Cracking the remaining FOIA2011 all.7z file

7-Zip There’s an embedded archive file called all.7z which contains thousands of additional emails and files.

The 7zip archiver in which this is stored uses 256 bit AES encryption. It’s a tough nut to crack.

“FOIA” chose this most likely because there are no effective tools for 7zip, while there seem to be many for standard .zip and .RAR files.

From their website: http://www.7-zip.org/7z.html

“7-Zip also supports encryption with AES-256 algorithm. This algorithm uses cipher key with length of 256 bits. To create that key 7-Zip uses derivation function based on SHA-256 hash algorithm. A key derivation function produces a derived key from text password defined by user. For increasing the cost of exhaustive search for passwords 7-Zip uses big number of iterations to produce cipher key from text password.”

The password can be 2047 or 8191 characters long, depending on your operating system.

I’m doubtful this password will be cracked anytime soon, maybe DoD could do it. Chances are that “FOIA” chose a very long password, that could take years to crack by a brute force attack.

“FOIA” is holding this in reserve, making it known that it is there, ready to pull the firing pin. I expect we’ll see it sooner than later as the reaction so far from RC and the Team is continued arrogance.

Julian Williams in Wales has an interesting take:

Maybe the passphrase is so complex to be uncrackable; is that possible? Surely after having sat on this material for two years FOIA would have made a decision how he is going to play this, and it just makes no sense to put most of the material behind a crackable passphrase.

But supposing he then sent the passphrase to Phil Jones and M Mann with a threat; Resign now, get the hell out, otherwise this passphrase goes online to the general public. That is a strategy that might push FOIA’s enemies out without completely disgracing the “scientific community”

Just another way of looking at what might motivate FOIA.

Advertisements

  Subscribe  
newest oldest most voted
Notify of

Has anybody thought to try Micheal Mann’s Home Number as the encryption Key?

The technical details might be revealing on who’s behind FOIA.org. How many interested parties knew of 7z at UEA?t

Bruce

Has anyone tried password?

mpaul

Putting an encrypted file out has a big benefit for the whistleblower — it enables him/her/them to delete the file from their servers, while being secure in the knowledge that the file will be kept safely by those wanting to know what’s in it (which is now hundreds, maybe thousands of people..
AES-256 — forget about it. Unless they chose a trivial password, it is unbreakable in any practical sense.

Julian Williams in Wales

I feel flattered that I might have contributed a useful thought to WUWT after many years of being a big fan of your wonderful publicly spirited and important site.

JonasM

“Has anyone tried password?”
LOL

PaulH

Depending on the complexity and length of the password, it could take trillions of years to crack even using dedicated methods. Try some of your won over at https://www.grc.com/haystack.htm

Nick

There is a project, wondering around somewhere, throwing brute force attacks at a 128bit passphrase, using a supercomputer, I think. They’ve been running for a couple of years now. They might have a chance. They’re expecting to break in sometime in the next 100 years. 🙂 But 256 bit is a bit fair dinkum.

Frank

My guess is IPCC. It’s worth a shot.

Richard Abbott

Scientist are stranger than fiction…..

Hockeystick?

Yep – “password” don’t work
I have 3 crack routines running already – two brute-force, and one a dictionary derivative – and yes one is RARCRACK !!
Not holding my breath though – could take 100 years !!!!
Hope the FOIA puts me out of my misery sooner rather than later
Andy

forrest

How about “hockeystick’?

Andy Scott

How about:
“password123”
or
“p4ssw0rd”
Try those!

Leon Brozyna

Try to force someone to resign? To what end? They’ll likely be replaced by the appropriate sycophant, with no real change in direction.
Only foia knows for sure what he’s got up his sleeve.
One thing for sure. Now that the protected file is out there, all he has to do is send out the password whenever it suits him.

John-X

Bruce says:
November 22, 2011 at 4:33 pm
“Has anyone tried password?”
If he used the Big One (8191 characters long), he could have just typed “password” 1024 times.
Somebody try that and see if it works.

JonasM

Interesting – there’s already a README in the archive, but it’s also encrypted. I was hoping for a note left unencrypted with a teaser. Oh, well. It’s only a matter of time. I just hope it isn’t another 2 years.

Andy Scott

I love how we are all making stupid suggestions to try. It’s actually making me laugh out loud as I read them 😀

RichieP

Well, I tried ‘hidethedecline’. It ran of course but simply told me that all the files were corrupt. So no joy there – but worth a go. 🙁

Geoff C

How about the preamble text in the announcement by FOIA?

Robert of Ottawa

There may or may not be useful information behind the password. The password may or may not be complex. The motives of leaker are unkown.
So. What do we know?

If the pass phrase is ever leaked to open the encrypted file, this whole global warming scam will surely collapse.

Kaboom

123456 worked well in Spaceballs .. and some of the players in those emails strongly remind me of President Skroob, too.

“allyourbasearebelongtous”
“Thesearenotthedroidsyouarelookingfor”
“Itsatravesty”
“Itsworsethanwethought”
“Teamworkpaysdividends”
“Ifionlyhadabrain”
“Hidethedecline”
“Comtraya”
“Itstheendoftheweatherasweknowit”
Hey, I’m just trying to help.
🙂

G. Karst

Sorry I should have posted this here.

G. Karst says:
November 22, 2011 at 4:35 pm
What was the phrase used by the original climategate leaker? I think it was something like:
“A miracle has happened”
Anybody else remember it exactly? That’s the passphrase, I reckon. I don’t have the zip file so I can’t try it. GK

Kev-in-Uk

I would like for all the folk out there to make it known to the ‘Leaker’ that this is rather intolerable, and pointless- perhaps making the ‘leaker’ out to be some kind of glory seeker, or worse, an extortionist in the wings?
No – I mean, seriously? Thinking logically, this person is not doing themselves any favours with this stunt. Either the hidden emails are ‘gold’ or they are worthless cr*p – either way, leaving the world in suspense is not doing anything for their credibility – in my opinion, anyway.

I wonder how long it would take to crack as a BOINC project? I’m sure we can get 10,000 readers to contribute some CPU time!

Marville

There are Cracks available, it will depend on the key encryption though – in work at the moment but will give it a go using a few options later.

1DandyTroll

You only get 256-bit encryption if you type in a 64 byte/characters long phrase, you get only 128-bit with a 32 byte phrase, you get pretty much nothing with an eight byte long phrase.
Usually phrases that people put in are the bare minimum to remember. But then again even a four byte phrase get tricky for the native english speaking crowd if it’s not in english. :p

Dave N

“But supposing he then sent the passphrase to Phil Jones and M Mann with a threat; Resign now, get the hell out, otherwise this passphrase goes online to the general public.”
Sounds like the plot of a Dan Brown novel..

richdo

I’ve written a rather elegant computer model of the 256 bit AES encryption. Of course I’ve had to simplify it somewhat and assume that all but 2 of the 8191 characters are fixed constants. I’ve made a number of runs and the results show the password is worse than we thought. I’d like to publish but am looking for a few good team members to join me first to help beat off the (explitive)jerks who will surely emerge to challenge these results.
Anybody want to join my team?
/sarc

crosspatch

But supposing he then sent the passphrase to Phil Jones and M Mann with a threat; Resign now, get the hell out, otherwise this passphrase goes online to the general public.

I certainly believe there is an “or else” reason for releasing the larger encrypted file. Hidden in that file could be explosive material having nothing to do with climate science for all we know. But there was a reason for releasing the entire file and it implies to me that someone besides the person who had control of the file has been given the passphrase as “insurance”.

Suggestion to FOIA.org person/persons: how about revealing just part of the passphrase, to sort of start the clock running out on Mann et al as we work to break the remainder of the phrase?
Pretty please?
.

Rúnar

Hehehe yes has anybody tried the Spaceballs password 😀 12345 ?

“Leon Brozyna says:
November 22, 2011 at 4:44 pm
Try to force someone to resign? To what end? They’ll likely be replaced by the appropriate sycophant, with no real change in direction.”
I agree Leon, but lets think a stage further
This guy who release these 5,000 emails has another 220,000 in a file locked with an unbreakable password. He/she/they have put it all online and now all they have to do is publish the password, but they are holding back. Why?
Option 1 He has shot his bolt and there is not much else in the remaining emails, but keeping some back maintains the pressure – I don’t buy it
Option 2 He is waiting for something to happen in return for not releasing the passphrase.
Option3 ?
Interestingly he has timed Climategate 1 ahead of Copenhagen and Climategate 2 ahead of the Durban conference. There is a pattern here; they obviously do not like these conferences. They indicate they think the warmists are impoverishing the poor, so there is reason to want to upset the conferences
Has anyone noticed a pattern in the way he/she/they have selected what they have released?
I can think of any number of things he/she/they are waiting for.
My guess is someone has been told what is demanded of them. Maybe Phil Jones and M Mann, or the UEA authorities have in some way been contacted and told what is expected of them. Otherwise it makes no sense.

Jud

I think it’s cool.
The whole ‘password quest’ could give this thing a completely different set of legs – and draw more attention to the debate than would otherwise have happened.
People love a mystery – and this has now become regular treasure hunt!

HankH

JonasM says:
November 22, 2011 at 4:46 pm
Interesting – there’s already a README in the archive, but it’s also encrypted. I was hoping for a note left unencrypted with a teaser.

Yes, that is interesting indeed. It seems that if FOIA put a README in the encrypted archive, he must intend that it will be read at some point in the future. The only way it is going to be read is if he releases the password. So, evidence suggests FOIA does intend to release the password.

Geo

Might be “match”……as in Game (Nov. 2009)….Set(Nov. 2011)……Match! 😉 ….

I’m thinking “The Leaker” is just giving the Climate Criminals some time to braid more rope to hang themselves with. Think about it, they’ve already proven themselves incorrigible liars, malicious slanderers and libelers concerning everything that’s happened over the last 20 years, much less what the original Climategate files revealed a mere two years ago. He’s letting them roast on the spit for a few days, while they furiously try to remember what they typed to each other and preemptively “deny” that there’s anything damning in the locked files. Then, after all of the major Warm Mongers have had a chance to go on record (again) as to their “innocence”, he (or she) simply unlocks the code to reveal the criminal behavior that we already know is there.
Think of it as a sort of “trailer” to a “Whodunnit” movie. Anyone want some popcorn? 😉

SidViscous

I have a truly marvelous solution to decrypting this, which this comment box is too narrow to contain.

Kriilin Namek

One thing to consider: Does 7zip recognize Unicode characters? That would make it next to impossible to crack (not that it was easy before).

Jorma Kaskiseiväs

While the actual file contents are inaccessible, we can see the names and sizes of the files.
Analysing their distribution compared to already released files might give a clue, whether there, in fact, are any more real e-mails or just randomly generated data to fool people think so. 😉

Leon Brozyna

Julian Williams in Wales says:
November 22, 2011 at 5:16 pm
Good points all and I suppose we may never know for sure, unless foia releases the password, especially in a couple weeks or so.
Expecting any change from an arrogant academia is almost laughable … look at Penn State and how they tried to bury something even more explosive as pedophilia. And I don’t see any major course correction happening at Durban … too many people have too much invested in their beliefs to make a major change.
Only foia knows for sure what’s hidden and … so far, at least … he’s not talking.

JimOfCP

Has anyone tried “Hide the decline” ? Maybe a dictionary of climate science – related phrases? Principle Component Analysis, Hockey Stick, …

tokyoboy

Anyone in the know could you please teach me who on earth are running the FOIA.org?

“B.C. says:
November 22, 2011 at 5:32 pm
I’m thinking “The Leaker” is just giving the Climate Criminals some time to braid more rope to hang themselves with. Think about it, they’ve already proven themselves incorrigible liars, malicious slanderers and libelers concerning everything that’s happened over the last 20 years, much less what the original Climategate files revealed a mere two years ago. He’s letting them roast on the spit for a few days, while they furiously try to remember what they typed to each other ……………………………………”
If they were that malicious they would not have been able to contain themselves for two years, doing nothing much whilst the whitewash went on. When you are that malicious person you cannot just sit back with pulling a leaver or two to punish your victim and watch them squirm. (unless this has been going on behind the scenes) IFOA are very cool. They have not drained this story for malice, they have played it straight and definately have a strategy and expected outcome. (in my opinion)

My wife insists on opening one present on Christmas Eve. As a traditional kind of guy who can wait until Christmas morning, I always balk at this, but, am overruled by everyone else in the family. I think if they had their way they would open all their presents on the Eve.
My best guess is the password will be released in coordination with Durban. This first group of emails is the Christmas Eve present teaser.
Twas the night before Durban and all through the house…I’m sure we’re on Santa’s good list…just have patience kids.

Jeff in Calgary

Someone needs to setup a website that will allow you to enter your guess, and the page will try the password to see if it works. I would give it a few tries.

Lord Morris Minor

Where’s the “any” key?