Justice Department Says It Should Be Able To Require People To Decrypt Their Computers

from the legal-questions dept

Another big legal question is hitting the courts, as the Justice Deparment is asking a federal judge to require a woman to decrypt her encrypted laptop as part of a lawsuit against her for a mortgage scam. The government claims that forcing her to decrypt the laptop is no different than standard discovery procedures, such as requiring someone open a safe. However, others, including the EFF, are arguing on Fifth Amendment grounds, that individuals should not be compelled to decrypt such encrypted content, on the grounds that it's a form of incriminating yourself, if the content is found to be useful in prosecution. As we've discussed in the past, some courts have found that people cannot be forced to turn over their encryption key on this very basis. However, this case is slightly different, in that the government is seeking to get around such earlier rulings, by saying that it just wants to require her to type the password in herself to decrypt the laptop -- rather than demanding the key itself. However, the EFF's brief (pdf) in the case suggests that this really isn't a huge difference, and just the decryption requirement alone would be a Constitutional problem.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: decryption, encryption, fifth amendment


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Aerilus, 12 Jul 2011 @ 4:06pm

    sadly they are already a few years behind, as in most cases technology has outstripped the court system. it is possible to to hide encrypted volumes inside encrypted volumes that are supposedly undetectable.

    link to this | view in thread ]

  2. identicon
    Anonymous Coward, 12 Jul 2011 @ 4:39pm

    0100011001110101011000110110101100100000010110010110111101110101

    link to this | view in thread ]

  3. identicon
    Anonymous Coward, 12 Jul 2011 @ 4:40pm

    4675636b20596f75

    link to this | view in thread ]

  4. icon
    Steven (profile), 12 Jul 2011 @ 4:40pm

    Re:

    They're not undetectable. It's actually not that hard for an expert to be able to tell there is another encrypted volume (although I think they must get into the first encrypted volume to do so). But the existence of a volume isn't immediately visible.

    If this were to go through a competent computer forensic guy (what the hell are they called?) could get into the first encrypted volume, discover the existence of the other encrypted volume and go back to force the user to proved access to it as well.

    The reason for this is that encrypted volumes have very high entropy that is not generally found under other circumstances.

    link to this | view in thread ]

  5. icon
    FUDbuster (profile), 12 Jul 2011 @ 4:57pm

    I think the EFF's got this one right. Forcing someone to type their password into a computer to decrypt it is a testimonial act. That person will then face the cruel trilemma: self-incrimination, perjury, or contempt. The Fifth Amendment doesn't allow that.

    link to this | view in thread ]

  6. icon
    Beta (profile), 12 Jul 2011 @ 5:01pm

    Re: Re:

    "Yes, your honor, my encrypted file is actually two volumes with different keys, it takes no special skill to see that. Here's my encryption tool, complete with source code: whenever I encrypt something it offers me a chance to put a second message in the second volume, and if I decline it just encrypts some random junk with a random key which it doesn't retain. In this file the first volume is some vacation photos, and I didn't put anything in the second. Honest, cross my heart."

    (There was a tool that did this years ago, I forget the name. It was briefly popular until someone discovered that the implementation was flawed and could be broken.)

    link to this | view in thread ]

  7. identicon
    Mike, 12 Jul 2011 @ 5:03pm

    oops

    Just type it in wrong a few times and claim the stress of the trial must have caused you to forget the password... how could they possibly prove you didn't forget it?

    link to this | view in thread ]

  8. identicon
    Anonymous Coward, 12 Jul 2011 @ 5:06pm

    Re: oops

    yup. I forget my passwords all the time.

    link to this | view in thread ]

  9. identicon
    Aerilus, 12 Jul 2011 @ 5:08pm

    Re: Re:

    well i would think that if they are trying to force them to give up the password that they probably aren't going to pay an expert consulting fees in order to analyze the encrytion.

    link to this | view in thread ]

  10. identicon
    Aerilus, 12 Jul 2011 @ 5:11pm

    Re: Re:

    well i would think that if they are trying to force them to give up the password that they probably aren't going to pay an expert consulting fees in order to analyze the encrytion. also I am not an expert on encryption by any means and you may be right but truecrypt documentation seems to argue that a hidden volume is undetectable (http://www.truecrypt.org/docs/) Maybe someone with a doctorate in computer forensics could pick up on that but how many of those people are employed by law enforcement.

    link to this | view in thread ]

  11. icon
    Steven (profile), 12 Jul 2011 @ 5:12pm

    Re: Re: oops

    "When you raided my house you lost the post-it note I keep the password on"

    link to this | view in thread ]

  12. identicon
    Anonymous Coward, 12 Jul 2011 @ 5:12pm

    Options

    Just forget your password, or tell them it is [insert person or group] + [insert derogatory remark], then when it does not work... oops that must have been my last one or something.

    You could also tell them that it is the same password that you use for PSN and Sony stores user passwords in plain text, so goes ask them.

    link to this | view in thread ]

  13. identicon
    Rob, 12 Jul 2011 @ 5:26pm

    I understand their desire . . .

    For instance, I should be able to have an army of Natalie Portman fembots.

    Sadly, we don't always get what we want.

    link to this | view in thread ]

  14. icon
    Ron (profile), 12 Jul 2011 @ 5:32pm

    Not sure I see ...

    ... why typing in your password to decrypt a drive or even to gain access to a PC is different than compelling someone to open a safe. In both cases you are unlocking a thing so the contents can be seen. The only difference is that in one case the contents are physical things and in the other they are digital. I presume that a search warrant is still required in either case and that should mean that the state has provided sufficient evidence to a court that there may be evidence pertient to the legal proceeding in the locked thing.

    link to this | view in thread ]

  15. identicon
    Anonymous Coward, 12 Jul 2011 @ 5:50pm

    One must compare the penalties of not decrypting vs the penalties of what you will get in trouble for if you do decrypt the info.

    For example, if the penalties for not decrypting the data is five years in jail and decrypting the data would reveal a murder, it would be in the best interest of the laptop owner not to hand over any decryption keys.

    Perhaps the law should limit the maximum possible penalties to the penalties for not decrypting. Then again, that's just not how reality works. If police see evidence of a murder on the laptop, they will now be tipped off about the murder and now they know to dig elsewhere for information and pretend that the laptop didn't help them. It would be hard to prove otherwise.

    link to this | view in thread ]

  16. icon
    someone (profile), 12 Jul 2011 @ 5:50pm

    Lost the key

    If they had a safe as evidence and you lost the key or forgot the combination they would hire a locksmith and get the evidence.

    If you forgot the password to your encrypted disk let them hire someone to crack the encryption.

    No need to shred the 5th amendment.

    They more they push this issue the more people will fight back with new technology. For example criminal hears his front door get knocked in, presses a certain keyboard combination causing his solid state encrypted hard drive, along with some fuel source, to catch fire and become ashes in a matter of seconds.

    They should be happy enough that given enough time they might some day be able to decrypt some data.

    But no thats not good enough, they want to see technology advance so they are left with a pile of ashes to decrypt.

    I could even see a company selling such a hard drive.
    It would be encased in such a way that when activated it would not start a fire externally. It would be activated by not seeing the correct pass-phrase after some period of time or after X number of incorrect pass-phrase attempts. Maybe even activated if it detected being tampered with physically.

    Companies and Governments would purchase these in bulk for laptops that contain sensitive data.
    No more concerns over lost laptops!

    Anyone want to invest and help me bring this to market?

    Thanks DOJ for inspiring this awesome idea!

    link to this | view in thread ]

  17. icon
    Chris Rhodes (profile), 12 Jul 2011 @ 5:57pm

    TrueCrypt

    Use TrueCrypt with a plausible deniability volume. You enter one password, you get the real volume. You enter another, you get a decoy volume instead.

    link to this | view in thread ]

  18. identicon
    Anonymous Coward, 12 Jul 2011 @ 5:57pm

    The Post-It® note was Scotch-Taped® to the monitor!

    Look, judge, the post-it was scotch-taped to the monitor when the cops took the computer... if the police can't find it now, then password must be lost.


    Really, when they start ordering you to give up what's in your mind, the only other reasonable answer is, "Fuck you."

    And if you tell 'em "Fuck you" like they fully deserve, they'll probably throw you in jail. Under these circumstances, there's no moral duty to tell 'em the truth.
    Give the soviet bastards your name, rank and serial number. Then try to stay alive, and escape back to freedom. Die, if you have to.

    link to this | view in thread ]

  19. identicon
    Anonymous Coward, 12 Jul 2011 @ 6:09pm

    Re: Not sure I see ...

    I think they can compel you to turn over a key to the safe, but not the combination that's in your head.

    link to this | view in thread ]

  20. identicon
    abc gum, 12 Jul 2011 @ 6:39pm

    Re: Re:

    incryption

    What about his security? It's gonna get worse as we go deeper.

    link to this | view in thread ]

  21. identicon
    Rekrul, 12 Jul 2011 @ 7:02pm

    Re:

    One must compare the penalties of not decrypting vs the penalties of what you will get in trouble for if you do decrypt the info.

    For example, if the penalties for not decrypting the data is five years in jail and decrypting the data would reveal a murder, it would be in the best interest of the laptop owner not to hand over any decryption keys.


    There's one little snag in your plan; If a judge orders you to decrypt a computer and you refuse, you will be held in contempt of court. When this happens, the normal protections of the legal system don't apply and the judge will throw you in jail to rot until you do what he/she tells you. Judges have almost unlimited power to keep you in jail on a contempt charge and will do so until you comply.

    link to this | view in thread ]

  22. icon
    Meek Barbarian (profile), 12 Jul 2011 @ 7:12pm

    Re: Not sure I see ...

    I think it goes back to the same issues Mike raises about border crossings.

    You choose what to stick in a safe. It has a very limited capacity. A PC, however, can have enough room to hold every digital file you're interested in, depending on how much you want to spend on storage space and form factor.

    It's not so much that you're hiding something as there may be something in there you simply don't recall off the top of your head that they use against you in another way, much like a fishing expedition.

    link to this | view in thread ]

  23. identicon
    Anonymous Coward, 12 Jul 2011 @ 7:25pm

    Re: Lost the key

    That sort of thing already exists in numerous forms.

    link to this | view in thread ]

  24. identicon
    Anonymous Coward, 12 Jul 2011 @ 7:42pm

    here you go

    What is your password?
    It's ABCDEF123
    That doesn't work.
    Someone must have tampered with the drive. That is my password.

    link to this | view in thread ]

  25. identicon
    Anonymous Coward, 12 Jul 2011 @ 8:20pm

    Re: Re:

    To prove contempt, the prosecutor or complainant must prove the four elements of contempt:

    Existence of a lawful order
    The contemnor's knowledge of the order
    The contemnor's ability to comply
    The contemnor's failure to comply


    http://en.wikipedia.org/wiki/Contempt_of_court

    [Emphasis Added]

    Oops, I forgot the password.

    link to this | view in thread ]

  26. identicon
    Anonymous Coward, 12 Jul 2011 @ 8:57pm

    Re: Re: Re:

    To prove contempt...


    In totalitarian states, they don't have to prove nuthin'.

    Iow, in Soviet Russia, is not joke.

    link to this | view in thread ]

  27. icon
    Ian (profile), 12 Jul 2011 @ 9:16pm

    If your password is a random string of gibberish, it'd be pretty easy to forget it if you weren't regularly typing it in. It'd be even easier to forget it if you had to memorize new random strings of gibberish (like the encryption password on your new computer).

    link to this | view in thread ]

  28. identicon
    Anonymous Coward, 12 Jul 2011 @ 10:09pm

    Re: Re: Re: Re:

    Unfortunately, the way the U.S. is heading ...

    It has many of the symptoms of Russia. Big business bail outs, government is protective of big business in many other ways, the government getting away with all sorts of things (ie: warrantless wiretapping, domain seizures just to protect big business) with no due process, etc...

    link to this | view in thread ]

  29. icon
    Jesse (profile), 12 Jul 2011 @ 10:10pm

    "It's not self-incrimination. See, we aren't asking you to say anything. Just write down a confession on this piece of paper here. Totally different."

    link to this | view in thread ]

  30. identicon
    Anonymous Coward, 12 Jul 2011 @ 10:20pm

    Re: here you go

    Disk failure.

    link to this | view in thread ]

  31. identicon
    TWiT, 12 Jul 2011 @ 10:22pm

    I learned the hard way to NEVER encrypt the system drive. A hiccup in a defrag can instantly become a everything-lost-forever nightmare.
    Personally, (assuming TrueCrypt) if I were really paranoid I'd be using a hidden volume container inside it's outer volume, and I'd move that into a small virtual machine's hidden volume.
    Lots of risky entropy, yes. But it's sure a lot faster to wipe a 20GB VM than an entire drive. And copies of the VM can be stored off-site in case the primary is wiped.

    link to this | view in thread ]

  32. icon
    Drew (profile), 12 Jul 2011 @ 11:57pm

    Re: Not sure I see ...

    Actually this goes to the fact that they don't actually need you to open the safe as they do have other means. However with a good encrypted drive they really do not have other means.

    Personally in either case you should be able to claim Fifth amendment rights.

    link to this | view in thread ]

  33. icon
    Drew (profile), 13 Jul 2011 @ 12:05am

    Re:

    If you were really paranoid you would have designed a battery powered electromagnet into your computer case that is designed to engage when the power plug is removed without holding down three other hidden "buttons" like a screw, etc. and then for good measure have pads of thermite ignite above each of your hard drives.

    I personally am not that paranoid/would never put anything incrementing on something the government could get their hands on.

    link to this | view in thread ]

  34. identicon
    chafporte, 13 Jul 2011 @ 12:39am

    wireless capture keystroke

    they can perfectly capture keystroke from the next door room

    http://hacknmod.com/hack/two-new-methods-for-wireless-
    keystroke-sniffing/

    link to this | view in thread ]

  35. icon
    Richard (profile), 13 Jul 2011 @ 12:44am

    Re: Re:

    They're not undetectable. It's actually not that hard for an expert to be able to tell there is another encrypted volume (although I think they must get into the first encrypted volume to do so). But the existence of a volume isn't immediately visible

    You are talking about Truecrypt - and it seems that you are reading from a second hand account of a research paper. The true situation is this:

    If you create a hidden volume then there are ways to detect its presence because of tell tale signs left in the "outer" volume by the operating system. However if you create a complete hidden operating system then there is no known way at present to detect its existence.

    Your comment about entropy is wrong. Truecrypt fills all the empty space on the drive with random (i.e. high entropy) data anyway - so there is no entropy diffence between encrypted data and empty space.

    link to this | view in thread ]

  36. identicon
    LyleD, 13 Jul 2011 @ 1:36am

    Re: oops

    There's an old story about Sheriff Dan Ring who did some weird stuff.. Part of the story is he used SafeHouse Explorer to encrypt a section of his work laptop..

    When Ring was arrested on Jan. 28, 2004, at Sea-Tac Airport, a detective read him his rights and asked for the password. Ring said he didn't know.

    When internal affairs investigator Capt. Cameron K. Webster questioned Ring on Oct. 1, 2004, he again asked for the password. Ring said he couldn't remember.

    Read the story, it's pretty interesting at times..
    http://www.seattlepi.com/default/article/Secrets-locked-away-in-encrypted-files-1179734.php

    The links from their home page;
    http://www.safehousesoftware.com/SafeHouseProfessional.aspx

    They never did find out what was in there ;)

    link to this | view in thread ]

  37. identicon
    Anonymous Coward, 13 Jul 2011 @ 6:15am

    Re: Re: Re:

    If you create a hidden volume then there are ways to detect its presence because of tell tale signs left in the "outer" volume by the operating system.

    Citation needed.

    link to this | view in thread ]

  38. identicon
    Anonymous Coward, 13 Jul 2011 @ 7:36am

    Re: Re: Re: Re:

    At the very least they can detect the presence of unpartitioned space. What should unpartitioned space look like? Is unpartitioned space generally composed of a bunch of random bytes in random order (which is what encrypted data attempts to mimic), or is unpartitioned space generally composed of patterned data?

    Or maybe they can simply destroy any unpartitioned space by changing the bytes around.

    link to this | view in thread ]

  39. identicon
    Anonymous Coward, 13 Jul 2011 @ 7:44am

    Re: Re: Re: Re: Re:

    (Ok, I'll spell it out, just in case it's not obvious from my previous post).

    I would go out on a limb and say that unpartitioned space is generally patterned.

    If you do a full format, what does the format software generally set the unused bytes to (depending on what you use to format the drive with and perhaps depending on the needs of the operating system). Zero? One? Or it'll arrange the bytes in some sort of patterned structure.

    If you do a quick format, what did you generally have before the format? An operating system? Some files? and what do these things consist of? Patterned data.

    A chunk of hard disk being composed of unpatterned data can be suspicious.

    link to this | view in thread ]

  40. identicon
    Anonymous Coward, 13 Jul 2011 @ 7:47am

    Re: Re: Re: Re: Re: Re:

    You're better off hiding data in a bunch of image files that you used your camera to take pictures with. If done right, it can be cryptographically difficult to detect.

    link to this | view in thread ]

  41. icon
    Josh in CharlotteNC (profile), 13 Jul 2011 @ 7:59am

    Re:

    I learned the hard way to NEVER encrypt the system drive.

    If you don't encrypt the system drive, then any data accessed on that system is not secure. It is technologically simple to get data out of various cache and temporary files, such as the Windows pagefile. Which is stored in your unencrypted system drive.

    Heck, RAM isn't even completely secure after the system is off. Data (including your encryption key) can be pulled off it for minutes even after power is removed, depending on temperature. http://en.wikipedia.org/wiki/Cold_boot_attack

    link to this | view in thread ]

  42. identicon
    Anonymous Coward, 13 Jul 2011 @ 8:01am

    Re: Re: Re: Re: Re: Re: Re:

    but basically, if you want to hide encrypted data, you're better off hiding this unpatterned looking data within patterned data. Make it look like some of the unpredictable elements within patterned data. For instance, you can quick format an operating system. Though we expect the data to be patterned, we don't expect to be able to determine an expected state of each bite. There is some expected unpredictable variance, and encrypted data can hide within that.

    For instance, you take a picture of the sky. The picture consists of multiple shades of blue. Do we expect the nine hundredth and fifty ninth pixel be #00FFFF or should it be #00FFFE . Either value are just as expected.

    link to this | view in thread ]

  43. identicon
    Anonymous Coward, 13 Jul 2011 @ 8:03am

    Re: Re: Re: Re: Re: Re: Re: Re:

    either value is just as expected *

    link to this | view in thread ]

  44. icon
    Josh in CharlotteNC (profile), 13 Jul 2011 @ 8:11am

    Re: oops

    how could they possibly prove you didn't forget it?

    http://en.wikipedia.org/wiki/Rubber-hose_cryptanalysis

    Like that.

    link to this | view in thread ]

  45. identicon
    Anonymous Coward, 13 Jul 2011 @ 8:22am

    Re: Re: oops

    Rubber-hose_cryptanalysis


    Waterboarding Used 266 Times on 2 Suspects”, New York Times, April 19, 2009

    link to this | view in thread ]

  46. icon
    BongoBern (profile), 13 Jul 2011 @ 9:06am

    Encryption

    I don't have anything that needs encryption, or encrypted erasure, but I have those programs anyway - because I can. If any old Tom, Dick, or Harry can demand the key, what good is having the program? If the government needs to decrypt something they must do what responsible governments have always done and crack the code! It's good for the brain!

    link to this | view in thread ]

  47. identicon
    Anonymous Coward, 13 Jul 2011 @ 10:00am

    Re: Re: Lost the key

    I am curious about that. How the authorities prevent that from happenning? Do they power off electricity?

    link to this | view in thread ]

  48. identicon
    Steve, 13 Jul 2011 @ 10:36am

    Different violation

    A requirement to type in the password is contrary to the 13th Amendment (not that any of them are respected in USA anymore).

    The appropriate answer is, "All the data has been delivered, you have it right there". AFAIK there has never been a requirement for the discoveree to interpret data for the opposing party. If it were in a language they didn't understand, for example, it would be their own responsibility to find a translator.

    link to this | view in thread ]

  49. identicon
    Keya, 13 Jul 2011 @ 10:53am

    Encryption

    They'll have to pry MY passwords out of my cold, dead fingers.....

    link to this | view in thread ]

  50. identicon
    Rekrul, 13 Jul 2011 @ 11:55am

    Re: Re: Re:

    Oops, I forgot the password.

    So the court is supposed to believe that a person has suddenly forgotten the password to a computer that they were using on a daily basis? Or that the person kept a computer set up, even though they could no longer use it because of a forgotten password?

    Neither one is very believable.

    link to this | view in thread ]

  51. identicon
    Anonymous Coward, 13 Jul 2011 @ 12:38pm

    Re: Encryption

    They'll have to pry MY passwords out of my cold, dead fingers.....

    Nah, that's what water-boarding is for.

    link to this | view in thread ]

  52. icon
    btr1701 (profile), 13 Jul 2011 @ 1:00pm

    Enforcement

    If the court rules that encryption passwords are non-testimonial, what can they do if someone claims to have forgotten their password? The common remedy for such things (refusing to provide a voice-lineup, for example) is to jail the person for contempt until they comply. But such things have their limits. A few weeks to a month is typical. Anything approaching a year is very unusual.

    However, it seems like if I know that what's on the computer will get me convicted and sent to prison, I'd certainly prefer 6 months to a year in the county jail for contempt over 10 years in the federal penitentiary for mortgage fraud or whatever.

    link to this | view in thread ]

  53. icon
    btr1701 (profile), 13 Jul 2011 @ 1:08pm

    Re: Not sure I see ...

    > why typing in your password to decrypt a
    > drive or even to gain access to a PC is
    > different than compelling someone to open
    > a safe

    The difference is that if you 'lose' the key to the safe, the government can still cut it open and get to the contents.

    If you 'lose' a password, the government is basicaly SOL. And the government doesn't like to be SOL.

    link to this | view in thread ]

  54. icon
    btr1701 (profile), 13 Jul 2011 @ 1:11pm

    Re: Re: Re: Re:

    > Neither one is very believable.

    Doesn't matter what they believe. Just what they can prove.

    link to this | view in thread ]

  55. icon
    btr1701 (profile), 13 Jul 2011 @ 1:16pm

    Re: Lost the key

    > For example criminal hears his front door get
    > knocked in, presses a certain keyboard combination
    > causing his solid state encrypted hard drive,
    > along with some fuel source, to catch fire
    > and become ashes in a matter of seconds.

    We had a CP case years ago where we served the warrant on the guy, arrested him at his house and seized his computers. Took them back to our office for forensic examination and when we started them up, found every single disk and drive was completely blank.

    Turns out he embedded extremely powerful magnets in the door frame and window frame of the room where he kept the computers and when the computers were taken out through the door, it wiped the drives.

    link to this | view in thread ]

  56. icon
    nomoreredbull (profile), 13 Jul 2011 @ 2:10pm

    about that laptop...

    If the woman broke the law, and they want to look at her files, I think they would have to KNOW that information on there is detrimental to her, otherwise they wouldn't ask, and she wouldn't refuse...THAT SAID, if she is still in possession of the laptop, (unlikely of course) she could always format the hard drive and NOBODY would be able see what was on there, I think this is a test case for purposes other than prosecuting this woman, if they have THIS much on her, they don't need any info on her laptop, there are traces of her activities everywhere.

    link to this | view in thread ]

  57. icon
    nomoreredbull (profile), 13 Jul 2011 @ 2:18pm

    @ steve....good point, and I'll tell you why...

    Steve, Jul 13th, 2011 @ 10:36am
    A requirement to type in the password is contrary to the 13th Amendment (not that any of them are respected in USA anymore).

    The appropriate answer is, "All the data has been delivered, you have it right there". AFAIK there has never been a requirement for the discoveree to interpret data for the opposing party. If it were in a language they didn't understand, for example, it would be their own responsibility to find a translator.


    years ago, when after a false conviction and an appeal I requested transcripts of the proceedings of my court case, and they came alright, but were in the "symbolized' shorthand of the court stenographer, and most people don't realize this, but they all have different styles, so only the person who wrote them, would ever have a shot at decrypting them, so basically, when asked if I HAD been given a copy of the transcripts, I had to say yes, but they were unreadable, he said, that's not my fault, and eventually dismissed my case! the conviction stands!

    link to this | view in thread ]

  58. icon
    techflaws.org (profile), 13 Jul 2011 @ 10:21pm

    Re:

    That's crazy lawyer talk. I really can't wrap my head around the fact that ANYBODY could ever think these are different things.

    link to this | view in thread ]

  59. icon
    techflaws.org (profile), 13 Jul 2011 @ 11:10pm

    Re: Re: Encryption

    Damn, can't find the link to the corresponding XKCD comic.

    link to this | view in thread ]

  60. identicon
    Anonymous Coward, 14 Jul 2011 @ 12:34am

    Re: Re: Lost the key

    It is not likely this would work with modern drives, certainly not for drives made since 2005 that use Perpendicular Magnetic Recording (PMR). A high magnetic field is necessary for erasure and a quick glance shows the cost for these degaussers range from $8k - $20K. Also, remember that close proximity is required as the field strength drops off quite rapidly. Even a few inches away means that a permanent magnet or an electromagnet will not be effective in degauusing.

    link to this | view in thread ]

  61. identicon
    Anonymous Coward, 14 Jul 2011 @ 12:50am

    Re: Re: Re: Encryption

    link to this | view in thread ]

  62. icon
    techflaws.org (profile), 14 Jul 2011 @ 10:20am

    Re: Re: Re: Re: Encryption

    Thx.

    link to this | view in thread ]

  63. identicon
    chris, 16 Jul 2011 @ 2:37am

    Re: Re: Re: Re: Re:

    If the drive is new, unpartitioned space will probably be all zeros. That is why an important step before creating an encrypted volume is to fill the whole drive with random data. Most encryption tools do this automatically. This way, it will be hard to tell if encrypted data is present.

    link to this | view in thread ]

  64. identicon
    chris, 16 Jul 2011 @ 2:44am

    Re: oops

    Unfortunately, they don't have to prove it. A judge just has to believe you didn't forget it and you can be held in contempt of court. I'm not sure what the maximum penalty for that is. Surely they can't just keep you in jail until you either you give them the key or they decide you don't really know it.

    link to this | view in thread ]

  65. identicon
    chris, 16 Jul 2011 @ 3:28am

    Re: Re: Re:

    To prove contempt, the prosecutor or complainant must prove the four elements of contempt:
    Yes and they shouldn't be able to prove the third element if you forgot the password. However, a court's version of prove isn't some airtight formal proof adhering to all rules of logic. It's more like convince, as in a debate where fallacies are quite useful in bringing people to your side.

    link to this | view in thread ]

  66. identicon
    chris, 16 Jul 2011 @ 3:38am

    Re: Re:

    This makes me wonder what the laws are regarding booby trapping. Suppose you rig your computer in such a way that it explodes if carried outside of your house. Now suppose you aren't home when the police perform a search and take your stuff. How were you supposed to know?

    link to this | view in thread ]

  67. identicon
    chris, 16 Jul 2011 @ 3:46am

    Re: Different violation

    Exactly. Suppose you were skilled enough to use a filesystem that you invented yourself. Since no know else understands it, they would have no way of knowing if there was data or not. The bottom line is though that your story has to be believable. If you are accused of something, just arguing that the other side can't prove anything isn't gonna cut it. The jury/court has to believe that you are telling the truth.

    link to this | view in thread ]

  68. identicon
    Anonymous Coward, 16 Jul 2011 @ 11:13am

    Re: Re: Different violation

    ... a filesystem that you invented yourself. Since no know else understands it, they would have no way of knowing if there was data or not.


    $ strings /dev/sdc | less

    link to this | view in thread ]

  69. identicon
    chat, 16 Feb 2012 @ 2:39pm

    sohbet

    Unfortunately, they don't have to prove it

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.