January 18th, 2002 11:28 PM
hmmm a hacker named wall street journal???
"The default encryption standards on exported versions of Windows 2000 may have revealed confidential details about the movements of the al-Qaeda network.
Two computers bought by Wall Street Journal reporters from looters in Kabul after it was captured by the Northern Alliance turned out to have been lifted from al-Qaeda headquarters and still contained documents relating to the terrorist group's activities.
Of the thousands of files stored on the machines some of the more interesting documents, including a number that may relate to 'Shoe Bomber' Richard Reid, were encrypted using Windows 2000's standard 40-bit DES Encrypting File System.
Using a cluster of computers, the Wall Street Journal managed to crack the 40-bit encryption keys. But this took five days as the computers had to cycle through over a trillion different keys.
Had the software been bought after March of last year, or in the US itself, the keys would have been 128-bit by default and billions of times harder to crack."
I used to be With IT. But then they changed what IT was. Now what I'm with isn't IT, and what's IT seems scary and weird." - Abe Simpson
January 18th, 2002 11:53 PM
And if all encryption were abolished,
it would be easier to spy on terrorists,
I came in to the world with nothing. I still have most of it.
January 19th, 2002 12:31 AM
side point: I read the original article and thought it was amusing that the journalist purchased the computers for $1.
Back the article -how many people did they bring into the crack the system -was it brute force or more refined -these points left out of the business man's paper.
I also wondered why the us govnt let 128 bit encryption be exported. My feeling is they have a trick to crack it.