in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Disk Encryption Software: Brazilian Mogul's External Hard Drive Encryption Is FBI Proof

The FBI was unable to break TrueCrypt encryption, according to the Brazilian police.  It's the saga of one Daniel Dantas, a Brazilian banker who was eventually arrested on charges of bribing a police officer.  He got ten years and a $5 million fine.  Who knows what would have happened if hard disk encryption like AlertBoot was not as effective at keeping secrets?

Distinguished Carrier

Before Dantas became an inmate, he was a banker and financier.  He had done post-graduate work at MIT, and eventually ended controlling a holding company with an estimated worth of $11.3 billion.  He also controlled several other businesses, including the largest cattle producer in Brazil.

As the robber barons from yonder years show, great successes generally tend to have great minds behind it, with practices that border on the criminal, especially in countries where corruption is a way of life.  In Dantas's case, it turns out to he made a run for the border, went over it, and never looked back.

The banker was originally arrested for money laundering, tax evasion, and embezzling public pension funds as part of Brazil's largest corruption case to date.  There were also accusations of "fraudulent management, debt evasion, [and] formation of gangs."

Why the innocuous-sounding (in comparison) charge of bribing a police officer?  The big stories hit the news in 2008, so I'm not able to find any sources that are not behind a paywall, but I'm assuming that it's a play straight from the Al Capone book: because no other charges will stick.  I mean, Capone eventually did time because of tax evasion:  all other charges were dropped.

Not Suggesting Encryption for Illegal Activities...But It Works

Perhaps the contents of five external hard drives that were protected with portable disk encryption software--found in a closet at Dantas's home--could have made the other charges stick.  Two of them made use of TrueCrypt while the other three were protected with PGP, competitors to AlertBoot.

The Brazilian federal police worked on cracking the encryption software for two and a half months without success (some reports claim it was five months).  At that point, the FBI was consulted.  The FBI worked on it for a year and called it quits.  Both the Brazilian feds and their American counterpart attacked the one weak link in encryption: the password.

Generally, the password tends to be the weakest link, even with the best encryption packages in the world, because people generally use a weak password.  Not so in this case, which is hardly surprising.  I mean, the guy did time as a MIT post-doc.

There is a Theoretical Limit to Cracking Encryption Algorithms

I've often remarked that, given enough time, any encryption software will fall: this is just common sense.  With encryption, that time is counted in centuries.  Well, at least it is when it comes to strong encryption, like AES.  (Incidentally, it was AES-256, which we use by default in our AlertBoot disk encryption software that Dantas used on his hard drives.)

However, I was presented with a factoid that puts the above observation on its head: theoretically, it possible for strong encryption to never be broken.  The reasoning goes like this: breaking computer encryption requires the use of another computer.  That computer requires energy to run its software.  There is a finite amount of energy in the universe.  Make the encryption key random and long enough, and at some point you hit that finite amount of energy.

Interesting, no?  Of course, you could save the energy in the universe and point a gun at some guy's head and encryption is "broken" when he spits out the password.  Of course, that kind of stuff is not going to happen to politically-connected billionaires who make the news.


Related Articles and Sites:
http://g1.globo.com/English/noticia/2010/06/not-even-fbi-can-de-crypt-files-daniel-dantas.html
http://yro.slashdot.org/comments.pl?sid=1699588&cid=32704358
http://www1.folha.uol.com.br/folha/brasil/ult96u447378.shtml
http://g1.globo.com/politica/noticia/2010/06/nem-fbi-consegue-decifrar-arquivos-de-daniel-dantas-diz-jornal.html
http://www.cipamericas.org/archives/1718
http://yro.slashdot.org/comments.pl?sid=1699588&cid=32704358

<Previous Next>

Drive Encryption Software: UK SMBs Find Data Security Least Important

Laptop Encryption Software Not Used On Stolen A4e Computer

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.