Ticker

6/recent/ticker-posts

How does computer forensics catch a criminal when a criminal uses full disk encryption? All evidence is not available.

 


How does computer forensics catch a criminal when a criminal uses full disk encryption? All evidence is not available.





Well … that's what the criminal thought again 😈.

But there are many ways here 😎.

Law enforcement can collect logs and traffic from an ISP (and no, a VPN is not a security guarantee if law enforcement can get traffic analysis from the VPN host and link hackers' packets to the packet routes from the other side).


Sometimes a criminal is caught because he hits him with a basic infosec - like a guy using the drug site Silk Road who charged a computer server with a stolen credit card, but sent it to his home address. Whoops 😆.

Last week however, they closed a large ring for dirty children followed by a careful analysis of Bitcoin transactions. They catch a lot of crooks in that way - a whole field called "forensic accounting" - basically "Follow the money until the arrest warrant".

And if there is enough evidence, the police can obtain a black wallet for warranty (enter, install monitoring equipment to capture decryption entry phrase, either with a video viewing keyboard, or with a tap of audio that hears key presses on the keyboard (yes, various buttons have different visual sounds), or insert -hardware small shim recording.


Back in 1999, the FBI secretly installed a hardware keystroke logger that was smart enough to avoid needing a wiretap warrant for operation only when a computer modem could be used.

How can they do it?




Currently, using full disk encryption is not a guarantee of security if you have the latest Intel chip than Pentium4, because all subsequent Intel chipsets have Management Engine support firmware on them, and the ME code is known to leak like a smart security sieve and there may be no need to even enter the entrance to install hardware tape.


Yes, there is an entire web server hidden there - with access to your network connection.

And before you ask - AMD is no better than those things.

Hopefully you get the idea - full disk encryption will save your ass 😛 if your laptop goes astray. It will not save your ass 😝 if you use it while the FBI is following you.

Post a comment

0 Comments