LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices

Reply
 
LinkBack Search this Thread
Old 06-04-2013, 02:56 PM   #1
teckk
Senior Member
 
Registered: Oct 2004
Distribution: FreeBSD Arch
Posts: 1,737

Rep: Reputation: 184Reputation: 184
Decrypt Laptop, or Go Directly to Jail


So if you have data encrypted to keep anyone else from getting it, you can be ordered by someone playing judge to hand it over or go to jail. In this case it is a perv it looks like.
http://www.wired.com/threatlevel/201...eadline-looms/
 
Old 06-04-2013, 03:18 PM   #2
dugan
Senior Member
 
Registered: Nov 2003
Location: Canada
Distribution: distro hopper
Posts: 4,238

Rep: Reputation: 1299Reputation: 1299Reputation: 1299Reputation: 1299Reputation: 1299Reputation: 1299Reputation: 1299Reputation: 1299Reputation: 1299
"e-Donkey"? I thought no-one's used that for a decade?
 
Old 06-04-2013, 09:29 PM   #3
jefro
Guru
 
Registered: Mar 2008
Posts: 10,255

Rep: Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256
I remember a crook in Chicago made an argument when he was caught with a handgun. The charge was an unregistered firearm. His winning excuse was if he had tried to register it, he would have been in effect giving evidence to incriminate himself.

Sad these types of cases involve serious crimes against civilization and yet some person uses civilized laws to protect themselves.

I know of this case and a few others like it, not sure why the judge feels one has no right to the 5th. It is like asking a person where they buried the body? Hey, where is the bank money? Oh, sir, how fast were you going?
 
Old 06-05-2013, 04:20 AM   #4
H_TeXMeX_H
Guru
 
Registered: Oct 2005
Location: $RANDOM
Distribution: slackware64
Posts: 12,928
Blog Entries: 2

Rep: Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266
This is why whole HDD encryption cannot deter this. They can see that it is there, and that it is encrypted. That's why plausible deniability is very important in any encryption scheme. It also helps you in case someone steals the item. They can always brute-force your encryption, and may get through if your password is predictable or common or if the encryption scheme is outdated (cryptoloop).

NOTE: I'm not saying that you should do illegal things and then encrypt them. However, for questionable or personal material, you definitely should encrypt them.

Last edited by H_TeXMeX_H; 06-05-2013 at 04:22 AM.
 
Old 06-05-2013, 11:44 AM   #5
sundialsvcs
Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 5,051

Rep: Reputation: 953Reputation: 953Reputation: 953Reputation: 953Reputation: 953Reputation: 953Reputation: 953Reputation: 953
Shrug ... It's called a search-warrant. The law does have the right to investigate and to gather evidence. A judge does have the right to issue orders that you must comply with. They also have the obligation to handle the encrypted data in such a way as not to compromise the privacy of "you, of course, sorry to have bothered you, indeed an innocent man."

On the one hand, we have "your privacy." On the other hand, we have "our society."
 
Old 06-05-2013, 12:03 PM   #6
H_TeXMeX_H
Guru
 
Registered: Oct 2005
Location: $RANDOM
Distribution: slackware64
Posts: 12,928
Blog Entries: 2

Rep: Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266
Quote:
Originally Posted by sundialsvcs View Post
On the one hand, we have "your privacy." On the other hand, we have "our society."
When you have no privacy in society, you better start looking for a new place to live, unless you enjoy oppression ... and I'm sure many will.
 
Old 06-05-2013, 12:16 PM   #7
Ser Olmy
Senior Member
 
Registered: Jan 2012
Distribution: Slackware
Posts: 1,821

Rep: Reputation: Disabled
Quote:
Originally Posted by sundialsvcs View Post
Shrug ... It's called a search-warrant. The law does have the right to investigate and to gather evidence. A judge does have the right to issue orders that you must comply with. They also have the obligation to handle the encrypted data in such a way as not to compromise the privacy of "you, of course, sorry to have bothered you, indeed an innocent man."
The judge's order in this case is a search warrant. While you're not allowed to hinder the police as they execute said warrant, you're not obliged to help them in any way either.

If the police says: "Open this door", you either open it or get it kicked in. You don't get to claim damages for your broken door, but it's not illegal to refuse to open the door either.

If the police says: "Do you have such-and-such material in your apartment" or "where is <whatever they're looking for>", you have the right not to answer.

If there are encrypted files on your hard drive, should you have to provide the key? If you do, you confirm that you have the key and as such at least have access to the material in question. This may amount to self-incrimination.

So if the law demands you give up the key, it's not a matter of "decrypt laptop, or go directly to jail", but rather "decrypt laptop or not, go to jail anyway" which seems unreasonable.

Not to mention "forget key to encrypted, non-incriminating material and go to jail" which seems even worse. Or how about "produce the key to material planted by someone else without your knowledge, or go to jail"?

Last edited by Ser Olmy; 06-05-2013 at 12:17 PM.
 
Old 06-05-2013, 02:34 PM   #8
edorig
Member
 
Registered: Apr 2013
Location: France
Distribution: Slackware; Scientific Linux
Posts: 105

Rep: Reputation: Disabled
The situation is a bit more complicated than what you describe. According to the linked paper,

Quote:
U.S. Magistrate William Callahan Jr. initially said the Fifth Amendment right against compelled self-incrimination protected Feldman from having to unlock his drives.

But last month, prosecutors convinced Callahan to change his mind. Among other reasons, the authorities were able, on their own, to decrypt one drive from Feldman’s “storage system” and discovered more than 700,000 files, some of “which constitute child pornography,” the magistrate said.

When the magistrate ruled against the government last month, the magistrate said the authorities did not have enough evidence linking Feldman to the data, and that forcing the computer scientist to unlock it would be tantamount to requiring him to confess that it was his. But that theory is now out the door, because the data on the decrypted drive contains pictures and financial information linking Feldman to the “storage system,” Callahan ruled last week.
As I understand it, the prosecutor already has enough evidence from the already decrypted drive to bring charges
against the suspect, and the judge considers that asking the suspect to provide the decryption keys for the other
drives will not lead to self-incrimination. I suppose that if the other drives are found to contain also child
pornography the prosecutor will not bring separate charges for each drive, but I am not familiar with the US criminal law.

Then, the argument made by the lawyer for the suspect is rather strange:
Quote:
Some encryption effects erasure of the encrypted data (so it ceases to exist), in which case decryption constitutes re-creation of the data, rather than simply unlocking still-existing data.
All encryption schemes I know of are one-to-one transformations, so the data never ceases to exist, it is just
transformed into an equivalent representation by a mapping whose inverse is simply too long to calculate in a reasonable time without knowledge of the key.
 
Old 06-05-2013, 03:51 PM   #9
linuxCode
Member
 
Registered: Jun 2013
Location: New York City
Distribution: Arch
Posts: 33

Rep: Reputation: 43
Not everyone who encrypts drives is hiding illegal stuff. It is to protect against thief or lost. I have an encrypted usb stick in which I store my passwords for many sites.
 
Old 06-05-2013, 05:10 PM   #10
edorig
Member
 
Registered: Apr 2013
Location: France
Distribution: Slackware; Scientific Linux
Posts: 105

Rep: Reputation: Disabled
Quote:
Originally Posted by linuxCode View Post
Not everyone who encrypts drives is hiding illegal stuff. It is to protect against thief or lost. I have an encrypted usb stick in which I store my passwords for many sites.
Obviously. But if you have read the article, you know this is about a defendant accused of downloading illegal
material from e-Donkey. The police obtained a search warrant and seized 15 encrypted hard drives. Then, from
the paragraph I quoted, the judge initially refused the request of the prosecutor that the defendant gives
the passwords to decrypt the disks. The judge reverted his opinion only after one drive was decrypted without help
from the defendant and the illegal material was found. You are from NY, so you know better the US justice
system than me. I am just guessing that a 5th amendment defense does not work in that case since the prosecutor
cannot give him one charge of possession of illegal material for each drive, i. e. the charges will not be more
severe when all the drives are decrypted, so in effect the defendant cannot incriminate himself more by giving
the passwords. Also, I am guessing also that a 4th amendment defense will not work since the police already had probable cause when seizing the drives, and has obtained another one by deciphering one of the drives.

As far as I am concerned, I would do as one of the posters suggested, and encrypt only files that contain confidential material but not whole hard disks. Even if a fully encrypted disk contains only very mundane
material, it can arise suspicion from customs agents when traveling abroad.
 
Old 06-05-2013, 10:05 PM   #11
sundialsvcs
Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 5,051

Rep: Reputation: 953Reputation: 953Reputation: 953Reputation: 953Reputation: 953Reputation: 953Reputation: 953Reputation: 953
I personally don't think that the opposite of "privacy" is "oppression." I actually prefer to give society (although, not politicians ) a little-bit more leniency than that. Call me Ishmael ...

Anyhow: the basic legal principle is that, when investigating a situation where it appears that a crime may have been committed, the law does have the right to obtain a warrant ... but only a very-particular one which details exactly what is being searched-for and for what purpose. This warrant must be issued by a judge, but, once issued, it must be complied-with. The police will ask you to open your door, but a valid warrant also entitles them to kick it in. One way or another, the search-warrant entitles them to pass through that door, for that specific stated purpose. Exactly the same reasoning, therefore, also applies to "encryption," which is simply "a form of lock upon 'that door.'"

If you're guilty ... tough cookies. "You're just getting what's coming to you, you a@shole."

However ... "we will always be forever gracious." We will presume that you are, in fact, innocent. We will presume that all of that encrypted data is, in fact, protected for a bona-fide business reason. The warrant permits us to demand (and to obtain) access to the data, but only for a tightly-defined purpose. If, having obtained access to it, we determine that it does not in fact contain the evidence-of-a-crime that we suspected when we asked the judge to issue a warrant, we do not have the continuing right to keep the data, or to maintain it (while we do keep it) at a lesser level of security than you yourself had chosen. (It could, for example, be geologic profile data in oil-drilling country ... hence, legitimately worth hundreds of millions of dollars ... and that "junior law-clerk" could well be an industrial spy.)
 
Old 06-08-2013, 01:47 PM   #12
hak5freak
LQ Newbie
 
Registered: Jun 2013
Location: 3rd Rock from the Sun
Distribution: PClinuxOS 2013
Posts: 2

Rep: Reputation: Disabled
If the culprit is guilty he should go directly to jail AND not collect $200 dollars...
 
Old 06-08-2013, 02:20 PM   #13
rokytnji
Senior Member
 
Registered: Mar 2008
Location: Waaaaay out West Texas
Distribution: AntiX 13 , Various Puppys (MacPup,Slack0),MX-14
Posts: 2,143
Blog Entries: 12

Rep: Reputation: 643Reputation: 643Reputation: 643Reputation: 643Reputation: 643Reputation: 643
I'd laugh if any of you guys had a encrypted drive going through a Border Patrol Checkpoint on the interstate (US side).

You would be in for a adventure like you would not believe.

https://www.youtube.com/watch?v=_4zYizaMmDo

Better take a video camera.

I guess it depends on where you live, where you are at, the position of the earth in the universe. On whether you
become the windshield or the bug in the area of the USA that I live in.
 
Old 06-09-2013, 03:12 AM   #14
H_TeXMeX_H
Guru
 
Registered: Oct 2005
Location: $RANDOM
Distribution: slackware64
Posts: 12,928
Blog Entries: 2

Rep: Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266
Papieren bitte !

Make sure your car isn't dirty.
 
Old 06-09-2013, 11:18 AM   #15
jefro
Guru
 
Registered: Mar 2008
Posts: 10,255

Rep: Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256
The charge is "contempt of court" by not following the demand from the judge. It is the opinion of the court that they can demand the defendant to provide the password. What the court is doing is saying, your 5th claim isn't part of this case. You would then have to argue that case later if you were convicted. In the mean time, the defendant is being held under a very wrongful order. He is being held without bail or chance of bail.


I don't want to tell how to evade this court order but some of you smarter people already know how to get past this deal. The crook in Chicago was dumb enough to do the crime, dumb enough to get caught and not smart enough to protect his illegal data.


The crossing the border is a different deal. Not sure what rights a traveler has. Many other countries do enforce laws that require travelers to decrypt drives and open packages and submit to a search. That vato playing the cholo musica might want to re-record that sign posted on entry about being searched.

Last edited by jefro; 06-09-2013 at 11:20 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Connect 3.5" SATA HDD to Laptop directly over SATA into bay (not Firewire and USB) browny_amiga Linux - Hardware 15 12-07-2012 04:33 PM
[SOLVED] Chroot jail or Root jail bayprince Linux - Newbie 3 07-25-2011 07:43 PM
can't decrypt using openssl methodtwo Linux - Security 2 04-28-2010 03:37 PM
[SOLVED] chroot jail problem: 'empty' jail MatrixS_Master Linux - Security 4 03-27-2010 06:25 AM
Decrypt SSL ajaye1971 Linux - Security 1 08-30-2006 04:06 PM


All times are GMT -5. The time now is 11:26 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration