Merry Christmas all — I will be out of pocket for the coming holidays — best to you and yours.

/mark hopkins

markhopkins@mindless.com

parallad studios

http://www.parallad.com

OSIS Project

Rizzn’s Wartime Factbook: http://factbook.diaryland.com/

The Best UAV: http://www.unmannedaircraft.com

CyberWar Update #4

Update as of December 23, 2001

Report Assembled by Mark Hopkins

<markhopkins@mindless.com>

of Parallad Studios OSIS Project

http://www.parallad.com

Things this report will concern itself with:

  a.. Operation Buccaneer

  b.. Magic Lantern Developments and Analysis

  c.. New Virus Developments: We have a new Christmas-time virus, the third email worm in three weeks. Read the details to protect yourself from attack.

  d.. Al Qa’ida/Microsoft Hack

    a.. The Story: Suspected member of the Al Qaeda terrorist network, Mohammad Afroze Abdul Razzak, claimed that Islamic militants infiltrated Microsoft and sabotaged the company’s Windows XP operating system, according to a source close to Indian police.

    b.. Analysis: How likely is this allegation to be true?  Many say not very.  Read for some interesting possible connections.

  e.. New Federal Encryption Standard

    a.. The Story:The U.S. Federal Government has finally decided to upgrade its DES standard to the newly created AES encryption standard, a long needed change.

    b.. Analysis: How effective is the new standard?  Is it all it’s cracked up to be?

Operation Buccaneer

The Story

The federal government concludes a yearlong investigation into software piracy, and in the past week, been involved in raids against WAREZ groups, including 90+ scene group senior members and leaders in US, Canada, Britain, Australia, Norway, 2 cracking groups in Poland.

The US Customs Service, along with the US Department of Justice, on Tuesday December 11th 2001, raided universities and high-tech businesses in 27 cities as part of an international crackdown on underground groups that actively trade in illicit copies of software and digital media. Dubbed “Operation Buccaneer,” the enforcement action occurred simultaneously in four other countries, where an additional 22 search warrants were issued, resulting in the arrests of nine people. None of the suspects in the United States have been arrested at

this point.

On Dec. 11, the DCIS, the Environmental Protection Agency’s Office of Inspector General and the FBI served 34 search warrants in the United States and Canada. The searches came at the culmination of a sting, known as “Operation Bandwidth,” in which an FBI office operated a fake warez site. More than 144,000 programs were uploaded to and downloaded from the site, said Alan Peters, supervisory special agent for the FBI’s Las Vegas office.

Confirmed insider information: four major EFnet servers are currently running in debug mode, which enables them to see ALL private traffic, like private chat, passwords sent to channel protection bots, messages, etc. and the information is being filtered and sent to the FBI, which requested this. Currently, a big EDU server, and .ORG server.

In the first overt action of a 15-month investigation of such organized groups of pirates, the Customs Service targeted the oldest and largest group, known as DrinkOrDie.

“We are targeting these groups that do it all the time,” Bell said. “If you are at your house one night and you want to get a free copy of some software, that’s not what we are talking about.”

Customs agents seized 129 computers in the 38 searches nationwide, Bell said. Among the data captured were Web sites with so much pirated media that it took 4,000 pages to list the titles. Another seized system had more than 5,000 movies, including the blockbuster Harry Potter and the Sorcerer’s Stone.

“The data was available to millions of people all over the world,” said Bell, who added that another 15 countries may take part in the action.

Members of the DrinkOrDie group included corporate executives, computer network administrators, and students at major US universities who regularly uploaded copy-protected software and digital media to be broken by other members of the group. There are perhaps as many as 10 major warez communities such as DrinkOrDie. And they don’t do it for profit, Bell

said.

“They believe in a free Internet,” he said. “They don’t want any rules or any laws that inhibit what they do.”

At least one computer security expert criticized the government’s crackdown, saying it focuses on the wrong people. “There are two kinds of people pirating software: the kids, and the people who are stamping out 5,000 copies in Taiwan and selling them for $5 a pop,” said Bruce Schneier, a well-known encryption expert and president of Counterpane Internet

Security, a network protection company.

The warez groups are typically students and computer aficionados having fun and testing themselves by breaking programs–generally on a power trip, Schneier said. “Throwing the book at these guys is the wrong thing to do,” he added.

The Business Software Alliance (BSA), which represents the software industry’s interests in Washington, DC, agrees that warez sites are as big a threat as “true” pirates. “You could have a good debate over who is hurting the industry more,” said Bob Kruger, vice president of enforcement for the BSA, which has estimated that the software companies lost $2.6 billion in 2000 to US-based piracy. Although downloading programs from the Internet doesn’t necessarily have a one-to-one correlation to lost sales, Kruger maintains that there is definitely harm suffered by the industry.

Cracking in The warez community can be divided into smaller “scenes” based on the type of content their members are interested in. Typical divisions are the DivX scene for movies available in MPEG-4 format, the MP3 scene for music available in that popular format, and the PS2 scene for pirated PlayStation 2 games.

“Everyone that had a significant role in the community is worried that the (DrinkOrDie) takedown will change the way the scene works,” said the warez programmer, who asked that his name and online handle not be used. “It won’t be quite so public anymore.”

Typically, a “leak”–someone who supplies a copy of a yet-to-be-released program–uploads the data to an online drop box. The supplier often is someone who works in the company and sells the code for money or to get back at the company for some perceived slight.

The cracker then takes the program, br

eaks through the security and “rips” a copy that works without the CD-ROM. This step is, by far, the most time-consuming. Typically, the cracker then uses a private site to pass the program to a courier, or curry, who distributes the program to publicly accessible download sites.

Although the raids mainly targeted those suspected of cracking content, the effects will trickle down to hit the software pirates on the street, the warez programmer said. Such pirates depend on the warez community for their supply of copy-protection-free content.

For example, VideoCDs–popular in the Asia-Pacific region–might become scarce, especially those made from newer movies.

“VCD groups have stopped releasing,” the warez programmer said. “Asian markets can’t get copies of American movies to subtitle, which means they can’t sell them on the street.”

The discord within the community has been heightened by the FBI’s ability to infiltrate at least one online group, RogueWarriorz. In his posting, “ttol” describes RogueWarriorz as a group of about 70 members with access to more than 40 sites belonging to other groups.

The FBI’s Peters confirmed that the target of its Operation Bandwidth investigation was the RogueWarriorz.

Peters also predicted that the investigation will drive the remaining software pirates underground. “I think the trend is more, for their own protection, to keep the sites from outside access,” he said. “Many have password protections added to them now.”

Despite the discord, at least one member of the warez scene believes the law-enforcement victory is fleeting.

“I’m just sure that whatever the FBI decides to do, there will still be people ripping and releasing (warez) internally through groups,” wrote one member of the music scene, who used the handle “dsif0r.”

“We have finally lost; but I assure you, the FBI cannot keep us down.”

Analysis

Truly, I could write volumes on this subject, enough to fill a whole book.  For the constraints of this email, though, I will focus on a few key points.

The idea of targeting these warez distributors and crackers is distasteful on a couple of levels.  Firstly, it is a very much needed debate as to whether or not the warez community takes any money away from the computer entertainment industry.  As many recipients of pirated games have pointed out, more often than not, a player of a pirated game most likely would not have purchased the game if it were for sale in the first place, and is only playing it because it is free.  Then there is the moral highground that some pirates take stating that the high cost of certain software packages (such as much of Adobe’s product line) prevents the mass public from ever affording the products they’d like to use.  Very few people can afford the $899 pricetag on the Adobe Photoshop product, much fewer than the number of people who are very talented at using it.

But moving past the debate as to whether certain types of pirates should be prosecuted, what is the actual impact of this event.  Certainly, it can’t be over-emphasized that this is probably the most influential event in piracy history.  But the pirate trade is rooted in two things which will ensure its permanency: entertainment industry, and hacking.  As long as the first world remains the first world in the technology age, we will have software piracy.  The entertainment industry is the biggest industry for America, dwarfing its nearest second with the industry-wide profits, thus ensuring that there will always be software to pirate.  And hacking will always be around as long as there is technology to discover — and this is where the roots of piracy spring.  Piracy stems two sources: from software cracking, or the techno-art of defeating the copy-protection routines put in place by software companies and the innate greed within every computer! user to get a something (computer program) for nothing..  For most crackers, it’s simply a test of skill to see if they are up to the challenge.  The fruits of their labors are then placed out for the world to see, and those that are in search of a way to copy their software.  And for the traffickers, it’s simply a public service to reroute 1’s and 0’s to those more deserving. 

One thing is for certain, it hasn’t taken the warez community long to regroup.  They are an amorphous bunch, with a structure much like the infamous al-Qa’ida, and the ones not directly hit have already taken a look at their methods for certain.  In much the same way that the human body reacts after a virus attack, pirates will become more aware of ways they can be tracked, and it will become that much harder to track those responsible for piracy in the future.

Magic Lantern Developments and Analysis

Magic Lantern’s Existence Admitted

When is a virus, not a virus? When it’s written by the FBI.

After months of speculation Reuters reports that an FBI spokesman has finally confirmed that the US government is working on a project, codenamed Magic Lantern, that will log the key-strokes made on infected machines and enable the FBI to track communications made using it.

The FBI has already acknowledged that it uses software that records keystrokes typed into a computer to obtain passwords that can be used to read encrypted e-mail and other documents as part of criminal investigations.

FBI spokesperson Paul Bresson described Magic Lantern to news sources as a “workbench project.”

Said Bresson: “We can’t discuss it because it’s under development, [but] like all technology projects or tools deployed by the FBI, it would be used pursuant to the appropriate legal process.”

Remember the recent W32.Badtrans.B@mm MAPI worm which opened a Trojan back door on an infected machine and deployed a keystroke logger to monitor what was written on it? (We do, as we’re still getting plenty of infected messages caught in our firewall.) Well, it looks like Magic Lantern will do essentially the same thing.

Fortunately, most major antivirus companies have said that they would not voluntarily cooperate with the FBI, updating their software to detect and clean viruses, no matter where they originated. However, the FBI could get its virus ignored by antivirus software with a legal order. And ISPs have in the past voluntarily cooperated with the FBI allowing it to install its technology on their servers.

SecurityFocus incident analyst Ryan Russell told NewsFactor Network that the battles between civil libertarians and law enforcement agencies like the FBI have been ongoing from the first time cyber-snooping technologies were used.

“Currently, computer monitoring does not require the same standards that telephone taps do, and law enforcement has been constantly pushing to keep those standards lax,” Russell said.

French Caldwell of Gartner’s Information Security Group, who runs the research firm’s project on technology and public policy, told NewsFactor: “The bottom line here is that companies and individuals will be responsible for protecting themselves from both cyberterrorism and the government’s response to it.”

Given the hijacking attacks of Sept. 11, it is also conceivable that the U.S. government would enlist the aid of private companies to combat terrorism and help its war effort, said Michael Erbschloe, vice president of research at Computer Economics, which analyzes the impact of viruses.

“In previous wars, including the Second World War, the government h

ad the power to call on companies to help, to commandeer the technology,” said Mr. Erbschloe, author of Information Warfare: How to Survive Cyber Attacks.

“If we were at war the government would be able to require technology companies to co-operate, I believe, in a number of ways, including getting back door access to information and computer systems.”

The FBI’s controversial Magic Lantern Trojan horse has been mimicked by the virus writing underground, but in a deadlier form.

Amid rumours of the FBI’s cloak and dagger spy tool, it was discovered that a 17 year-old Argentinean virus writer, known only as ‘Agentlinux’, has created a malicious virus that masquerades as Magic Lantern.

Rather than acting as a Trojan keylogger, as the real Magic Lantern is supposed to do, ‘Malantern’, as it has been called to avoid confusion, simply deletes all files in the Windows system drivers directory and the ‘Temp’ directory.

Although it is not thought that the virus is spreading, one expert believes that this could be the start of a Magic Lantern copycat trend.

“It isn’t important that the program isn’t spreading. What is necessary to realise is that, with the appearance of the official ‘Lantern’ virus, writers won’t wait long to release numerous clones,” said Eugene Kaspersky, head of research at Kaspersky Labs.

Something else that has bothered the experts is the fact that the ‘real’ Magic Lantern could easily end up in the wrong hands and be used by the people it’s supposed to catch.

“In addition, the possibility that the original Trojan version could end up in the hands of hackers cannot be excluded. In this case, hackers could use Magic Lantern as a means to their own ends,” said Kaspersky.

This threat is heightened by the fact that some antivirus vendors have already said that they would exclude the FBI Trojan from any virus scans in a bid to support the authorities.

FBI asks for Access to Badtrans Database

The FBI is asking for access to a massive database that contains the private communications and passwords of the victims of the Badtrans Internet worm.  Badtrans spreads through security flaws in Microsoft mail software and transmits everything the victim types. Since November 24, Badtrans has violated the privacy of millions of Internet users, and now the FBI wants to take part in the spying.

Victims of Badtrans are infected when they receive an email containing the worm in an attachment and either run the program by clicking on it, or use an email reader like Microsoft Outlook which may automatically run it without user intervention. Once executed, the worm replicates by sending copies of itself to all other email addresses found on the host’s machine, and installs a keystroke-logger capable of stealing passwords including those used for telnet, email, ftp, and the web. Also captured is anything else the user may be typing, including personal documents or private emails.

Coincidentally, just four days before the breakout of Badtrans it was revealed that the FBI was developing their own keystroke-logging virus, called Magic Lantern. Made to complement the Carnivore spy system, Magic Lantern would allow them to obtain target’s passwords as they type them. This is a significant improvement over Carnivore, which can only see data after it has been transmitted over the Internet, at which point the passwords may have been encrypted.

After Badtrans pilfers keystrokes the data is sent back to one of twenty-two email addresses (this is according to the FBI– leading anti-virus vendors have only reported seventeen email addresses). Among these are free email addresses at Excite, Yahoo, and IJustGotFired.com. IJustGotFired is a free service of MonkeyBrains, a San Francisco based independent Internet Service Provider.

In particular, suck_my_prick@ijustgotfired.com began receiving emails at 3:23 PM on November 24. Triggering software automatically disabled the account after it exceeded quotas, and began saving messages as they arrived.The following day, MonkeyBrains’ mail server was sluggish. Upon examination of the mail server’s logs, it quickly became apparent that 100 emails per minute to the “suck_my_prick” alias were the source of the problem. The mails delivered the logged keystrokes from over 100,000 compromised computers in the first day alone.

Last week the FBI contacted the owner of MonkeyBrains, Rudy Rucker, Jr., and requested a cloned copy of the password database and keylogged data. The database includes only information stolen from the victims of the virus, not information about the perpetrator. The FBI wants indiscriminant access to the illegally extracted passwords and keystrokes of over two million people without so much as a warrant. Even with a warrant they would have to specify exactly what information they are after, on whom, and what they expect to find. Instead, they want it all and for no justifiable reason.

One of the most basic tenets of an authoritarian state is one that claims rights for itself that it denies its citizens. Surveillance is perhaps one of the most glaring examples of this in our society. Accordingly, rather than hand over the entire database to the FBI, MonkeyBrains has decided to open the database to the public. Now everyone (including the FBI) will be able query which accounts have been compromised and search for their hostnames. Password and keylogged data will not be made available, for obvious legal reasons.

The implications of complying with the FBI’s request, absent any legal authority, are staggering. This is information that no one, not even the FBI, could legally gather themselves. The fact that they seek to take advantage of this worm and benefit from its illicit spoils, demonstrates the FBI’s complete and utter contempt for constitutionally mandated due process and protection from unreasonable search and seizure. It defies reason that the FBI expects the American people to trust them to only look at certain permissible nuggets of data and ignore the rest of what they collect. One need only imagine what J. Edgar Hoover would do with today’s expansive

surveillance system, coupled with the new powers granted by the Patriot Act, to appreciate the Orwellian nightmare that the United States is becoming. The last thing the FBI should have is a spying Internet worm, and it looks like they’ve found one. Welcome to the Magic Lantern.

New Virus Developments

Happy New Year/W32 Maldal Virus

A mass-mailing Internet worm that purports to offer New Year greetings was spreading rapidly Wednesday, and is rumored to be the big Christmas virus that antivirus companies have been gearing up for.

The first copy of the virus was detected at 7:23am GMT December 19 2001 by security firm MessageLabs and is said to have originated from South Africa. By using a number of aliases, the e-mail worm has spread virulently throughout the day. MessageLabs has detected 925 incidents of the worm at an Internet level to date, from a number of countries across the globe.

“This won’t be as big as Goner, but it is likely to be the biggest Christmas virus,” said Alex Shipp, antivirus technology expert at MessageLabs.

The worm, operating under the guises of Zacker, Reeezak, Maldal and Keyluc, arrives with the subject header “Happy New Year” and contains a file attachment entitled “christmas.exe.” It uses familiar social engineering tactics to entice recipients to double click on the attachment, before mailing itself and the victim’s contact list to everyone in the contact’s address book.

How to Recognize t

he Virus:

W32/Maldal.c@MM was discovered on 7:23am GMT 19 December 2001, it’s the third variant of the W32/Maldal@MM family.

The mass-mailing worm arrives in an e-mail file attachment called “christmas.exe”, the filesize is 37376 bytes. The worm is using the MS-Outlook address book to mass-mail itself. .

The worm might also be using entries from MS-Messenger.

The worm sends rtf based e-mail messages with:

-File Attachment: christmas.exe

-Subject : Happy New Year

-Body: Hi , I can’t describe my feelings But all I can say is Happy new year

Suspect Claims Al Qaeda Hacked Microsoft

The Story

Suspected member of the Al Qaeda terrorist network, Mohammad Afroze Abdul Razzak, claimed that Islamic militants infiltrated Microsoft and sabotaged the company’s Windows XP operating system, according to a source close to Indian police.

Afroze, arrested by Mumbai (Bombay) police Oct. 2, has admitted to helping plot terrorist attacks in India, Britain and Australia, India’s Hindustan Times newspaper reported Saturday.

During interrogation, Afroze, 25, also claimed that a member or members of Osama bin Laden’s Al Qaeda network, posing as computer programmers, were able to gain employment at Microsoft and attempted to plant “trojans, trapdoors, and bugs in Windows XP,” according to Ravi Visvesvaraya Prasad, a New Delhi information systems and telecommunication consultant.

Prasad, moderator of an Internet mailing list on south Asia security and information warfare, told us that Afroze made the claims in a police confession.  Officials in the Mumbai police commissioner’s office were not immediately available for comment.

Afroze has told Indian authorities that he was part of a team of Al Qaeda terrorists that planned to hijack an aircraft in London on Sept. 11 and crash it into the British House of Commons or into London’s Tower Bridge, according to the Hindustan Times, which obtained parts of Afroze’s confession.

British intelligence officials have dismissed the claims, according to a report last week in the Guardian, a British newspaper.

Microsoft spokesman Jim Desler said Afroze’s claims about the company were “bizarre and unsubstantiated and should be treated skeptically.”

According to Desler, Microsoft has rigorous processes in place during the development of Windows to ensure the security and integrity of source code.

Microsoft launched Windows XP in late October. While the company has already issued security patches for the software, no evidence of malicious code in the operating system has been reported.

Under interrogation, Afroze also warned Mumbai police that Al Qaeda was planning an attack on India’s parliament complex in New Delhi, the Hindustan Times reported.

The Times of India reported last week that “official sources” believe Afroze is “very close” to Al Qaeda but that authorities find some of his claims inconsistent and “too theatrical to believe.”

The Mumbai Police Cyber Crime Investigation Cell is at http://www.ccicmumbai.com .

Analysis

This report comes amid rumors that Microsoft with the aid of the Cult of the Dead Cow, an infamous hacker group responsible for the trojan horse virus Back Orifice, is installing a keylogging and web-traffic monitoring system in future versions of Windows XP for the marketing department and the USDOJ to share as well as reports of a major security flaw noted in the Windows XP operating system.

It is important to note, however, that whenever confronted publicly about the possibility of monitoring or any back-door access to the users machines, Microsoft has always flatly denied that any such system exists.  Microsoft even presented the German Parlaiment the opportunity to review the source code of Windows XP in a good faith effort to prove that they had no back-door systems involved.

As for the what-if’s and loopholes in Microsoft’s statements — Microsoft could be banking on the fact that they know the German Parlaiment wouldn’t know heads from tails looking at the sourcecode to the bloated beast of Windows XP, coupled with the fact that Microsoft is currently in a bind with the USDOJ, what with the monopoly hearings and all, they might be using this as a bargaining chip — “Look, we can offer you a window to every PC user in the world’s hard drive/web traffic logs.”  In the terrorist/cyber-terrorist/warez trafficker hunt mode the FBI is in right now, that would appear to be a very attractive offer.

Whether or not that capability is installed into WinXP by Al-Qa’ida, cDc, or Microsoft themselves is very doubtful however.  Rumors have flown about every time a release of a new operating system by Microsoft about how they are spying on your hardrive.  In the past it has just been a scarey bed-time story that linux users and other open source os users tell to scare their children at night.  Likely that is what it is this time around.

Important to note is, however, due to the major security flaw that allows hackers to seize control of your machine using a buffer overflow flaw, it is important to patch your copy of XP if you are running it using the patch that Microsoft provides at http://www.microsoft.com/Downloads/Release.asp?ReleaseID=34991.  If you are running Windows 98, Windows 98se, Windows ME, or Windows XP, you are vulnerable, and should install the patch.

Feds Pick Next-Generation Encryption Standard

Story

The U.S. government on December 4, 2001 formally adopted its next-generation data encryption standard, aimed at better protecting government data transmission and storage. Known as the Advanced Encryption Standard (AES), this new algorithm will replace one first adopted by the federal government in 1977. The new standard is a 128-bit encryption algorithm based on a mathematical formula called Rijndael (pronounced “rhine doll”) that was developed by cryptographers Joan Daemen at Proton World International and Vincent Rijmen at Katholieke Universiteit Leuven, both in Belgium.

The U.S. government first selected the pair’s Rijndael algorithm to replace the two-decades-old Data Encryption Standard (DES) last year. A period of public comment and proposed revisions to the algorithm followed.

“Now it’s an official standard,” said Philip Bulman, an official at the National Institute of Standards and Technology (NIST), a unit of the U.S. Commerce Department. While there is no deadline for the government to switch over to AES, Bulman expects “federal agencies will start migrating” to the new algorithm shortly. In addition, it’s likely that many companies in the private sector, particularly in financial services, will consider adopting AES as well, he said.

U.S. government officials said last year that they chose Rijndael for their next-generation encryption standard because of its “combination of security, performance, efficiency, ease of implementation and flexibility.” Rijndael performed well on a variety of hardware and software platforms, they concluded. It uses relatively small amounts of memory, and it provi

des strong defense against several different kinds of attacks.

The new standard can support encryption key strength of 128, 192 and 256 bits, according to a government statement. More information about the standard is posted on the NIST Web site.

The federal government’s recent decision to adopt the Advanced Encryption Standard (AES) for securing sensitive information will trigger a move from the aging Data Encryption Standard (DES) in the private sector, users and analysts said.

But don’t expect it to happen overnight, they added. Technology standards bodies representing industries such as financial services and banking need to approve AES as well, and that will take time. And products such as wireless devices and virtual private networks that incorporate AES have yet to be developed. Corporations using Triple DES technologies, which offer much stronger forms of encryption than DES, will have to wait until low-cost AES implementations become available before a migration to the new standard makes sense from a price perspective.

“AES will likely not replace more than 30% of DES operations before 2004,” said John Pescatore, an analyst at Stamford, Conn.-based Gartner Inc.

Experts claim that the algorithm is small, fast and very hard to crack – it would take 149 trillion years to crack a single 128-bit AES key using today’s computers.

In software, AES runs about six times as fast as Triple DES and is less CPU-intensive.

The advantages of AES make it inevitable that private corporations will start using it for encryption, said Paul Lamb, chief technology officer at Oil-Law Records Corp., a provider of regulatory and legal information to oil and natural gas companies in Oklahoma City.

Corporations will adopt AES “because of the perceived problems with DES and the greater sense of security with AES,” he said.

“I would expect the adoption curve to be pretty steep,” said Steve Lindstrom, an analyst at Framingham, Mass.-based Hurwitz Group Inc. Any concerns corporations had about AES not being widely adopted have been put to rest with the government’s decision to adopt it for all encryption going forward, he added.

Analysis

The jury is still out on AES.  I am currently polling my friends who roam the encryption circles what they think.  Distributed.net (www.distributed.net) has yet to come out with a statement as of press time on the Rijndael algorithm, or a contest for it, but from a precursory viewing of the algorithm’s statistics, it is quite impressive. DES (the former standard) keys are 56 bits long, which means there are approximately 7.2 x 1016 possible DES keys. Thus, there are on the order of 1021 times more AES 128-bit keys than DES 56-bit keys.

The information page on csrc.nist.gov accurately states that:

“In the late 1990s, specialized “DES Cracker” machines were built that could recover a DES key after a few hours. In other words, by trying possible key values, the hardware could determine which key was used to encrypt a message.”

It goes on to say:

“Assuming that one could build a machine that could recover a DES key in a second (i.e., try 255 keys per second), then it would take that machine approximately 149 thousand-billion (149 trillion) years to crack a 128-bit AES key. To put that into perspective, the universe is believed to be less than 20 billion years old.

127.24 gigakeys per second is the rate at which distributed.net currently cracks away at the RC5-64.  This contest has been running for 4 years, and I believe at this time they estimate somewhere around another year to finally crack it.  Undoubtably when encryption reaches the realm of 64-bit or more, you are talking about serious time to brute force hack.

Time will tell how strong the encryption algorithm is, especially once the contest to break it is announced.  The problem with keeping data secure these days generally isn’t the problem of the strength of encryption.  Sure, the government is years behind in the effort to keep encryption secure, but the private sector and open source software groups have been using RC5-64 and RC5-128 for years with complete assuredness of their security.

No, the problem with keeping data secure these days is keeping your passwords safe.  With the trojan/keylogger battle going back and forth between the FBI and private hackers, the strength of the encryption is entirely a moot point of the key is intercepted prior to encryption.

Information wants to be free! Get your friends to subscribe to the Rizzn’s Wartime Factbook update. An awareness in intelligence will result in our collective greater safety. Send them to http://factbook.notifylist.com

To view the facts surrounding the civilised world’s war versus terrorism, go to http://factbook.diaryland.com. Updated daily!

Information in this briefing completely accurate to the knowledge of the O.S.I.S. as of: 2:25 PM 12/23/2001. Stay tuned for updates.

This briefing is a service of Rizzn Do’Urden, Rizzn’s Wartime Factbook, and Parallad Studio’s Open Source Intelligence Service.

Now playing: Cheech and ChongMexican Americans (AKAradio.com: Judo’s Radio Revolution!)