this post was submitted on 07 Oct 2023
886 points (99.9% liked)

196

16508 readers
2240 users here now

Be sure to follow the rule before you head out.

Rule: You must post before you leave.

^other^ ^rules^

founded 1 year ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] FaeDrifter@midwest.social 1 points 1 year ago (1 children)

This can slow a hacker down, but still a bad bad bad security practice.

[–] Rin@lemm.ee 1 points 1 year ago (1 children)

How so? If you have 2 partitions encrypted separately with, say, Veracrypt, the worst thing the infected partition could do is copy the other encrypted partition. Unless I'm missing something?

[–] FaeDrifter@midwest.social 1 points 1 year ago (1 children)

You can download a copy of the encrypted partition and attempt to crack it locally.

Which depending on how deep your cascade encryption goes can require a huge amount of computation. If you're a small business owner running a restaurant or a student, that's plenty of security. If you're the lawyer for a former POTUS in a history-defining trial that might decide the future of the entire planet, I hope to God you're not relying on that encryption.

Then again it might be the same dirt that foreign intelligence already has on Trump, so maybe it doesn't matter either way.

[–] Rin@lemm.ee 1 points 1 year ago

My friend, I hope you realise that cracking a Veracrypt partition is going to take longer than the heat death of the universe even if we use every computer ever produced. It's not feasible to crack a partition with brute force. The one way to break it is if they have some password lists or something.

I've actually been thinking about this. Another very hard but possible way that I can think could work would be to take the targeted partition in its entirety, then alter the boot process in such a way where the user is tricked into producing their password at boot to the encrypted partition. The password would then be sent over the air to the attacker where they can simply decrypt the partition. I'm not sure what that would entail though.