[IP] One Internet provider's view of FBI's CALEA wiretap push

Trei, Peter ptrei at rsasecurity.com
Fri Apr 23 07:43:14 PDT 2004


Tyler Durden wrote:

> 
> "I wonder how quickly one could incinerate a memory card in the field
> with high success rate?   Destroy the data and the passphrases don't
> help."
> 
> Well, what if there were 3 passwords:
> 
> 1) One for Fake data, for amatuers (very few of the MwG will 
> actually be 
> smart enough to look beyond this...that's why they have guns)
> 2)One for real data...this is what you're hiding
> 3) One for plausible real data, BUT when this one's used, it 
> also destroys 
> the real data as it opens the plausible real data.
> 
> Of course, some really really smart MwG (or the cool suits 
> standing behind 
> them) will be able to detect that data is being destroyed, 
> but statistically 
> speaking that will be much rarer.
> 
> -TD

Whats your threat model? If the prospective attacker
has state-level resources, this will always fail.

There are a number of guides online describing how 
attackers should deal with computer data. One
of the most basic is they *never* run the attackees
software on the original disk. Step one is always to
make a bit-level mirror of the entire hard drive, and
work with a copy of that. Step zero is to pull the power,
so any shutdown code does not run.

Any protective scheme which relies on the attacker
inadvertantly activating software is doomed from the
start.

If you're dealing with a state-level attacker, any
scheme involving explosives or incendiaries would get
the attackee in as much or more trouble than the
original data would.

This is a hard problem. I suspect any solution will
involve tamper-resistant hardware, which zeroizes
itself if not used in the expected mode.

Peter Trei





More information about the cypherpunks-legacy mailing list