"The default encryption standards on exported versions of Windows 2000 may have revealed confidential details about the movements of the al-Qaeda network.
Two computers bought by Wall Street Journal reporters from looters in Kabul after it was captured by the Northern Alliance turned out to have been lifted from al-Qaeda headquarters and still contained documents relating to the terrorist group's activities.
Of the thousands of files stored on the machines some of the more interesting documents, including a number that may relate to 'Shoe Bomber' Richard Reid, were encrypted using Windows 2000's standard 40-bit DES Encrypting File System.
Using a cluster of computers, the Wall Street Journal managed to crack the 40-bit encryption keys. But this took five days as the computers had to cycle through over a trillion different keys.
Had the software been bought after March of last year, or in the US itself, the keys would have been 128-bit by default and billions of times harder to crack."
From
http://www.vnunet.com/News/1128496
