Security Basics mailing list archives
Re: Judge orders defendant to decrypt PGP-protected laptop - CNET News
From: "M.P." <mike () technomonk com>
Date: Thu, 02 Apr 2009 23:52:45 +0100
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 aragonx () dcsnow com wrote:
I'm not familiar with PGP...does it provide for Plausible Deniability?It does not.What True Crypt needs is a kill phrase. You give someone that phrase (or type it in yourself) and it just starts a military format or adds another layer of encryption with a randomly generated pass phrase. Or would that not work?
Normal forensics techniques would get around that by just imaging the system and using a clean copy for each attempt. I'm not sure how it would work in the presence of a TPM though since I haven't seen any FDE that makes use of such a module yet. Guess would be it would hinder it at least a little if done right. If the system is logged in when its seized then there are a few DMA type techniques that can image the whole memory before the machine is turned off or there are the recent techniques of imaging RAM after a reboot, this can allow the recovery of passwords/phrases in some circumstances. Mike
--- Will Y.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAknVQb0ACgkQvhwPecbXDdwbbQCfUEB/XYxKI3I64KqLelbXp9OJ ARsAmwexL2RcCqiTFPY1pV1LoTH4N0N7 =Zze9 -----END PGP SIGNATURE----- ------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute No time or budget for traveling to a training course in this fiscal year? Check out the online information security courses available at InfoSec Institute. More than a boring "talking head", train in our virtual labs for a total hands-on training experience. Get the certs you need: CEH, CPT, CEPT, CISA, CISSP, CISM http://www.infosecinstitute.com/request_online_training.html ------------------------------------------------------------------------
Current thread:
- RE: Judge orders defendant to decrypt PGP-protected laptop - CNET News aragonx (Apr 02)
- Re: Judge orders defendant to decrypt PGP-protected laptop - CNET News Shreyas Zare (Apr 03)
- Re: Judge orders defendant to decrypt PGP-protected laptop - CNET News Aarón Mizrachi (Apr 03)
- Re: Judge orders defendant to decrypt PGP-protected laptop - CNET News M.P. (Apr 03)
- RE: Judge orders defendant to decrypt PGP-protected laptop - CNET News William Mohney (Apr 03)
- Re: Judge orders defendant to decrypt PGP-protected laptop - CNET News Craig S Wright (Apr 03)