From /r/fedora over on reddit logo

  • ShiningWing@lemmygrad.mlOP
    link
    fedilink
    arrow-up
    15
    ·
    11 months ago

    Aren’t encrypted files like stupid-easy to crack if you have direct access to them?

    Since when? Nobody would bother using it if it was that easy to crack, especially full disk encryption like LUKS on Linux, the whole point is to keep someone with direct access to the data from using it

    Like, maybe the NSA could do it, but something tells me that US agencies are not in most redditors’ threat models lol

    Though of course, the good ol’ “hit him with this $5 wrench” method is probably the most likely weakness of any encrypted system lmao

    Also store your passwords on the cloud what a GREAT idea!

    Yeah, considering that online password safes have been attacked before, it makes it especially funny that the person who is so scared about spooky scary Asian hackers would suggest using one of those when it’s a far more likely target than some random nobody’s personal machine lmao

    • Omega_Haxors
      link
      fedilink
      arrow-up
      2
      arrow-down
      2
      ·
      11 months ago

      Since when? Nobody would bother using it if it was that easy to crack

      If you know a string in the original you can just throw every key at it until the string shows up, there’s a VERY good chance that’s the key.

      • ShiningWing@lemmygrad.mlOP
        link
        fedilink
        arrow-up
        3
        ·
        11 months ago

        “Just” throw every key at it? Isn’t that just a typical brute-force attack? That’s hardly what I’d call an “easy crack”, it’s why I said it isn’t realistic for anyone who isn’t the NSA, because brute-forcing something like this with a reasonable key length would take more than anyone’s lifetime unless you have one of the best supercomputers in the world (and even then, it’s not a guarantee depending on the key length)

        It’s why people pretty much exclusively talk about other potential vulnerabilities instead when they’re discussing cracking full disk encryption, like the aforementioned “hit him with a wrench until he tells us the password” lol

        • Omega_Haxors
          link
          fedilink
          arrow-up
          1
          arrow-down
          1
          ·
          11 months ago

          It is brute force but you only have to scan a fraction of the data which makes it blazing fast. Unless your password is 30+ characters it isn’t going to take all that long, especially if you vaguely remember things such as the password length and if it contains certain numbers or not.

          • ShiningWing@lemmygrad.mlOP
            link
            fedilink
            arrow-up
            3
            ·
            11 months ago

            I’m sorry, but do you have a source for it being that fast? I haven’t seen any mention of that anywhere else, at least when it comes to this area of encryption

            You also don’t specify what kind of hardware would be needed to make that fast, how fast you’re thinking, or even what type of encryption you’re talking about, all of which are pretty important

            I’m not sure this fact would make much of a difference here anyway, because it’s not like you’re ever scanning the entire disk in the first place, you’re trying to decrypt a specific string in the header in a specific place even if you’re just unlocking it normally, and if that really was so insecure, it would be pretty well known and nobody would ever use it

              • FuckBigTech347@lemmygrad.ml
                link
                fedilink
                arrow-up
                2
                ·
                11 months ago

                This video doesn’t prove that “encryption” is fast to crack, at all. The first part is literally just about trying millions of most commonly used passwords and the second “crack” relies on an insecure password. Also anyone who stores their most sensitive data in a ZIP file on Windows is doing it completely wrong. There are much better options than ZIP plus Microsoft likely already knows your password before you’re done encrypting your files because Windows probably key logged it.

          • chayleaf
            link
            fedilink
            arrow-up
            2
            ·
            11 months ago

            With an alphabet of 50 characters, there’s 15 billion 6 character passwords, and 250 quintillion 12 characrer passwords; that’s anything but fast