Decrypt Laptop, or Go Directly to Jail
 

So if you have data encrypted to keep anyone else from getting it, you can be ordered by someone playing judge to hand it over or go to jail. In this case it is a perv it looks like.
http://www.wired.com/threatlevel/201...eadline-looms/

"e-Donkey"? I thought no-one's used that for a decade?

I remember a crook in Chicago made an argument when he was caught with a handgun. The charge was an unregistered firearm. His winning excuse was if he had tried to register it, he would have been in effect giving evidence to incriminate himself.

Sad these types of cases involve serious crimes against civilization and yet some person uses civilized laws to protect themselves.

I know of this case and a few others like it, not sure why the judge feels one has no right to the 5th. It is like asking a person where they buried the body? Hey, where is the bank money? Oh, sir, how fast were you going?

This is why whole HDD encryption cannot deter this. They can see that it is there, and that it is encrypted. That's why plausible deniability is very important in any encryption scheme. It also helps you in case someone steals the item. They can always brute-force your encryption, and may get through if your password is predictable or common or if the encryption scheme is outdated (cryptoloop).

NOTE: I'm not saying that you should do illegal things and then encrypt them. However, for questionable or personal material, you definitely should encrypt them.

Shrug ... It's called a search-warrant. The law does have the right to investigate and to gather evidence. A judge does have the right to issue orders that you must comply with. They also have the obligation to handle the encrypted data in such a way as not to compromise the privacy of "you, of course, sorry to have bothered you, indeed an innocent man."

On the one hand, we have "your privacy." On the other hand, we have "our society."

When you have no privacy in society, you better start looking for a new place to live, unless you enjoy oppression ... and I'm sure many will.

The judge's order in this case is a search warrant. While you're not allowed to hinder the police as they execute said warrant, you're not obliged to help them in any way either.

If the police says: "Open this door", you either open it or get it kicked in. You don't get to claim damages for your broken door, but it's not illegal to refuse to open the door either.

If the police says: "Do you have such-and-such material in your apartment" or "where is <whatever they're looking for>", you have the right not to answer.

If there are encrypted files on your hard drive, should you have to provide the key? If you do, you confirm that you have the key and as such at least have access to the material in question. This may amount to self-incrimination.

So if the law demands you give up the key, it's not a matter of "decrypt laptop, or go directly to jail", but rather "decrypt laptop or not, go to jail anyway" which seems unreasonable.

Not to mention "forget key to encrypted, non-incriminating material and go to jail" which seems even worse. Or how about "produce the key to material planted by someone else without your knowledge, or go to jail"?

The situation is a bit more complicated than what you describe. According to the linked paper,

As I understand it, the prosecutor already has enough evidence from the already decrypted drive to bring charges
against the suspect, and the judge considers that asking the suspect to provide the decryption keys for the other
drives will not lead to self-incrimination. I suppose that if the other drives are found to contain also child
pornography the prosecutor will not bring separate charges for each drive, but I am not familiar with the US criminal law.

Then, the argument made by the lawyer for the suspect is rather strange:
All encryption schemes I know of are one-to-one transformations, so the data never ceases to exist, it is just
transformed into an equivalent representation by a mapping whose inverse is simply too long to calculate in a reasonable time without knowledge of the key.

Not everyone who encrypts drives is hiding illegal stuff. It is to protect against thief or lost. I have an encrypted usb stick in which I store my passwords for many sites.

Obviously. But if you have read the article, you know this is about a defendant accused of downloading illegal
material from e-Donkey. The police obtained a search warrant and seized 15 encrypted hard drives. Then, from
the paragraph I quoted, the judge initially refused the request of the prosecutor that the defendant gives
the passwords to decrypt the disks. The judge reverted his opinion only after one drive was decrypted without help
from the defendant and the illegal material was found. You are from NY, so you know better the US justice
system than me. I am just guessing that a 5th amendment defense does not work in that case since the prosecutor
cannot give him one charge of possession of illegal material for each drive, i. e. the charges will not be more
severe when all the drives are decrypted, so in effect the defendant cannot incriminate himself more by giving
the passwords. Also, I am guessing also that a 4th amendment defense will not work since the police already had probable cause when seizing the drives, and has obtained another one by deciphering one of the drives.

As far as I am concerned, I would do as one of the posters suggested, and encrypt only files that contain confidential material but not whole hard disks. Even if a fully encrypted disk contains only very mundane
material, it can arise suspicion from customs agents when traveling abroad.

I personally don't think that the opposite of "privacy" is "oppression." I actually prefer to give society (although, not politicians :) ) a little-bit more leniency than that. Call me Ishmael ...

Anyhow: the basic legal principle is that, when investigating a situation where it appears that a crime may have been committed, the law does have the right to obtain a warrant ... but only a very-particular one which details exactly what is being searched-for and for what purpose. This warrant must be issued by a judge, but, once issued, it must be complied-with. The police will ask you to open your door, but a valid warrant also entitles them to kick it in. One way or another, the search-warrant entitles them to pass through that door, for that specific stated purpose. Exactly the same reasoning, therefore, also applies to "encryption," which is simply "a form of lock upon 'that door.'"

If you're guilty ... tough cookies. "You're just getting what's coming to you, you a@shole."

However ... "we will always be forever gracious." We will presume that you are, in fact, innocent. We will presume that all of that encrypted data is, in fact, protected for a bona-fide business reason. The warrant permits us to demand (and to obtain) access to the data, but only for a tightly-defined purpose. If, having obtained access to it, we determine that it does not in fact contain the evidence-of-a-crime that we suspected when we asked the judge to issue a warrant, we do not have the continuing right to keep the data, or to maintain it (while we do keep it) at a lesser level of security than you yourself had chosen. (It could, for example, be geologic profile data in oil-drilling country ... hence, legitimately worth hundreds of millions of dollars ... and that "junior law-clerk" could well be an industrial spy.)

If the culprit is guilty he should go directly to jail AND not collect $200 dollars...

I'd laugh if any of you guys had a encrypted drive going through a Border Patrol Checkpoint on the interstate (US side).

You would be in for a adventure like you would not believe.

https://www.youtube.com/watch?v=_4zYizaMmDo

Better take a video camera.

I guess it depends on where you live, where you are at, the position of the earth in the universe. On whether you
become the windshield or the bug in the area of the USA that I live in.

Papieren bitte !

Make sure your car isn't dirty.

The charge is "contempt of court" by not following the demand from the judge. It is the opinion of the court that they can demand the defendant to provide the password. What the court is doing is saying, your 5th claim isn't part of this case. You would then have to argue that case later if you were convicted. In the mean time, the defendant is being held under a very wrongful order. He is being held without bail or chance of bail.


I don't want to tell how to evade this court order but some of you smarter people already know how to get past this deal. The crook in Chicago was dumb enough to do the crime, dumb enough to get caught and not smart enough to protect his illegal data.


The crossing the border is a different deal. Not sure what rights a traveler has. Many other countries do enforce laws that require travelers to decrypt drives and open packages and submit to a search. That vato playing the cholo musica might want to re-record that sign posted on entry about being searched.

Sigh.

Naw Jefro. Nobody is crossing the border. Some of these checkpoints are 100's of miles into the USA.
I know Yankees are insulated from this kind of harassment. There are no Border Check Points
in Vermont or Ohio like there is down south here.

The Border Crossing Border Patrol Station is a totally different animal and is
more heavily fortressed and armed to the teeth. Passport is required to go through.

My video just shows one driving down a USA freeway and being ferried into a
Drunk driving kind of checkpoint. Instead of looking for drunk drivers. You
Have losers on power trips trying to ruin your life. One thing can lead to another.

You just don't know the half of it.
http://abcnews.go.com/Entertainment/...2#.UbSxxBVAZRQ

My ranch is in Esperanza TX. I used to drive through that checkpoint every day on my way to work.
I have seen a 85 year old man hand cuffed and locked up and sent to federal prison for a marijuana roach in his ash tray.

Common sense aint too common any more.


Come down to the border and find out.

I'm afraid of what I'll find when I return to Texas ... will it be fascist ? I think it might be. It's sad, and I know it's just the beginning :(

Here's a good article on this:
https://en.wikipedia.org/wiki/Disk_encryption_theory
The best current method is used by dm-crypt (cryptsetup), which is CBC + ESSIV (protects against watermarking attacks). XTS is newer, and although many recommend it, there are potential issues (see article).

cryptoloop is outdated because older ones use ECB, which is vulnerable to numerous attacks:
https://en.wikipedia.org/wiki/Block_...book_.28ECB.29
or CBC without ESSIV, which is vulnerable to watermarking attacks:
https://en.wikipedia.org/wiki/Watermark_attack

Here's another interesting article:
http://cyberwarzone.com/did-nsa-put-...ption-standard

There's a good article here about 'key disclosure laws' concepts and where various countries stand on this https://en.wikipedia.org/wiki/Key_disclosure_law
In the UK for instance, they can compel you to hand them over or go to jail.

You'd have to ask a lawyer about what happens re deniable encryption; ie can the Police insist its there and you must hand over the keys, or can you insist its not there.
Presumably there'd have to be some sort of technical proof its there?

I seem to remember seeing discussions about the qn of what happens if you genuinely forget the key (or tell them you have)... can you go to jail anyway?
The answer iirc was yes, which could be an issue if eg you were carrying such stuff on behalf of eg oppressed person elsewhere and genuinely didn't need to know/have the key... think Amnesty Intl etc.

Unlikely situations in most cases, but they could happen....

I think they would need a proof, otherwise they would be asking you to do something that may not be possible.

I would certainly hope so ;), but you do sometimes see some very ... odd ... legal decisions announced in the media.

Supreme Court Decides Your Silence May Be Used Against You
http://yro.slashdot.org/story/13/06/...ed-against-you

I wonder if they will release the new version of the Constitution, edited for all the rights you no longer have. It would probably be a black piece of paper, or huge stack of unintelligible lawyer speak whereby you waive all your rights.

To add to H_TeXMeX_H

Governments making it up as they go
http://www.theatlantic.com/national/...o-come/276931/

http://www.courthousenews.com/2013/06/17/58578.htm

http://www.volokh.com/2013/06/17/do-...linas-v-texas/

Interesting video. (watch)
http://www.youtube.com/watch?v=6wXkI4t7nuc

I always thought if it were possible to have two passwords, one for normal decryption of the partition by the user and another special one that can be used when harassed. The later would instantaneously and without warning restore the system to a "factory settings" only once and then it overwrites the former password as the normal password.

Truecrypt is close, but I have an even better method. I can't say it tho, it's top secret ;)

I'll give you hint tho:
http://www.linuxquestions.org/questi...ablity-898812/
A small modification to this scheme goes a long way :)

I'm afraid that, if you rigged a "logic bomb" in your computer that would obliterate everything on it such that no one including yourself could now get to it ... then, if I were sitting on your jury, it would be damn near impossible for me to imagine how whatever-it-was could possibly have been anything but illegal.

If you encrypt something, it is presumably with the intent to be able to decrypt it. "Only you" should be able to use the information, if all works as you intend, but "you" will. The only reason why someone would conspire to do otherwise is because, well, "because he's guilty." You will have tarnished yourself so badly in my eyes that the mere suggestion of what might have been on that computer would be believable ... and the more lurid and awful it sounds, the better. This might be nothing more than "jurist psychology," but jurist psychology can certainly leave you hanging at the wrong end of a rope.

I don't think that stlt or Truecrypt are what I was thinking about.

However, consider Slackware for example, I think that my idea might be somewhat feasible. You would need to look in the initrd and locate the stage where cryptsetup is called and replace it with other bash commands. Should a specific kamekaze password match, then it will just silently start cleaning up commands. This would involve installing a minimal encrypted installation with the new password as the encryption key over the previously encrypted partition. A tiny partition would be needed to hold the needed image or packages. Finally the initrd will have to be replaced with a standard one. If the passwords do not match however, it will pass the password to cryptsetup for normal resumption of the booting up process (if the password is correct).

In this arrangement, the authorities would not find any evidence that you cleaned the encrypted partition as they would only find a tiny functional encrypted installation with a password that you could happily divulge. The data would be lost forever but you would not provide them with any evidence.

Chris

But what you can imagine is irrelevant (or at least it should be). People should only be sentenced to be guilty based on facts, not on imagination. AFAIK it is "Innocent until proven guilty" and not "Innocent until imagined guilty".

It's supposed to be, especially if you have a good lawyer.

They wouldn't try to access data on the PC by booting it up and entering the password, for that exact reason. Same reason as when they take a computer for forensic analysis, if it's switched on they don't shut it down in case there is a built in "wipe" bomb - they pull the power from it. It will all be done by a third party system.

Forensics on a properly encrypted partition would be a problem even for NSA:

As you seem well informed perhaps you can share your source for this information.