1. 47

  2. 5

    This guy is a lot of fun to read. If you haven’t checked out his previous saga of doing similar bad touches to his WD MyBook, I recommend it. It’s linked early in this article.

    1. 3

      So what was the password?

      1. 1

        I don’t think they’re going to tell us, but the problem was they had misspelled a word (presumably twice?)

        1. 1

          It was an Italian word, just to be more specific.

        2. 1

          Well the code is mostly available, and so is the key material–at least some of it. We also know that there were Italian words in there. Perhaps it can be derived from all the clues? At an immense cost of time, of course.

        3. 3

          Today Filippo posted a follow up question on the openbsd-tech mailing list:

          I recently had the occasion to dive into the softraid crypto code [1] and was quite pleased with the cleanliness of it all. However, I found surprising the default value of 8k PBKDF2 rounds.

          I know it is easy to override and I should have RTFM, but I (naively, I’ll admit) assumed OpenBSD would pick very robust defaults, erring on the conservative side. Is it maybe time to bump it up, or pick it based on a quick machine benchmark?

          If there’s consensus I might also provide a patch for the live benchmark option.

          Thank you

          [1]: https://blog.filippo.io/so-i-lost-my-openbsd-fde-password/

          1. 1

            We start chasing by looking at the bioctl and softraid_crypto implementations, Cmd-F'ing “Passphrase:” and “incorrect key or passphrase”.

            What does he mean by that? What’s “Cmd-F'ing”?

            1. 7

              It’s like Ctrl+F'ing but on a Mac.

              1. 1

                MacOS keyboard shortcut for searching through text in a text editor, web page, etc.

              2. 1

                Honest question, since I’m dumb, couldn’t he just have reinstalled?

                1. 11

                  Technically, yes. But it’s possible that between the time he installed with FDE and forgot his password, he already stored data on the disk he didn’t want to lose. But either way, it was an interesting exercise that we all get to learn from, especially since he documented the whole process. :)