Justice Department Says It Should Be Able To Require People To Decrypt Their Computers
from the legal-questions dept
Another big legal question is hitting the courts, as the Justice Deparment is asking a federal judge to require a woman to decrypt her encrypted laptop as part of a lawsuit against her for a mortgage scam. The government claims that forcing her to decrypt the laptop is no different than standard discovery procedures, such as requiring someone open a safe. However, others, including the EFF, are arguing on Fifth Amendment grounds, that individuals should not be compelled to decrypt such encrypted content, on the grounds that it's a form of incriminating yourself, if the content is found to be useful in prosecution. As we've discussed in the past, some courts have found that people cannot be forced to turn over their encryption key on this very basis. However, this case is slightly different, in that the government is seeking to get around such earlier rulings, by saying that it just wants to require her to type the password in herself to decrypt the laptop -- rather than demanding the key itself. However, the EFF's brief (pdf) in the case suggests that this really isn't a huge difference, and just the decryption requirement alone would be a Constitutional problem.Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: decryption, encryption, fifth amendment
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in chronology ]
Re:
If this were to go through a competent computer forensic guy (what the hell are they called?) could get into the first encrypted volume, discover the existence of the other encrypted volume and go back to force the user to proved access to it as well.
The reason for this is that encrypted volumes have very high entropy that is not generally found under other circumstances.
[ link to this | view in chronology ]
Re: Re:
(There was a tool that did this years ago, I forget the name. It was briefly popular until someone discovered that the implementation was flawed and could be broken.)
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re:
What about his security? It's gonna get worse as we go deeper.
[ link to this | view in chronology ]
Re: Re:
You are talking about Truecrypt - and it seems that you are reading from a second hand account of a research paper. The true situation is this:
If you create a hidden volume then there are ways to detect its presence because of tell tale signs left in the "outer" volume by the operating system. However if you create a complete hidden operating system then there is no known way at present to detect its existence.
Your comment about entropy is wrong. Truecrypt fills all the empty space on the drive with random (i.e. high entropy) data anyway - so there is no entropy diffence between encrypted data and empty space.
[ link to this | view in chronology ]
Re: Re: Re:
Citation needed.
[ link to this | view in chronology ]
Re: Re: Re: Re:
Or maybe they can simply destroy any unpartitioned space by changing the bytes around.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
I would go out on a limb and say that unpartitioned space is generally patterned.
If you do a full format, what does the format software generally set the unused bytes to (depending on what you use to format the drive with and perhaps depending on the needs of the operating system). Zero? One? Or it'll arrange the bytes in some sort of patterned structure.
If you do a quick format, what did you generally have before the format? An operating system? Some files? and what do these things consist of? Patterned data.
A chunk of hard disk being composed of unpatterned data can be suspicious.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re:
For instance, you take a picture of the sky. The picture consists of multiple shades of blue. Do we expect the nine hundredth and fifty ninth pixel be #00FFFF or should it be #00FFFE . Either value are just as expected.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
oops
[ link to this | view in chronology ]
Re: oops
[ link to this | view in chronology ]
Re: Re: oops
[ link to this | view in chronology ]
Re: oops
Read the story, it's pretty interesting at times..
http://www.seattlepi.com/default/article/Secrets-locked-away-in-encrypted-files-1179734.php
The links from their home page;
http://www.safehousesoftware.com/SafeHouseProfessional.aspx
They never did find out what was in there ;)
[ link to this | view in chronology ]
Re: oops
http://en.wikipedia.org/wiki/Rubber-hose_cryptanalysis
Like that.
[ link to this | view in chronology ]
Re: Re: oops
“Waterboarding Used 266 Times on 2 Suspects”, New York Times, April 19, 2009
[ link to this | view in chronology ]
Re: oops
[ link to this | view in chronology ]
Options
You could also tell them that it is the same password that you use for PSN and Sony stores user passwords in plain text, so goes ask them.
[ link to this | view in chronology ]
I understand their desire . . .
Sadly, we don't always get what we want.
[ link to this | view in chronology ]
Not sure I see ...
[ link to this | view in chronology ]
Re: Not sure I see ...
[ link to this | view in chronology ]
Re: Not sure I see ...
You choose what to stick in a safe. It has a very limited capacity. A PC, however, can have enough room to hold every digital file you're interested in, depending on how much you want to spend on storage space and form factor.
It's not so much that you're hiding something as there may be something in there you simply don't recall off the top of your head that they use against you in another way, much like a fishing expedition.
[ link to this | view in chronology ]
Re: Not sure I see ...
Personally in either case you should be able to claim Fifth amendment rights.
[ link to this | view in chronology ]
Re: Not sure I see ...
> drive or even to gain access to a PC is
> different than compelling someone to open
> a safe
The difference is that if you 'lose' the key to the safe, the government can still cut it open and get to the contents.
If you 'lose' a password, the government is basicaly SOL. And the government doesn't like to be SOL.
[ link to this | view in chronology ]
For example, if the penalties for not decrypting the data is five years in jail and decrypting the data would reveal a murder, it would be in the best interest of the laptop owner not to hand over any decryption keys.
Perhaps the law should limit the maximum possible penalties to the penalties for not decrypting. Then again, that's just not how reality works. If police see evidence of a murder on the laptop, they will now be tipped off about the murder and now they know to dig elsewhere for information and pretend that the laptop didn't help them. It would be hard to prove otherwise.
[ link to this | view in chronology ]
Re:
For example, if the penalties for not decrypting the data is five years in jail and decrypting the data would reveal a murder, it would be in the best interest of the laptop owner not to hand over any decryption keys.
There's one little snag in your plan; If a judge orders you to decrypt a computer and you refuse, you will be held in contempt of court. When this happens, the normal protections of the legal system don't apply and the judge will throw you in jail to rot until you do what he/she tells you. Judges have almost unlimited power to keep you in jail on a contempt charge and will do so until you comply.
[ link to this | view in chronology ]
Re: Re:
Existence of a lawful order
The contemnor's knowledge of the order
The contemnor's ability to comply
The contemnor's failure to comply
http://en.wikipedia.org/wiki/Contempt_of_court
[Emphasis Added]
Oops, I forgot the password.
[ link to this | view in chronology ]
Re: Re: Re:
In totalitarian states, they don't have to prove nuthin'.
Iow, in Soviet Russia, is not joke.
[ link to this | view in chronology ]
Re: Re: Re: Re:
It has many of the symptoms of Russia. Big business bail outs, government is protective of big business in many other ways, the government getting away with all sorts of things (ie: warrantless wiretapping, domain seizures just to protect big business) with no due process, etc...
[ link to this | view in chronology ]
Re: Re: Re:
So the court is supposed to believe that a person has suddenly forgotten the password to a computer that they were using on a daily basis? Or that the person kept a computer set up, even though they could no longer use it because of a forgotten password?
Neither one is very believable.
[ link to this | view in chronology ]
Re: Re: Re: Re:
Doesn't matter what they believe. Just what they can prove.
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Lost the key
If you forgot the password to your encrypted disk let them hire someone to crack the encryption.
No need to shred the 5th amendment.
They more they push this issue the more people will fight back with new technology. For example criminal hears his front door get knocked in, presses a certain keyboard combination causing his solid state encrypted hard drive, along with some fuel source, to catch fire and become ashes in a matter of seconds.
They should be happy enough that given enough time they might some day be able to decrypt some data.
But no thats not good enough, they want to see technology advance so they are left with a pile of ashes to decrypt.
I could even see a company selling such a hard drive.
It would be encased in such a way that when activated it would not start a fire externally. It would be activated by not seeing the correct pass-phrase after some period of time or after X number of incorrect pass-phrase attempts. Maybe even activated if it detected being tampered with physically.
Companies and Governments would purchase these in bulk for laptops that contain sensitive data.
No more concerns over lost laptops!
Anyone want to invest and help me bring this to market?
Thanks DOJ for inspiring this awesome idea!
[ link to this | view in chronology ]
Re: Lost the key
[ link to this | view in chronology ]
Re: Re: Lost the key
[ link to this | view in chronology ]
Re: Lost the key
> knocked in, presses a certain keyboard combination
> causing his solid state encrypted hard drive,
> along with some fuel source, to catch fire
> and become ashes in a matter of seconds.
We had a CP case years ago where we served the warrant on the guy, arrested him at his house and seized his computers. Took them back to our office for forensic examination and when we started them up, found every single disk and drive was completely blank.
Turns out he embedded extremely powerful magnets in the door frame and window frame of the room where he kept the computers and when the computers were taken out through the door, it wiped the drives.
[ link to this | view in chronology ]
Re: Re: Lost the key
[ link to this | view in chronology ]
TrueCrypt
[ link to this | view in chronology ]
The Post-It® note was Scotch-Taped® to the monitor!
Really, when they start ordering you to give up what's in your mind, the only other reasonable answer is, "Fuck you."
And if you tell 'em "Fuck you" like they fully deserve, they'll probably throw you in jail. Under these circumstances, there's no moral duty to tell 'em the truth.
Give the soviet bastards your name, rank and serial number. Then try to stay alive, and escape back to freedom. Die, if you have to.
[ link to this | view in chronology ]
here you go
It's ABCDEF123
That doesn't work.
Someone must have tampered with the drive. That is my password.
[ link to this | view in chronology ]
Re: here you go
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Personally, (assuming TrueCrypt) if I were really paranoid I'd be using a hidden volume container inside it's outer volume, and I'd move that into a small virtual machine's hidden volume.
Lots of risky entropy, yes. But it's sure a lot faster to wipe a 20GB VM than an entire drive. And copies of the VM can be stored off-site in case the primary is wiped.
[ link to this | view in chronology ]
Re:
I personally am not that paranoid/would never put anything incrementing on something the government could get their hands on.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re:
If you don't encrypt the system drive, then any data accessed on that system is not secure. It is technologically simple to get data out of various cache and temporary files, such as the Windows pagefile. Which is stored in your unencrypted system drive.
Heck, RAM isn't even completely secure after the system is off. Data (including your encryption key) can be pulled off it for minutes even after power is removed, depending on temperature. http://en.wikipedia.org/wiki/Cold_boot_attack
[ link to this | view in chronology ]
wireless capture keystroke
http://hacknmod.com/hack/two-new-methods-for-wireless-
keystroke-sniffing/
[ link to this | view in chronology ]
Encryption
[ link to this | view in chronology ]
Different violation
The appropriate answer is, "All the data has been delivered, you have it right there". AFAIK there has never been a requirement for the discoveree to interpret data for the opposing party. If it were in a language they didn't understand, for example, it would be their own responsibility to find a translator.
[ link to this | view in chronology ]
Re: Different violation
[ link to this | view in chronology ]
Re: Re: Different violation
$ strings /dev/sdc | less
[ link to this | view in chronology ]
Encryption
[ link to this | view in chronology ]
Re: Encryption
Nah, that's what water-boarding is for.
[ link to this | view in chronology ]
Re: Re: Encryption
[ link to this | view in chronology ]
Re: Re: Re: Encryption
[ link to this | view in chronology ]
Re: Re: Re: Re: Encryption
[ link to this | view in chronology ]
Enforcement
However, it seems like if I know that what's on the computer will get me convicted and sent to prison, I'd certainly prefer 6 months to a year in the county jail for contempt over 10 years in the federal penitentiary for mortgage fraud or whatever.
[ link to this | view in chronology ]
about that laptop...
[ link to this | view in chronology ]
@ steve....good point, and I'll tell you why...
A requirement to type in the password is contrary to the 13th Amendment (not that any of them are respected in USA anymore).
The appropriate answer is, "All the data has been delivered, you have it right there". AFAIK there has never been a requirement for the discoveree to interpret data for the opposing party. If it were in a language they didn't understand, for example, it would be their own responsibility to find a translator.
years ago, when after a false conviction and an appeal I requested transcripts of the proceedings of my court case, and they came alright, but were in the "symbolized' shorthand of the court stenographer, and most people don't realize this, but they all have different styles, so only the person who wrote them, would ever have a shot at decrypting them, so basically, when asked if I HAD been given a copy of the transcripts, I had to say yes, but they were unreadable, he said, that's not my fault, and eventually dismissed my case! the conviction stands!
[ link to this | view in chronology ]
sohbet
[ link to this | view in chronology ]