Max Vision is the obvious first example. He used DriveCrypt an Israeli made commercial product that uses 1344 bit 'military grade' encryption. This was because in 2005 truecrypt was still in development infancy and not largely trusted.
He encrypted both his associate's laptop, and his huge raid array servers he kept in his safe house. The servers were powered on when he was busted, so getting the key was only a matter of time. His associate's laptop was never broken according to court documents because it was off, and Max had altered it to turn off hibernate mode, system restore, and other dangerous windows features that can compromise encryption.
Max was smart enough to have a clean disk which to hold the his FreeBSD/OpenBSD o/s (FDE) and then the dangerous evidence was all separate partitions FDE to prevent a rootkit bootloader attack or other side channel/whatever methods. But yeah.. pointless since his system was on and the key in memory when the USSS walked in.
Next up is Maksik legendary Ukranian criminal hacker. He used FDE, but the USSS was able to get at his laptop when he wasn't around, cloned the disc, and then installed a malicious rootkit/bootloader so the next time he booted the machine, it would send in clear text his master password to the feds who were across the hall in the hotel he was staying in. The rest of the passwords he gave up voluntarily in a Turkish prison... this is known as 'Rubber Hose Cryptography' meaning if you don't hand over your keys, sadistic cops simply torture you until you do.
The only method to avoid rubber hose crypto, or jail for not revealing your keys is to use the Truecrypt plausible deniability Making multiple hidden containers, so if under threat you simply open up the decoy containers.. there's no way to prove there's another container hidden inside. Picture yourself picked up by the Syrian police, and they find truecrypt in your bootloader.
http://www.youtube.com/watch?v=qjogd0P_
http://www.reddit.com/r/privacy/comment
| ← Previous day | (Calendar) | Next day → |