Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

US Judge Rules Defendant Can Be Forced To Decrypt Hard Drive

Soulskill posted more than 2 years ago | from the it's-not-incriminating-yourself-it's-just-pushing-buttons dept.

Privacy 1047

A Commentor writes "Perhaps to balance the good news with the Supreme Court ruling on GPS, a judge in Colorado has ordered a defendant to decrypt her hard drive. The government doesn't have the capability to break the PGP encryption, and 'the Fifth Amendment is not implicated by requiring production of the unencrypted contents' of the defendant's computer."

cancel ×

1047 comments

Sorry! There are no comments related to the filter you selected.

Talk or else! (5, Funny)

Zeroedout (2036220) | more than 2 years ago | (#38801329)

If you don't, you'll have to see a man with a $5 wrench...

Re:Talk or else! (5, Funny)

dmomo (256005) | more than 2 years ago | (#38801423)

No. This is the Government. That wrench cost about $2,000.

Re:Talk or else! (5, Informative)

Anonymous Coward | more than 2 years ago | (#38801509)

You've been reading this [xkcd.com] again, haven't you!

Re:Talk or else! (1, Funny)

Anonymous Coward | more than 2 years ago | (#38801563)

I Judge Robert Blackburn is stabbed repeatedly until he is dead. That scumbag is an enemy of the people.

Am glad that I ain't American !! (4, Insightful)

Taco Cowboy (5327) | more than 2 years ago | (#38801627)

No American judge gonna force me to decrypt anything !

I ain't gonna buckle under America's draconian laws

Re:Talk or else! (4, Funny)

fahrbot-bot (874524) | more than 2 years ago | (#38801659)

If you don't, you'll have to see a man with a $5 wrench...

Or rather: "Ah. You must be made of stronger stuff! Cardinal Fang! Get... THE COMFY CHAIR!"

no 5th? (5, Insightful)

MrDoh! (71235) | more than 2 years ago | (#38801343)

If there's incriminating evidence, surely this is a perfect example on why the person can't decrypt as it WOULD self incriminate them!

Re:no 5th? (4, Informative)

Kenja (541830) | more than 2 years ago | (#38801405)

The 5th amendment does not protect you from being required to provide subpoenaed materials. It just means you dont have to testify or speak out about maters which may incriminate you. I can easily see how supplying a password or decryption key would not be covered. But it would be a hard call to make in my opinion.

Re:no 5th? (5, Insightful)

maxwells_deamon (221474) | more than 2 years ago | (#38801495)

Produce the gun that was used in the robbery. Here is the subpoena

Re:no 5th? (2)

stanlyb (1839382) | more than 2 years ago | (#38801503)

Not if you generate a random key, and then deliberately destroy it/burn it. Of course you have to do it before the ruling.....

Re:no 5th? (4, Insightful)

SecurityTheatre (2427858) | more than 2 years ago | (#38801559)

The issue is that the government CANNOT compel you to talk about evidence in the case. I thought that was the essence of the 5th. So if you sit quietly, you are now guilty for not cooperating? You have the right to remain silent. Unless you are compelled to speak the password, in which case you no longer have the right to remain silent. Better change the wording... :-)

Re:no 5th? (3, Interesting)

rwven (663186) | more than 2 years ago | (#38801575)

Yeah it's not going to hold water once the SCOTUS gets ahold of it. I can't imagine this really holding up.

Re:no 5th? (1)

shentino (1139071) | more than 2 years ago | (#38801581)

Wouldn't this be a 4th amendment issue instead of a 5th amendment?

If you are compelled to hand over the password it's pretty much the same as handing over physical keys.

I'd attack this on grounds of search and seizure, not self incrimination.

Re:no 5th? (2)

jklovanc (1603149) | more than 2 years ago | (#38801665)

That is why a search warrant would be required.

Re:no 5th? (3, Interesting)

snowgirl (978879) | more than 2 years ago | (#38801671)

Wouldn't this be a 4th amendment issue instead of a 5th amendment?

If you are compelled to hand over the password it's pretty much the same as handing over physical keys.

I'd attack this on grounds of search and seizure, not self incrimination.

Yeah, I see the 5th amendment arising if they ask you to translate a language that only you speak (as you would have to give testimony to the content of the message). The 4th amendment would be them subpoenaing you to translate a language that numerous people speak... ("Higher a damn translator, I don't have to cooperate with your search, I just can't interfere.")

Had an issue once, and I turned over a notebook full of well... notes, as evidence to a lawyer. The English didn't need translation, and I translated the German for them, because they could just translate it anyways (better to unlock your door for a police search than have them bust down the door.) but my own private language? I told them that was confidential, and I wouldn't translate it until I were advised by a lawyer representing my interests to do so.

Re:no 5th? (2)

DigiShaman (671371) | more than 2 years ago | (#38801587)

So what's the difference between information strictly in your head vs undocumented material subpoenaed to be materialized before the court? It's de-facto incrimination to force the materialization of evidence via a subpoena. Is it not?

Re:no 5th? (0)

Anonymous Coward | more than 2 years ago | (#38801673)

The 5th amendment does not protect you from being required to provide subpoenaed materials. It just means you dont have to testify or speak out about maters which may incriminate you. I can easily see how supplying a password or decryption key would not be covered. But it would be a hard call to make in my opinion.

That was basically my argument. This is a clear violation of the fifth amendment. You aren't required to make their job easier. Codes have been common for a 1,000 years and yet they never included them in the Constitution. If it was in a language that there wasn't a translator available for would you be required to translate the document? There's no difference.

Re:no 5th? (2)

DesScorp (410532) | more than 2 years ago | (#38801707)

The 5th amendment does not protect you from being required to provide subpoenaed materials. It just means you dont have to testify or speak out about maters which may incriminate you. I can easily see how supplying a password or decryption key would not be covered. But it would be a hard call to make in my opinion.

Correct. The 5th amendment hasn't covered things like keys to a safe or a combination to a safe. I don't know why encryption would be held to a higher standard than that. The 5th has only covered verbal testimony. Physical objects and information related to those objects have never been considered the same thing as verbal testimony. To change that, it would take a Constitutional amendment.

Re:no 5th? (4, Informative)

Pseudonym (62607) | more than 2 years ago | (#38801443)

Ah, but incriminating evidence of what? She might be completely innocent of what she's charged with but guilty of something else. In fact, she probably is, and so are you [wsj.com] .

Re:no 5th? (1)

snowgirl (978879) | more than 2 years ago | (#38801609)

Ah, but incriminating evidence of what? She might be completely innocent of what she's charged with but guilty of something else. In fact, she probably is, and so are you [wsj.com] .

Fortunately, warrants must state clearly what they intend to fine, and if they find incriminating evidence of another crime, they have to obtain a separate warrant to return for that evidence.

This is a little different though, when they're in your house and making a sweep, rather than holding onto your files, where they can take their time.

non-obligatory XKCD (0, Redundant)

stixn (1881538) | more than 2 years ago | (#38801345)

I believe the XKCD in question is non-obligatory at this point.

Why we need plausible deniability encryption... (5, Informative)

faedle (114018) | more than 2 years ago | (#38801347)

"I forgot."

Re:Why we need plausible deniability encryption... (3, Funny)

MrDoh! (71235) | more than 2 years ago | (#38801387)

That's how I see it. The idea of files within files so you can reveal /something/ when you unlock the file also looks to be good. "ok, now the other passwrd" "what other one? that's it, that's all there is, 100gb file to hide my bankPassword.txt file"

Re:Why we need plausible deniability encryption... (4, Interesting)

Sparx139 (1460489) | more than 2 years ago | (#38801407)

Re:Why we need plausible deniability encryption... (0)

Anonymous Coward | more than 2 years ago | (#38801679)

Why can't I just pretend that the encrypted file is a random sequence I need to run Monte Carlo experiments?

Re:Why we need plausible deniability encryption... (2)

ethan0 (746390) | more than 2 years ago | (#38801541)

like a truecrypt hidden volume [truecrypt.org] ?

Re:Why we need plausible deniability encryption... (2)

kenj0418 (230916) | more than 2 years ago | (#38801425)

Assuming her lawyers fail to get the judges order reversed, or convince the judge she really can't comply, she just needs to decide whether the potential penalties of her alleged crimes (and whatever increased likelihood of conviction the data would cause) outweighs the time the judge is going to put her in jail for contempt. The article says bank fraud, wire fraud, and money laundering -- so forgetting sounds like a good idea.

Re:Why we need plausible deniability encryption... (1)

Anonymous Coward | more than 2 years ago | (#38801479)

contempt of court will result in you being detained without trial until you comply. If you can not comply you are at the mercy of the judge whose court you are in contempt of. If you never comply and the judge so wishes, you will remain imprisoned until you die.

Re:Why we need plausible deniability encryption... (2)

faedle (114018) | more than 2 years ago | (#38801549)

That rarely happens, at least in the United States.

And even if it does, in many cases you will be in a better facility than a maximum-security prison, depending on the state and the crime you are accused of. You will likely eventually be released, and you will have not been convicted of the crime, therefore retaining your civil rights (if you were accused of a felony).

That, or eventually they crack the crypto.

Re:Why we need plausible deniability encryption... (5, Insightful)

vell0cet (1055494) | more than 2 years ago | (#38801667)

"I do not recall" works really well for politicians. Why couldn't it work here?

Re:Why we need plausible deniability encryption... (0)

Anonymous Coward | more than 2 years ago | (#38801429)

Then, out comes the chair, the duct tape to bind your hands together and bind you to the chair, and the crowbar or baseball bat directed towards your head. This, in turn, is a win-win for teh sp00ks: Either you "suddenly remember" after a few blows, or enough of the part that would remember is damaged to the point where you actually DO forget, satisfying government efficiency standards by preventing a costly obstruction-of-justice investigation and trial. Case closed, taxpayer dollars saved! :-D

Really, if you're paranoid of the government enough to demand full-disk nearly-uncrackable encryption for your hard drive, I fail to see how your paranoia stops just short of them actually doing something about it.

Re:Why we need plausible deniability encryption... (0)

Anonymous Coward | more than 2 years ago | (#38801459)

Isn't the phrase "I cannot recall"?

Re:Why we need plausible deniability encryption... (0)

Anonymous Coward | more than 2 years ago | (#38801681)

That excuse only works for politicians.

Re:Why we need plausible deniability encryption... (1)

Doctor_Jest (688315) | more than 2 years ago | (#38801687)

My dog ate it. I accidentally flushed it with my morning poo. It's on Mars. I ate it. I used it to clean the grout in my bathroom.

Is this the same as.. (0)

Anonymous Coward | more than 2 years ago | (#38801353)

Issuing a warrant to enter a locked home?

Let the metaphor battles begin. I wonder which one convinced the judge that this was a reasonable thing to order.

Same as opening a safe. (1)

Anonymous Coward | more than 2 years ago | (#38801363)

If there's something in it, that they think related to a case, and can get a judge to approve a warrant, why wouldn't you be expected to produce it? Or do you think you can avoid a blood draw, or a recorded phone call not be used against you?

A confession is one thing. That's new evidence. Evidence you've already produced, now that's another matter.

Re:Same as opening a safe. (4, Informative)

DarwinSurvivor (1752106) | more than 2 years ago | (#38801397)

It's been fairly clearly defined in the past that you are not in any way expected to aid the police during the execution of a warrant, providing keys, passwords, etc is not required be it for the front door, a safe, a computer, etc. You may OFFER to provide them (so they don't need to damage your front door), but you are undre NO obligation to do so.

Re:Same as opening a safe. (2)

arbiter1 (1204146) | more than 2 years ago | (#38801547)

um, if it has a physical key, like a safe key you have to provide it, the 5th only protects you from doing testimony against yourself in court. Now passkey for a PGP file would be testimony.

Re:Same as opening a safe. (4, Insightful)

Anonymous Coward | more than 2 years ago | (#38801635)

You know, I can't find the citation right now... but you're ...sort of right.

If it's a physical key to a safe, and you have it, you must provide it.

If it is a /combination/ to a padlock -- you're not.

Of course, the feds don't give a shit since they're a pair of boltcutters or a drill bit away from the inside.

The real question would be if you had an 'unbreakable diamond safe with a combination' if they could require you to produce the combination.

Frankly, I choose to say no. When you create a class of crime for which there exists an innocent person who could not possibly prove prove innocence, you've created something that should not exist.

Of course, they are supposed to prove guilt in the US -- but the notion of knowing the mind of the criminal... is...fallacious at best.

Requiring a man to provide something from the contents of his mind is the very equivalence of creation of thoughtcrime.

Some disagreements in recent history (5, Informative)

byrnespd (531460) | more than 2 years ago | (#38801379)

I find it funny that a quick search on the subject yielded an article from the same site, with the opposite finding.

Article in 2007: Judge: Man can't be forced to divulge encryption passphrase
http://news.cnet.com/8301-13578_3-9834495-38.html [cnet.com]

Article in 2012: Judge: Americans can be forced to decrypt their laptops
http://news.cnet.com/8301-31921_3-57364330-281/judge-americans-can-be-forced-to-decrypt-their-laptops/ [cnet.com]

I'm fine with them breaking your encryption if they have probable cause; however, forcing you to give the password does seem to have a pretty straight-forward logical path to incriminating yourself (Especially if you are guilty and a subsequent search will yield something on the device).

Re:Some disagreements in recent history (5, Funny)

bondsbw (888959) | more than 2 years ago | (#38801455)

That's why my password is "I~Did-It". Then it actually would be self-incrimination to reveal the password.

Re:Some disagreements in recent history (5, Funny)

Anonymous Coward | more than 2 years ago | (#38801555)

Your password is too weak. Use passphrases, they're easier to remember and harder to hack.

Here's a few for example:
"My Hard Drive is full 0f stolen card data"
"I fed the body to neighbour's pigs"
"Me, with the candlestick, in the library"

Re:Some disagreements in recent history (1)

Anonymous Coward | more than 2 years ago | (#38801643)

They don't want her password; she was just ordered to provide a decrypted drive.

Re:Some disagreements in recent history (1)

Xphile101361 (1017774) | more than 2 years ago | (#38801537)

I disagree. They already have the hard drive. They have a warrant to read what is on the hard drive. What the suspect has basically done is destroy evidence and obstruct justice to prevent officers fulfilling their lawful duties.
If you had evidence in a safe and a device that would incinerate such evidence if you didn't open the safe with the proper pass code, I would also expect them to get a court order to force you to revel the pass code, or at least open the safe. The government shouldn't be forced to break down doors to obtain evidence.

Re:Some disagreements in recent history (4, Insightful)

Wrath0fb0b (302444) | more than 2 years ago | (#38801595)

I'm fine with them breaking your encryption if they have probable cause; however, forcing you to give the password does seem to have a pretty straight-forward logical path to incriminating yourself (Especially if you are guilty and a subsequent search will yield something on the device).

They aren't forcing you to give up the password, they are forcing you to deliver up evidence (in cleartext). Generally speaking, the right not to self-incriminate has never held to apply to tangible evidence like documents -- to which the court analogizes computer files. The distinction between testimony and evidence seems to me to be on old

If the armchair lawyers at /. want to suggest that the 5A privilege extends to documents (or that a defendant can protect documents from the courts merely by running TrueCrypt), they are most free to do so. I, at least, would caution that this would have serious implications for the investigation of white collar crime, financial malfeasance, collusion. The antitrust case [wikipedia.org] against Microsoft, for instance, was based largely on email correspondence that could well have been encrypted before the court ordered them disclosed -- and if such protection actually existed, would have certainly been encrypted if only to trigger that legal protection.

And, let's be honest, for every hapless Joe whose child pornography collection lands him in hot water, there will be a dozen of these well-dressed assholes with well-dressed-lawyers whose job it is to argue any and all points that have a chance of sticking to the fan. The law has this perverse sort of uniformity about it that let's everyone have the same sort of protections regardless of the circumstances that it was thought up in.

Re:Some disagreements in recent history (1)

shentino (1139071) | more than 2 years ago | (#38801647)

I'd consider it a 4th amendment issue of probable cause for a search.

And that's exactly what snooping through a laptop is, a search, encryption or not.

Re:Some disagreements in recent history (2)

zbobet2012 (1025836) | more than 2 years ago | (#38801651)

When multiple circuit courts result in differing opinons on the matter its generally a good indication that the Supreme Court will hear the matter at some point. The aforementioned GPS tracking case is a good example of this.

so take the next step (1)

viperidaenz (2515578) | more than 2 years ago | (#38801383)

Store the keys on a usb drive and don't memorise them. physically destroy the usb drive when you want the data effectively gone.

Re:so take the next step (2)

jbolden (176878) | more than 2 years ago | (#38801571)

That's called spoliation and is a crime already. You can't do anything to destroy evidence that a court is likely to be interested in.

Re:so take the next step (0)

Anonymous Coward | more than 2 years ago | (#38801669)

Yes, but if no one knows about said usb key then you can hardly be charged with destroying evidence.

Re:so take the next step (0)

Anonymous Coward | more than 2 years ago | (#38801641)

If the judge sees the fed's access to the unencrypted drive as evidence, removing their ability to access the evidence by physically destroying such usb access key may be deemed as destruction of evidence itself.

Re:so take the next step (1)

Balthisar (649688) | more than 2 years ago | (#38801653)

My new Win Vista laptop at work requires a USB key to even boot. I've been warned that if I ever lose that key, I'm screwed. I have no idea what the encryption key even is (I've not browsed the key, or even know if there's a filesystem on it). I'm hoping the key is something long and complex and not something stupid like "I.T. Guzé" or similar.

(I won't really be screwed, because I run Unison daily to back up everything that's important to a network drive anyway.)

Hello, Truecrypt (2)

Anonymous Coward | more than 2 years ago | (#38801385)

Now there's a solid reason to start using Truecrypt's hidden volumes. Like hell I'm going to risk having all my private data added to some poorly-secured government database, let alone have every finance-related username and password placed in the hands of some unaccountable underpaid government goon.

Pesky constitution (2, Insightful)

mykos (1627575) | more than 2 years ago | (#38801389)

This kills the fifth amendment, and the NDAA killed the first, fourth, and sixth amendments. The second amendment has been dead for decades. I think only the 21st amendment is safe in the entire constitution.

Re:Pesky constitution (5, Funny)

Idbar (1034346) | more than 2 years ago | (#38801471)

Is the 21 the one that talks about wealthy not expected to be convicted and the government should bail them out? Excuse my ignorance, I'm not from the US.

Re:Pesky constitution (5, Insightful)

snowgirl (978879) | more than 2 years ago | (#38801485)

the NDAA killed the first, fourth, and sixth amendments.

The NDAA provision is a statutory law, it CANNOT overrule any amendment. If they are in conflict, then the NDAA loses.

And after that, WTF? How did it kill the first amendment? Did it establish a relgion? Prohibit the free exercise of religion? Abridge the freedom of speech, or press? Or our right to peacefully assemble? Or did it eliminate our ability to petition the government for a redress of our grievances?

The second amendment has been dead for decades.

WTF? The Supreme court just recently ruled that the District of Columbia, and later a state jurisdiction as well are unable to effect regulation of gun ownership in a way that prohibits the ownership of a gun by the general citizenship. No less, the ruling also enforced that regulation of gun ownership cannot require that the gun be dismantled, or otherwise stored in a non-functional state.

And before anyone brings up the dissenting opinions in those cases, even the dissenting opinions stated that the 2nd amendment CLEARLY applies to all citizens, and not just to militia forces.

I think only the 21st amendment is safe in the entire constitution.

Your apocalyptic rhetoric is unnecessary hyperbole.

Re:Pesky constitution (1)

M. Baranczak (726671) | more than 2 years ago | (#38801557)

The 21st is intact for now, but MAAD is working hard to get rid of it.

On the other hand, the Third is doing great. When's the last time you had a soldier quartered in your home?

Re:Pesky constitution (0)

Anonymous Coward | more than 2 years ago | (#38801617)

The 21st is intact for now, but MAAD is working hard to get rid of it.

On the other hand, the Third is doing great. When's the last time you had a soldier quartered in your home?

Just the other day in fact! (My home being a barracks... but thats beside the point)

Re:Pesky constitution (1)

cats-paw (34890) | more than 2 years ago | (#38801683)

the second amendment has been dead for decades ?

this is why I can't take you 2nd amendment nutters seriously.

there more guns now in this country than there's ever been and you say the second amendment is dead.

and yet I can go down the street about 1 1/2 miles and buy myself a gun. I can even buy one when I'm insane and want to shoot 42 people on a university campus, or kill 8 people at an appearance by a congresswoman.

but the 2nd amendment is dead ?

pathetic.

depending (2, Insightful)

arbiter1 (1204146) | more than 2 years ago | (#38801391)

Depends on what is stored on that drive i would say No, and take the contempt of court charges.

Re:depending (1)

arbiter1 (1204146) | more than 2 years ago | (#38801451)

But really best way would be have say a dedicated server is another country that holds the encrypted data, even give a friend that lives in another country axx to use it. Then you can claims the data in question is not your and you don't know the password.

Re:depending (5, Insightful)

introp (980163) | more than 2 years ago | (#38801505)

You realize that you can be held indefinitely on contempt charges? As in, for the rest of your life or until you comply? There's no violation of your rights in that case because you are considered to hold the keys to your own cell, as it were.

Re:depending (1)

sortadan (786274) | more than 2 years ago | (#38801631)

Yeah, the "I can't recall" defense is the best option I would think if you didn't use a Plausible Deniability [truecrypt.org] encryption to begin with. Seems to work well for all the business executives and political scandal co-conspirators that get called before congress at any rate.

Re:depending (1)

Anonymous Coward | more than 2 years ago | (#38801657)

That's only in civil cases, not criminal cases.

Which key do I have to give? (4, Interesting)

DriedClexler (814907) | more than 2 years ago | (#38801399)

If the cipher doesn't require the ciphertext to give you a test for determining whether a given key is the right one, then you can claim that any key (including one you just made up from a thermal noise source) is the "real" key, and the fact that it decrypts to gibberish just means you were storing gibberish on the computer.

You won't be believed, but then at that point -- where the government gets to cross-examine and challenge your purported key -- you're pretty clearly coercing testimony, and much more obviously violating the fifth.

Where in the national park did you bury the body? (2)

maxwells_deamon (221474) | more than 2 years ago | (#38801483)

Where did you hide the gun?

That is really the same question. Give us information so we can do you over.

Where is the right to remain silent?

What if you type in 1234 and then say "hmmm. It did not work! It did before!" They can't put you under oath if you do not wish. You must avoid swearing a oath for the rest of you life but hey the are so screwed except for the current supreme court not really doing the job.

Re:Where in the national park did you bury the bod (1)

jbolden (176878) | more than 2 years ago | (#38801601)

The court looks refusal to answer a subpoena for information as obstruction. You have the right not to provide incriminating information. You do not have a right not to provide innocuous information which might lead to incriminating information.

From now on.. I'm taking extra measures. (1)

dmomo (256005) | more than 2 years ago | (#38801413)

First encrypt the naughty data into innocent decoy data with some reversible function/key.
Second... do a normal encryption on the decoy.

I suppose to do the first step would require a key as large as the data itself.

Good luck with that! (0)

Anonymous Coward | more than 2 years ago | (#38801417)

if this would happen to me, it would go down like this:
"This is the USB stick with the encryption key. Which was itself encrypted. The password I know, was only usable to decrypt the encryption key, which would then have then be used to decrypt the hard drive. You can have that password. It is 'hunter2'.
As you can clearly see, the stick is destroyed beyond recoverability, preventing cold forensics Since the moment you came through my door, to be precise.
My computer automatically overwrote its RAM and cache and crashed on removal detection, preventing hot forensics.
In other words: Go fuck yourselves, faggots!" ;)

Of course, then again, I'd not be dumb enough to get caught in the first place. [kym-cdn.com]

Re:Good luck with that! (1)

jbolden (176878) | more than 2 years ago | (#38801603)

Which is called spoliation is and a crime.

Encryption and security is about layers (4, Insightful)

mercnet (691993) | more than 2 years ago | (#38801427)

Since the laws mean nothing in the US anymore. TrueCrypt goes into great detail about making a decoy OS: http://www.truecrypt.org/docs/?s=hidden-operating-system [truecrypt.org]

Interesting quote (2)

maugle (1369813) | more than 2 years ago | (#38801441)

"You will obey or molten silver will be poured into your ears."

That's a fitting random quote from Slashdot if I ever saw one. Perhaps that's an implied part of "facing the consequences including contempt of court".

My encryption key is... (0)

hawks5999 (588198) | more than 2 years ago | (#38801447)

rm -rf /

Re:My encryption key is... (1)

sakdoctor (1087155) | more than 2 years ago | (#38801523)

You mean srm -rf /

And between journalled filesystems and NAND based storage, it probably still won't erase your data.

5th Amendment Clarification (0)

PDG (100516) | more than 2 years ago | (#38801467)

5th amendment protects one against oral testimony against oneself, not self-incrimination or being forced to provide evidence.

Re:5th Amendment Clarification (1)

arbiter1 (1204146) | more than 2 years ago | (#38801493)

well to decrypted the drive means you have to provide testimony of the PASSWORD to decrypt the drive, which then you are providing testimony against yourself.

Re:5th Amendment Clarification (1)

timeOday (582209) | more than 2 years ago | (#38801533)

So you wouldn't have any issue with coercing somebody to write testimony against themselves? Or compelling somebody to sign a "confession"? That seems pretty absurd.

Look, if setting up a phony corporation to launder money to influence politics is "speech," then a lot of things are speech.

Re:5th Amendment Clarification (1)

shentino (1139071) | more than 2 years ago | (#38801551)

Indeed

In theory we already have the 4th amendment to cover what basically amounts to an electronic search.

whoops forgot the key (0)

Anonymous Coward | more than 2 years ago | (#38801481)

I think it was on one of my shitty usb sticks lol, those things die constantly, I dont even know why i stored it there in the first place lol

This has come up before (1)

Psx29 (538840) | more than 2 years ago | (#38801487)

I remember reading about how it is illegal in the UK not to decrypt the contents of your computer if ordered to do so. Then as now I still think the best solution is a self-destructing key of some sort that deletes itself without user interaction.

Re:This has come up before (1)

jbolden (176878) | more than 2 years ago | (#38801613)

That's unfortunately also illegal. You have a positive obligation to preserve information that you believe is likely to be needed by a court. Once you believe it is likely if you fail to preserve it you are guilty.

What happend to the right to remain silent? (0)

Anonymous Coward | more than 2 years ago | (#38801517)

Just wondering...

Passphrase (0)

Citizen of Earth (569446) | more than 2 years ago | (#38801525)

Just make your password be a confession to a crime. Then, reveling it would be a confession to a crime, which is self-incrimination by definition. If they were to offer some kind of immunity deal to induce you to reveal the password, you could have made your confession be to the crime of copyright infringement on the file in question.

WTF (1)

shentino (1139071) | more than 2 years ago | (#38801527)

Who cares about the 5th amendment.

What about the 4th?

Simple: don't know your password (5, Interesting)

crimoid (27373) | more than 2 years ago | (#38801545)

"Sorry your honor, I used a very long password made up of computer-generated, random characters: one that I could not possibly remember. I had it written on a scrap of paper on my desk and would only need to type it in on the infrequent chance that I had to reboot my computer. .... You should ask the detectives to re-search through the evidence they collected as the scrap of paper is likely in what they took."

The judge's interpretation is spot on (2)

msobkow (48369) | more than 2 years ago | (#38801561)

The people shall be secure in their... effects ...papers...

As a society that hadn't even conceived of electronics, much less computers, I'm quite certain that they would have considered electronic documents to be equivalent to "papers".

Yet another nail in the heart of the US Constitution, and another denial of fundamental rights.

However, if the court issues a subpoena and/or a warrant for the papers, the court is entitled to access them, even if they're on an encrypted device. I'm not sure a simple judicial order from the bench qualifies, but certainly if the judge SIGNS an order he's in the right.

The protection of the constitution is against unreasonable search and seizure, not against justified and documented court inquiries.

I could see how some might wish to treat this as a Fifth Amendment issue, but the documents presumably exist on the hard drive. There is no additional information being demanded of the individual, only that they turn over EXISTING evidence.

Re:The judge's interpretation is spot on (2)

msobkow (48369) | more than 2 years ago | (#38801565)

Dang. I should have deleted the "another nail" sentence. It goes counter to my argument. *LOL* Typos, typos, typos. Always in a rush and with the typos... :P

Just don't write it down. (4, Insightful)

demonlapin (527802) | more than 2 years ago | (#38801567)

Remember, kids: if you have to do something illegal, do not write it down. Anywhere. Once you do, it's no longer something contained solely in your mind and nowhere else, and it is probably subject to subpoena, which will be deemed eminently legal. Don't put it in your diary. Don't tell anyone (you'll lose your expectation of privacy). If you must break the law, never ever speak about it. Do it and move on.

Fake passphrase (0)

Anonymous Coward | more than 2 years ago | (#38801569)

"Prosecutors in this case have stressed that they don't actually require the passphrase itself, and today's order appears to permit Fricosu to type it in and unlock the files without anyone looking over her shoulder. They say they want only the decrypted data and are not demanding "the password to the drive, either orally or in written form."

So this quote makes me wonder, what encryption software is out there that can be configured with a "doomsday" passphrase that will automatically begin some sort of secure delete process when entered? Of course with a fancy "decryption in progress" dialog window or something?

I guess if they figure out what you did, you could be charged with destruction of evidence but if that is a lesser sentence than the wire fraud it wouldn't be a bad move.

Re:Fake passphrase (4, Informative)

hawguy (1600213) | more than 2 years ago | (#38801655)

"Prosecutors in this case have stressed that they don't actually require the passphrase itself, and today's order appears to permit Fricosu to type it in and unlock the files without anyone looking over her shoulder. They say they want only the decrypted data and are not demanding "the password to the drive, either orally or in written form."

So this quote makes me wonder, what encryption software is out there that can be configured with a "doomsday" passphrase that will automatically begin some sort of secure delete process when entered? Of course with a fancy "decryption in progress" dialog window or something?

I guess if they figure out what you did, you could be charged with destruction of evidence but if that is a lesser sentence than the wire fraud it wouldn't be a bad move.

I think one of the first things they do is make an image of your hard drive, preserving the data, no matter what you do to it. Much better to keep the key itself on destructible media and destroy it when the cops knock at your door. Or steganographically hide it in plain sight in the digital picture frame with your kid's pictures. Without the passphrase, they can't prove that a suitably random key exists in a JPG.

Encrypting not enough? Then hide it too... (1)

American Patent Guy (653432) | more than 2 years ago | (#38801605)

This is stupid as a matter of policy. If I'm a criminal, and I want to keep my data a secret, then I just hide it within some other piece of legitimate data. All I have to do is encode my data within the low bits of a video or an audio file, and I'm there. To the police, it looks like an ordinary media file (with perhaps a little noise.) I predict that someone will write a driver within 6 months that mounts that noisy porno film as a filesystem. When it comes to technology, judges might as well be wearing baby bonnets and sucking their thumbs.

That darn Constitution... (2)

gimmebeer (1648629) | more than 2 years ago | (#38801615)

I didn't read, I don't know what this person is accused of. In the interest of objectivity, I don't want to know. He/she/it may be deserving of The Chair for all I know, but it's a right which is near and dear to our Previously Glorious Country's very foundation that if you choose to do so, you can refrain from saying or admitting evidence that may OR MAY NOT incriminate you. You are only refusing to give the prosecution potential evidence to incriminate you, and do you think you really understand all of the laws where you live better than your tax-payer funded local prosecutors?? And in Today's America, damn near any admission to police can incriminate you in one way or another. Therefore, pleading the 5th should be the default response to police questioning, it's an exorcise of your rights. It's NOT an admission of guilt, it's an embrace of your Constitutional rights. Police are trained to find a way to get you to say something, anything which is not 100% true, and from there they can tear apart your character in court and win a conviction. I've been there and seen it,as soon as an officer can contradict ANYTHING you say in court, you are finished in the eyes of most judges. The courts do not care, their salary is dependent upon convicting and fining a certain percentage of people. You don't have to be a master criminal, you just have to be a citizen that doesn't understand our modern justice system and it's goals. Not saying anything is not only your right, but it prevents police and prosecutors from turning your words against you. In other words, NEVER talk to police.... be it a statement or password.

Have you actually read the fifth amendment? (0)

Anonymous Coward | more than 2 years ago | (#38801629)

This is actually a legal grey area. You can legally be forced to turn over physical evidence and records *if* the prosecution can convince a judge that there is reasonable evidence that you are in possession of said evidence. *Property* can be seized with due process of law. In this case, it's reasonable to compare the encrypted data (as was mentioned previously) with the contents of a safe. They do have a legal right to seize the contents of the safe, with due process of course.

You cannot be forced to be a witness against yourself. This implies only verbal testimony once you consider that property, freedom, and even your life can be seized as it is written.

In re Boucher? (1)

elfprince13 (1521333) | more than 2 years ago | (#38801637)

Existing case law in a federal court in my home state says otherwise [wikipedia.org] . Off to the SCOTUS we go?

Hidden Volumes... (0)

Anonymous Coward | more than 2 years ago | (#38801697)

Thank goodness for Truecrypt's ability to handle hidden volumes...

Suspect: "Oh, sure I'll decrypt my hard drive... Oh, so you found nothing except old school assignments, pictures of me with ex girlfriends and some backed up freeware and songs I happen to own...? How fortunate for me? ...No, I don't find it at all suspicious that only 5% of my drive is being used...in fact, please excuse me and I'll tend to that right away...by downloading some public domain ebooks..."

And the "justice" system is thereby owned...

Applied Cryptography 2nd Edition, pp. xix -- xx (1)

DrJimbo (594231) | more than 2 years ago | (#38801703)

Preface

There are two kinds of cryptography in this world: cryptography that will stop your kid sister reading your files, and cryptography that will stop major governments from reading your files. This book is about the latter.

[...] The lesson here is that it is insufficient to protect ourselves with laws; we need to protect ourselves with mathematics. Encryption is too important to be left solely to the governments.

This book gives you the tools you need to protect your own privacy; cryptography products may be declared illegal, but the information will never be.

I fear that Bruce Schneier was being too optimistic although in another part of the book he asks in passing what would happen to civil liberties in the US if there was a major terrorist attack in New York City. The 2nd edition was copyrighted in 1996. It is still a great book IMO.

This may have already been said by others below .. (0)

tqk (413719) | more than 2 years ago | (#38801719)

'the Fifth Amendment is not implicated by requiring production of the unencrypted contents' of the defendant's computer.

What?!? It's okay to insist I provide you with the unencrypted contents of my encrypted filesystem? What? Why do you suppose I encrypted it in the first place, just for discussion purposes of course, ... Like you never in a month of days have any damned right whatsoever to read it in the first place if it's my private encrypted data?

You people are insane to put up with this !@#$. ... And I wish more people were tossing molotov cocktails into MafiAA offices, *BUT THAT'S JUST ME STATING AN OPINION, NOT ADVOCATING A COURSE OF ACTION, ffs!

USA (0, Insightful)

Anonymous Coward | more than 2 years ago | (#38801723)

Horrible place filled with human scum.

Security through obscurity (1)

Karmashock (2415832) | more than 2 years ago | (#38801729)

If they don't know there is encrypted information they can't ask you to reveal a password.

Hide it. Bury the data in meta data. Bury it in unwritten space on a partition. Then there is always the cloud. Bury your login and password and connection history in the machine somehow and then put the real meat of hte data in the cloud somewhere. Almost impossible for anyone to find it out there.

Finally... there is the science fiction notion of a "data haven"... sort of like a tax shelter for data. Places where you can store information and it can't be summoned without the authorization of the user. Compelling someone to reveal the data again would be problematic because the authorities won't know what the right user name might be... Ideally have more then one... one that has nothing in it and another that has everything.

Legality aside... people will find ways to hide information and keep it secret. So if a password protected partition doesn't work... then they need to come up with another system.

I like security through obscurity... The trick is to always have enough novel ways to hide the data that the authorities don't get expert in your means.

Survival of the weirdest.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>