DOJ Cracks Suspect's Hard Drives, Quickly Drops Request To Force Him To Decrypt

from the staying-far-away-from-a-precedent dept

We've been covering the DOJ's case against Jeffrey Feldman, in which they were trying to force him to decrypt some hard drives he had in order to get evidence to be used against him. This is a tricky area of law, because some courts have said that the 5th Amendment protects against being forced to decrypt evidence that can be used against you, while others have gone the other way. In this case, judges went back and forth, and the fight was still being fought.

However, it appears the feds likely cracked Feldman's password for his hard drives, and wasted little time in asking the court to dismiss the application to compel Feldman to decrypt. Basically, they point out that they don't need it any more, because "the government has now successfully decrypted two of Feldman's hard drives," providing it with more than enough evidence to put him in jail for a long, long time. Of course, this undoubtedly makes the DOJ fairly happy, because the last thing it wants right now is a higher court precedent on the books saying that someone can't be compelled to decrypt such data. I'm sure another case will come along to take on this issue before too long, but for now, the government is able to just keep the decks clear of binding precedent.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: 5th amendment, doj, encryption, jeffrey feldman

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. identicon
    Anonymous Coward, 31 Aug 2013 @ 12:33am

    I remember hearing that the DOJ cracked the password to his boot encrypted operating system partition. From there they were able to view some of the history logs for his eMule application. Supposedly he was using eMule to download the child porn, because there we underage filenames depicting sexual acts and had their ages in the eMule application folder. It wasn't the actual files, just a log of his download history.

    All bootable OS encryption software I've seen requires a user generated password, before the operating system will boot. So chances are he used a weak password, short on length and with a low entropy.

    Perhaps he was using some propriety encryption software, such as Microsoft's Bitlocker OS encryption software. I'd wager he used a weak password though.

    Which ever agency broke his password, they probably profiled his online and work passwords for password patterns. Which can significantly increase a password guessing algorithm's success rate.

    This is why 'key stretching' is so important for passwords. Key stretching requires a password be hashed hundreds or thousands of times, before storing the final hash value as the key which performs encryption/decryption.

    So if someone tries to guess your password, and your password is stretched uses a 10,000 round PBKDF2 hashing algorithm. Then the cracker's computer will have to hash each guess, 10,000 times before being able to submit the 10,000th hash value for each single password guess. Which slows their guess rates way down.

    I go all out with dmcrypt/LUKS on GNU/Linux. After entering my boot password into LUKS, it takes over a minute to verify if the password is correct. I think it's well over 100,000 hash rounds before it can verify the password.

    Just because you're using key stretching, that doesn't mean long passwords with good entropy aren't still important. Key stretching simply complements strong passwords and slows down the rate of guessing attempts per second.

    Sadly, I haven't seen any options to increase key stretch hashing rounds in TrueCrypt. I'm sure it's possible to adjust, but may require a change to the source code and subsequent recompile.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Insider Shop - Show Your Support!

Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it

Email This

This feature is only available to registered users. Register or sign in to use it.