1. Home >
  2. Internet & Security

Full disk encryption is too good, says US intelligence agency

You might be shocked to learn this, but when a quivering-lipped Chloe from 24 cracks the encryption on a terrorist's hard drive in 30 seconds, the TV show is faking it.
By Sebastian Anthony
The Matrix

You might be shocked to learn this, but when a quivering-lipped Chloe from 24 cracks the encryption on a terrorist's hard drive in 30 seconds, the TV show is faking it. "So what? It's just a TV show." Well, yes, but it turns out that real federal intelligence agencies, like the FBI, CIA, and NSA, also have a problem cracking encrypted hard disks -- and according to a new research paper, this is a serious risk to national security.

The study, titled "The growing impact of full disk encryption on digital forensics," illustrates the difficulty that CSI teams have in obtaining enough digital data to build a solid case against criminals. According to the researchers, one of which is a member of US-CERT(Opens in a new window) -- the US government's primary defense against internet and digital threats -- there are three main problems with full disk encryption (FDE): First, evidence-gathering goons can turn off a computer (for transportation) without realizing it's encrypted, and thus can't get back at the data (unless the arrestee gives up his password, which he doesn't have to do); second, if the analysis team doesn't know that the disk is encrypted, it can waste hours trying to read something that's ultimately unreadable; and finally, in the case of hardware-level disk encryption(Opens in a new window), tampering with the device can trigger self-destruction of the data.

The paper does go on to suggest some ways to ameliorate these issues, though: Better awareness at the evidence-gathering stage would help, but it also suggests "on-scene forensic acquisition" of data, which involves ripping unencrypted data from volatile, live memory (with the cryogenic RAM freezing technique(Opens in a new window), presumably). Ultimately, though, the researchers aren't hopeful: "Research is needed to develop new techniques and technology for breaking or bypassing full disk encryption," concludes the paper.

It's a tough situation: On the one hand, being able to crack full disk encryption is vital for the prosecution of white-collar criminals, child porn ringleaders, pharmaceutical spam barons, and the curtailment of terrorism -- but on the other, it's quite satisfying to know that, perhaps at long last, we have a way of escaping the ireful eye of Big Brother. Where do you stand on FDE?

Read more at ScienceDirect(Opens in a new window)

Tagged In

Surfing Security Feds Hacking Full Disk Encryption

More from Internet & Security

Three examples of deepfakes created by VASA-1.
Microsoft Swears VASA-1 Deepfake Tool Isn't for Creating Deepfakes
By Adrianna Nine
Examples of posts with Meta's "Made with AI" label on them.
Meta Will Begin Labeling AI-Generated Content. Is It Enough to Combat Misinformation?
By Adrianna Nine
Close-up of the YouTube listing in the iPadOS App Store.
YouTube Cracks Down on Third-Party Media Players That Block Ads
By Adrianna Nine
Someone typing on a computer keyboard.
US Cybersecurity Agency Will Review Malware Samples Sent by the Public
By Adrianna Nine
Twitter fire
Twitter Tries, Fails, to Swap its URLs for X.com
By Ryan Whitwam
Subscribe Today to get the latest ExtremeTech news delivered right to your inbox.
This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of use(Opens in a new window) and Privacy Policy. You may unsubscribe from the newsletter at any time.
Thanks for Signing Up