Man imprisoned for not giving police password.

I read a good idea recently, make your password up, somehting simple then type the key to the right of it. So the 50 character password could be a normal phrase or sentence like "mypasswordismassive" etc etc but typing a character to the right gives ",u[sddeptfod,sddobr"

can be done relativly quickly too.
 
psd99 said:
but 50 characters......

PROBABLY didn't use a word in the dictionary either maybe in 20 years they might finally crack it.
Click to expand...

20 years? As if. If you have to resort to brute forcing a 50 character password, you're basically not going to manage it in a meaningful time frame. Even if you could try billions of passwords per second, it would still take trillions of years to try even a fraction of the possible combinations.
 
Building Candy said:
I read a good idea recently, make your password up, somehting simple then type the key to the right of it. So the 50 character password could be a normal phrase or sentence like "mypasswordismassive" etc etc but typing a character to the right gives ",u[sddeptfod,sddobr"

can be done relativly quickly too.
Click to expand...

You do realise that they are probably equally secure?
 
Considering the punishment for copyright violations is far greater than that for possessing child pornography, it's more likely he's got hard drives filled with movies, tv series and music. Probably some expensive software downloaded there too.
 
vonhelmet said:
20 years? As if. If you have to resort to brute forcing a 50 character password, you're basically not going to manage it in a meaningful time frame. Even if you could try billions of passwords per second, it would still take trillions of years to try even a fraction of the possible combinations.
Click to expand...

MAYBE in 20 years not definitely.

Good thread to raise awareness. How many of us have 50 character encrypted passwords? I bet most have names of people or places
 
psd99 said:
^^^^

Are you sure you are no expert? lol :)
I bet you have 1TB worth of rainbow tables on your hard drive. WPA2 must be a walk in the park for you lol
Click to expand...

lol no, no need for any rainbow tables as I have nothing I wish to crack :)

Just an interest I have, personal and through work.

vonhelmet said:
20 years? As if. If you have to resort to brute forcing a 50 character password, you're basically not going to manage it in a meaningful time frame. Even if you could try billions of passwords per second, it would still take trillions of years to try even a fraction of the possible combinations.
Click to expand...

This again :)

A 50 char password is a hell of a thing to brute force, esp if a large char set has been used.

Also a good point on encryption being used to provide protection of data for a suitible amount of time.

For instance if someone sends a command to soldiers in battle advising them to attack xyz, it could be argued that you only need that data protecting until the attack occurs. After then who cares if the enemy cracks the message, it's happened so they'll already know :)

This means a smaller key can be used, which makes it easier to handle by the people who will be encrypting and decrypting the messages. It'll aid key exchange, and save people say writing it down.

None of this is related to the original topic but thought it might be interesting to some as most people automatically think that encryption of data means that no unwanted people can decrypt it forever :)
 
Shadows1990 said:
I can't see why you wouldn't give away the password unless you've really got something to hide.
Click to expand...

What if it was pictures of him naked? Or his girlfriend? Why do you equate right to privacy with criminal activity?

He may well be a pedo, but this law is truly absurd.
 
so if you use a 50 char password for encryption are you all saying it cant be broken...? is this kind of encryption available free on the interweb?

i actually don't have anything to hide, just interested.
 
gjrc said:
so if you use a 50 char password for encryption are you all saying it cant be broken...? is this kind of encryption available free on the interweb?

i actually don't have anything to hide, just interested.
Click to expand...

All encryption can be broken. However a timeframe of XX years is prohibitive and would mean that the cost to break the encryption outweighs the cost of what has been encrypted, so it isn't worth it.
 
gjrc said:
so if you use a 50 char password for encryption are you all saying it cant be broken...? is this kind of encryption available free on the interweb?

i actually don't have anything to hide, just interested.
Click to expand...

It almost certainly can't be broken in your lifetime. Google truecrypt for some very strong and versatile encryption, the presence of which is quite subtle, and which makes provision for plausible deniability and duress passwords.
 
vonhelmet said:
They're not really, as one is made of dictionary words so can be constructed from larger blocks. The other can only be constructed character by character.
Click to expand...

Yes, but your assuming that the attacker knows this and varies their attack accordingly. This isn't often the case.
 
is I forgot the password a defence?

do they then have to prove you know it?

what happens if you actually forget the password, maybe it was an old PC...

how can they ever prove anything will happen if a paticular password is entered, maybe its just a program that keeps asking for a password...

if I ship you an encrypted drive at random then call the police and tell them you have kid porn on it will you go to prison as you cannot tell them the password?
 
vonhelmet said:
No idea how they know how long his password is.

It's easy to remember a 50 character password. For example, there are bound to be songs out there that you know all the words to. Take the first letter of each word in the song. The resulting 50 character mess will make no sense, and won't appear in a dictionary, but will be easy for you to remember because you know how to "regenerate" it. Add in some numbers and letters, say simple 1337speak or some other substitution cipher, and you're done. Near unbreakable 50 character password.

Example:

wywhbclyiteyjlaaysmmcyflafiabwiwiwsysfsbiaciawwthaidhidbh

First letters of the words in the first verse and chorus of Creep by Radiohead. 57 character password, utter gibberish, easy to "remember". Add in some numbers and special characters and it gets even more solid. Once your hands learn to type it, you'll hardly even think about it. Sorted.
Click to expand...
Good idea, I never thought of that tbh...

Although, I would have thought it would still have taken a while each time to enter the password - he must be keeping something from them! :p
 
vonhelmet said:
I'd be curious to know what sort of evidence is needed for these sorts of things. If it was a physical building, you'd need sufficient proof of something to get a warrant. However, this RIPA stuff seems to give them power to demand a key without that sort of proof, and then give punishments as though a warrant was being refused. And if it is comparable to a warrant, is there are any restriction on what they can and can't look for?

The law seems much too loose and wide reaching.
Click to expand...

They'd already have to have provided sufficient proof to get a warrant in order to seize the computer in the first place. No point going through it again.
 
You must log in or register to reply here.
Back
Top Bottom