MrSeb writes: "A new research paper, titled "The growing impact of full disk encryption on digital forensics," illustrates the difficulty that CSI teams have in obtaining enough digital data to build a solid case against criminals. According to the researchers, one of which is a member of US-CERT — the US government's primary defense against internet and digital threats — there are three main problems with full disk encryption (FDE): First, evidence-gathering goons can turn off the computer (for transportation) without realizing it's encrypted, and thus can't get back at the data (unless the arrestee gives up his password, which he doesn't have to do); second, if the analysis team doesn't know that the disk is encrypted, it can waste hours trying to read something that's ultimately unreadable; and finally, in the case of hardware-level disk encryption, tampering with the device can trigger self-destruction of the data. The paper does go on to suggest some ways to ameliorate these issues, but ultimately the researchers aren't hopeful: "Research is needed to develop new techniques and technology for breaking or bypassing full disk encryption.""
"Call immediately. Time is running out. We both need to do something
monstrous before we die."
-- Message from Ralph Steadman to Hunter Thompson