[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
More on Secure Drive/hacking case
I learned a few more details about this case. First of all, it's in Canada,
so U.S. precedent will not be set. The suspect had been hacking, using
several accounts. He requested Secure Drive using one of them, and the
people investigating the hacking had the system programmed to record all
keystrokes through this account. They intercepted a copy of Secure Drive
as he was downloading it, but at that time they hadn't found him yet.
Imagine their frustration, watching the as-yet-unknown hacker acquire a
program which will make him very difficult to prosecute.
The hacker also had PGP and some files, and they are looking through the
files to see if they can find the key. They said the suspect seemed
"particularly glib" about the Secure Drive protection.
They are going to attempt to break Secure Drive. He asked me to write
a program which will take a list of passphrases and test them quickly
to run a passphrase attack. I had a few qualms about writing a program
to crack someone's data, but I don't think it really matters. Unless
the hacker chose a very lame key, they don't have a prayer in hell.