Well, no matter if they used 128 bit encryption. using M$ EFS only is secure from other users. All one has to do is break the Administrator password using change NT Password and they can decrypt the file with no problem. I love how things are exagerated :)
Cheers, Jeremy "R. A. Hettinga" wrote: > > I wonder if he can sue BillG? :-). > > Cheers, > RAH > > http://www.newscientist.com/news/news.jsp?id=ns99991804 > > Weakened encryption lays bare al-Qaeda files > > > 17:07 17 January 02 > Will Knight > > > Relatively weak encryption appears to have been used to protect files > recovered from two computers believed to have belonged to al-Qaeda > operatives in Afghanistan. > > The files were found on a laptop and desktop computer bought by Wall Street > Journal reporters from looters in Kabul a few days after it was captured by > Northern Alliance forces on 13 November. The files provide information > about reconnaissance missions to Europe and the Middle East. > > A report in the UK's Independent newspaper indicates that the encryption > used to protect these files had been significantly weakened by US export > restrictions that existed until last year. > > The files were reportedly stored using Microsoft's Windows 2000 operating > system and protected from unauthorised access using the Encrypting File > System (EFS), which comes as standard on this platform. They were protected > with a 40-bit Data Encryption Standard (DES), according to the Independent > report. This was the maximum strength encryption allowed for export by US > law until March 2001. All systems are now sold with the standard 128-bit > key encryption, exponentially stronger than 40-bit. > > Wall Street Journal reporters say that they decrypted a number of files > using "an array of high-powered computers" to try every possible > combination, or "key" in succession, a process that took five days. > > Billions of keys > > Brian Gladman, an ex-NATO encryption expert based in the UK, says that > 40-bit DES means checking about a billion billion different keys in > succession. This would take the average desktop computer a year, but a > group of powerful machines could perform the feat in a few days, he says. > However, he adds: "If you go much beyond 40 bits it is outside the realm of > possible." > > But Gladman says the US should not seek to reintroduce controls on the > export of strong encryption products in light of this evidence. He believes > that export controls would not necessarily stop terrorists and could harm > the security of companies outside the US. > > "The internet is already vulnerable and if we do not implement strong > encryption, criminals will get away with murder," Gladman told New > Scientist. "Any efforts to prevent the deployment of this technology will > damage us rather than help." > > Gladman says that terrorists can rely on far more elementary techniques to > keep information secret and communicate covertly. These include using > secret code words and anonymous internet cafes. > > > 17:07 17 January 02 > ----------------- > R. A. Hettinga <mailto: [EMAIL PROTECTED]> > The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> > 44 Farquhar Street, Boston, MA 02131 USA > "... however it may deserve respect for its usefulness and antiquity, > [predicting the end of the world] has not been found agreeable to > experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' > > --------------------------------------------------------------------- > The Cryptography Mailing List > Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED] --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
