Does anyone remember seeing this? I really want to know if there was an update to his case. I thought I saw it on HN but I can NOT for the life of me find it now anywhere. Normally I’m not one to buy into “XYZ scrubbed QWERTY from the internet”, but I absolutely can not find this story ANYWHERE now and it seems like it should be easily found with keywords.

If anyone interested has a Twitter account, would you mind searching there for Truecrypt and Veracrypt to see what comes up? That’s the one place I haven’t looked because I don’t have an account.

  • nomadic@lemmy.one
    link
    fedilink
    English
    arrow-up
    2
    ·
    edit-2
    1 year ago

    I remember this also as I was contemplating my encryption options at the time. Pretty certain the individual was French. But for the life of me I can’t find anything anywhere. Makes me wonder.

  • YellowtoOrange@lemmy.world
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    I asked bing chat AI, chatgpt4 (and crappy bard) and none could find such a story.

    Chatgpt4:

    "Unfortunately, I was not able to locate the specific story you mentioned about an individual whose Veracrypt or TrueCrypt passphrase was cracked by authorities. However, I did find information that suggests such an event is plausible.

    Elcomsoft, a company that sells forensic software, announced that they had successfully cracked the latest version of Veracrypt, a fork of the now-discontinued TrueCrypt. This was achieved using an updated version of the Elcomsoft Forensic Disk Decryptor, which extracts on-the-fly encryption keys from a computer’s RAM. These keys, once captured, can be used to decrypt the hard drive without having to run brute force attacks​1​. This does not directly answer your question, but it provides some context on the potential vulnerabilities of Veracrypt.

    I have searched through numerous sources, including Hacker News, but I could not find a story that matches your description. There are many reasons why this could be the case, such as the story being removed, incorrectly recalled details, or simply the limitations of my current search capabilities"

  • wasd4321@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    If the user was using Windows, fast startup could have been enabled so they were able to extract the password from the RAM maybe? Other than that I don’t know

    • Cinner@lemmy.worldOPB
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      1 year ago

      Late response, I haven’t been on this account recently…

      I understand that fastboot and similar things like the hive file if that’s what it’s called (ram writes to disk) or just a very quick tool/technique for cold booting/freezing RAM, but can just have fastboot enabled, enable them to extract the decryption key from RAM or disk?

      I thought VeraCrypt started before everything… like a Linux bootloader.

  • Evoke3626@lemmy.fmhy.ml
    link
    fedilink
    English
    arrow-up
    0
    ·
    1 year ago

    Very scary if true. 30+ characters should be more than enough, not withstanding variables like using a password vs a pass phrase, if it was generated by a computer or human, etc, but very very scary.

    Basically this goes to show that, again, if you’re on a nation states radar their is almost nothing you can do to stop them.