GeneralThis forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
So if you have data encrypted to keep anyone else from getting it, you can be ordered by someone playing judge to hand it over or go to jail. In this case it is a perv it looks like. http://www.wired.com/threatlevel/201...eadline-looms/
I remember a crook in Chicago made an argument when he was caught with a handgun. The charge was an unregistered firearm. His winning excuse was if he had tried to register it, he would have been in effect giving evidence to incriminate himself.
Sad these types of cases involve serious crimes against civilization and yet some person uses civilized laws to protect themselves.
I know of this case and a few others like it, not sure why the judge feels one has no right to the 5th. It is like asking a person where they buried the body? Hey, where is the bank money? Oh, sir, how fast were you going?
This is why whole HDD encryption cannot deter this. They can see that it is there, and that it is encrypted. That's why plausible deniability is very important in any encryption scheme. It also helps you in case someone steals the item. They can always brute-force your encryption, and may get through if your password is predictable or common or if the encryption scheme is outdated (cryptoloop).
NOTE: I'm not saying that you should do illegal things and then encrypt them. However, for questionable or personal material, you definitely should encrypt them.
Last edited by H_TeXMeX_H; 06-05-2013 at 04:22 AM.
Shrug ... It's called a search-warrant. The law does have the right to investigate and to gather evidence. A judge does have the right to issue orders that you must comply with. They also have the obligation to handle the encrypted data in such a way as not to compromise the privacy of "you, of course, sorry to have bothered you, indeed an innocent man."
On the one hand, we have "your privacy." On the other hand, we have "our society."
Shrug ... It's called a search-warrant. The law does have the right to investigate and to gather evidence. A judge does have the right to issue orders that you must comply with. They also have the obligation to handle the encrypted data in such a way as not to compromise the privacy of "you, of course, sorry to have bothered you, indeed an innocent man."
The judge's order in this case is a search warrant. While you're not allowed to hinder the police as they execute said warrant, you're not obliged to help them in any way either.
If the police says: "Open this door", you either open it or get it kicked in. You don't get to claim damages for your broken door, but it's not illegal to refuse to open the door either.
If the police says: "Do you have such-and-such material in your apartment" or "where is <whatever they're looking for>", you have the right not to answer.
If there are encrypted files on your hard drive, should you have to provide the key? If you do, you confirm that you have the key and as such at least have access to the material in question. This may amount to self-incrimination.
So if the law demands you give up the key, it's not a matter of "decrypt laptop, or go directly to jail", but rather "decrypt laptop or not, go to jail anyway" which seems unreasonable.
Not to mention "forget key to encrypted, non-incriminating material and go to jail" which seems even worse. Or how about "produce the key to material planted by someone else without your knowledge, or go to jail"?
The situation is a bit more complicated than what you describe. According to the linked paper,
Quote:
U.S. Magistrate William Callahan Jr. initially said the Fifth Amendment right against compelled self-incrimination protected Feldman from having to unlock his drives.
But last month, prosecutors convinced Callahan to change his mind. Among other reasons, the authorities were able, on their own, to decrypt one drive from Feldman’s “storage system” and discovered more than 700,000 files, some of “which constitute child pornography,” the magistrate said.
When the magistrate ruled against the government last month, the magistrate said the authorities did not have enough evidence linking Feldman to the data, and that forcing the computer scientist to unlock it would be tantamount to requiring him to confess that it was his. But that theory is now out the door, because the data on the decrypted drive contains pictures and financial information linking Feldman to the “storage system,” Callahan ruled last week.
As I understand it, the prosecutor already has enough evidence from the already decrypted drive to bring charges
against the suspect, and the judge considers that asking the suspect to provide the decryption keys for the other
drives will not lead to self-incrimination. I suppose that if the other drives are found to contain also child
pornography the prosecutor will not bring separate charges for each drive, but I am not familiar with the US criminal law.
Then, the argument made by the lawyer for the suspect is rather strange:
Quote:
Some encryption effects erasure of the encrypted data (so it ceases to exist), in which case decryption constitutes re-creation of the data, rather than simply unlocking still-existing data.
All encryption schemes I know of are one-to-one transformations, so the data never ceases to exist, it is just
transformed into an equivalent representation by a mapping whose inverse is simply too long to calculate in a reasonable time without knowledge of the key.
Not everyone who encrypts drives is hiding illegal stuff. It is to protect against thief or lost. I have an encrypted usb stick in which I store my passwords for many sites.
Not everyone who encrypts drives is hiding illegal stuff. It is to protect against thief or lost. I have an encrypted usb stick in which I store my passwords for many sites.
Obviously. But if you have read the article, you know this is about a defendant accused of downloading illegal
material from e-Donkey. The police obtained a search warrant and seized 15 encrypted hard drives. Then, from
the paragraph I quoted, the judge initially refused the request of the prosecutor that the defendant gives
the passwords to decrypt the disks. The judge reverted his opinion only after one drive was decrypted without help
from the defendant and the illegal material was found. You are from NY, so you know better the US justice
system than me. I am just guessing that a 5th amendment defense does not work in that case since the prosecutor
cannot give him one charge of possession of illegal material for each drive, i. e. the charges will not be more
severe when all the drives are decrypted, so in effect the defendant cannot incriminate himself more by giving
the passwords. Also, I am guessing also that a 4th amendment defense will not work since the police already had probable cause when seizing the drives, and has obtained another one by deciphering one of the drives.
As far as I am concerned, I would do as one of the posters suggested, and encrypt only files that contain confidential material but not whole hard disks. Even if a fully encrypted disk contains only very mundane
material, it can arise suspicion from customs agents when traveling abroad.
I personally don't think that the opposite of "privacy" is "oppression." I actually prefer to give society (although, not politicians ) a little-bit more leniency than that. Call me Ishmael ...
Anyhow: the basic legal principle is that, when investigating a situation where it appears that a crime may have been committed, the law does have the right to obtain a warrant ... but only a very-particular one which details exactly what is being searched-for and for what purpose. This warrant must be issued by a judge, but, once issued, it must be complied-with. The police will ask you to open your door, but a valid warrant also entitles them to kick it in. One way or another, the search-warrant entitles them to pass through that door, for that specific stated purpose. Exactly the same reasoning, therefore, also applies to "encryption," which is simply "a form of lock upon 'that door.'"
If you're guilty ... tough cookies. "You're just getting what's coming to you, you a@shole."
However ... "we will always be forever gracious." We will presume that you are, in fact, innocent. We will presume that all of that encrypted data is, in fact, protected for a bona-fide business reason. The warrant permits us to demand (and to obtain) access to the data, but only for a tightly-defined purpose. If, having obtained access to it, we determine that it does not in fact contain the evidence-of-a-crime that we suspected when we asked the judge to issue a warrant, we do not have the continuing right to keep the data, or to maintain it (while we do keep it) at a lesser level of security than you yourself had chosen. (It could, for example, be geologic profile data in oil-drilling country ... hence, legitimately worth hundreds of millions of dollars ... and that "junior law-clerk" could well be an industrial spy.)
I guess it depends on where you live, where you are at, the position of the earth in the universe. On whether you
become the windshield or the bug in the area of the USA that I live in.
The charge is "contempt of court" by not following the demand from the judge. It is the opinion of the court that they can demand the defendant to provide the password. What the court is doing is saying, your 5th claim isn't part of this case. You would then have to argue that case later if you were convicted. In the mean time, the defendant is being held under a very wrongful order. He is being held without bail or chance of bail.
I don't want to tell how to evade this court order but some of you smarter people already know how to get past this deal. The crook in Chicago was dumb enough to do the crime, dumb enough to get caught and not smart enough to protect his illegal data.
The crossing the border is a different deal. Not sure what rights a traveler has. Many other countries do enforce laws that require travelers to decrypt drives and open packages and submit to a search. That vato playing the cholo musica might want to re-record that sign posted on entry about being searched.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.