasts, I said nothing, for I was no outcast.
Now they come for me and there is no one left to say anything.
Things to consider.
Originally posted by nesba263
Google "TrueCrypt + plausable deniability" and your problem is solved. This guy is a techno noob, and thus suffers the consequences.
Originally posted by maryhinge
reply to post by SaturnFX
like i have already said i have no child porn on my pc and dont go on black internet to download this kind of #e
so i have nothing to hide
also i didnt know it was ATS that wanted to decrypt his files
GET A GRIP thou do protest to much