[est31]

> what would they have done if the suspect hadn't used his laptop in a public place?

Screw open his laptop when it's turned off and he's away from home, install a keylogger into the bios. Put a camera onto the shelf to film which keys he types to log in. If he puts a blanket over his head: solely rely on the sound each key makes. Hack his computer remotely using one of the government owned 0days and dump the keys. Use side channels to attain the password via the power outlet in the neighbouring house.

They had countless ways and they chose the one that revealed the least about their capabilities.

[jack_pp]

While what you are saying is possible technically, assuming any and all investigators in the US can tap into such capabilities is just FUD.

[tptacek]

The biggest problem with FDE is that as long as you're using the encrypted computer, FDE isn't protecting you. It doesn't take technical capabilities to exploit this; you just wait until the target has their laptop open to do the interdiction.

FDE's not worthless. Again, I don't think it's even optional; one of your laptops is eventually going to get stolen, and you're going to want the reassurance that at the very least, once it loses power, the thief won't have access to your data (meaning, in effect, that most thieves will never have access to your data). And it's somewhat more powerful on phones, which have integrated designs to make FDE more granular.

But the idea that of all the things the USG could spend energy on, aftermarket FDE software would be their target? It's not very plausible.

[abtinf]

Are Apple's new machines with T2 secure enclave less vulnerable in this regard? They claim all storage encryption goes through the chip, making it more like an integrated phone design.

[est31]

Yeah, on the county sheriff level those capabilities are probably not available. However, Ulbricht was target of investigations on a federal level. He was arrested by FBI agents.

[ta999999171]

Or...properly assessing risk?

[shalmanese]

Yeah, but are there any other forms of encryption that could have mitigated any of those attacks? Once your adversary has physical access to your environment/hardware, it's pretty much game over for security.