Here is one of those oh-so-productive HN threads where virtually everyone is competing to find either cleverer or more emphatic ways of agreeing with the same statement; in this case, it's "the government shouldn't regulate encryption", but it might just as well be "the government shouldn't be electronically strip searching people at airports"†.
This phenomenon presents a manifold of problems, including:
* Because we appear to be unable to move past the most immediately obvious point, we can't fit any other thoughts in our head, like, "maybe there is a real societal problem that needs to be addressed here" --- not by regulating encryption, but, for instance, perhaps by allocating funding and training differently.
* It's boring to have a bunch of people with more or less the exact same life experiences competing to agree with each other.
* When it's not boring, it's exasperating, such as when the thread competes to build a case that all of law enforcement is a conspiracy to find more effective ways to predict who we're going to vote for --- or creepy, such as when people more or less suggest that child pornography isn't a real problem.
Two thoughts. That's all I'm asking. I agree that the first thought is "don't regulate full disk encryption". The second thought though should be something along the lines of, "yes, that's an interesting new problem for law enforcement"; it shouldn't be "OH MY GOD LOOK HERE'S THE GOVERNMENT LOOKING FOR ANOTHER EXCUSE TO SPY ON MY PORN STASH."
† I know, I was just as bad on those TSA threads as everyone else.
With regards to the point "maybe there is a real societal problem that needs to be addressed here"; the problem that I have with that possibility is that if the only evidence of any supposed crime that has occurred exists purely as bits on a digital storage device, it's hard to claim that crime was worthy of any sort of prosecution to begin with. Look at the guy that ended up prosecuted in the UK under RIPA part III, nobody believes he was actually any kind of criminal or threat, and yet they wanted to make a sacrificial lamb out of him just to emphasize how serious they were about having this power available to them.
Sure, it may be easier for the government to attack the digital storage device to find the terrorist's journal or plans or whatever, but that doesn't mean it's the only way to do it. If someone has been making bombs, there is plenty of evidence outside a document on an encrypted volume, etc etc etc. The entire idea that a crime can exist purely in information is a step too close to thought crime and all the problems that entails for my tastes.
If a crime supposedly exists, investigate the entire crime, not just some theoretical digital footprint on a supposedly inaccessible storage device. Don't try to backdoor negate the right to private information of the citizenry purely because you're too lazy and inept to do so.
if the only evidence of any supposed crime that has occurred exists purely as bits on a digital storage device, it's hard to claim that crime was worthy of any sort of prosecution to begin with.
What, really? How about when it's a photo on a digital device?
Yes, yes, they're fakable. But other evidence may not exist, or may not be findable without the knowledge embodied in that photo.
I found the actual paper on the issue much more appropriate in tone than the tech blog linked above. Nowhere it suggests to change laws (the "legal approach" is essentially to get warrants that allow surprise approaches to the targets), nor to regulate encryption.
The meat of the article is simply describing how investigators should be prepared to deal with FDE, when they expect to encounter it, both via legal and technical measures. This alone highly increases their chances of success.
Finally, this reminds me of Matt Blaze's analysis of the 2010 wiretap report, where in the 6 cases where encryption was found, 0 of them actually prevented evidence recovery. I suspect well-prepared law enforcement will be able to be as effective, even in spite of FDE.
I think the way threads like this go reflect the inane way that we as a society discuss important social issues.
At the risk of being boring, I agree with your two thoughts. I would say "this is an interesting problem for law enforcement. how can we solve this in a manner consistent with the spirit of the 4th amendment."
"""Because we appear to be unable to move past the most immediately obvious point, we can't fit any other thoughts in our head, like, "maybe there is a real societal problem that needs to be addressed here""""
You do understand that sometimes there just is not "a real societal problem"to be addressed.
"""It's boring to have a bunch of people with more or less the exact same life experiences competing to agree with each other."""
There is a problem of boredom with people "agreeing"? Really? We should disagree just for the fun of it? How about people agreeing on evolution?
Also, the "more or less exact same life experiences" part was totally an assumption, and I assume a wrong one. For one, I'm 8,000 miles away from the US and its life experiences, and I know tons of other on HN that also are.
"""When it's not boring, it's exasperating, such as when the thread competes to build a case that all of law enforcement is a conspiracy to find more effective ways to predict who we're going to vote for --- or creepy, such as when people more or less suggest that child pornography isn't a real problem."""
Well, in a world where tens of thousands of children die of hunger every single day, c/p is definitely not a real problem.
The production of it could be, or it could be not, depending if real children are used.
Even so, it's still is as marginal as they come, but it gets played in the media and such as if it is extremely prevalent, in order to justify bad laws government's need for other purposes.
It's like arguing thick walls and windows and strong door locks make it harder for law enforcement to break in to catch the criminals.
Nowadays, I'm very suspicious whenever they use the phrase "to fight against child pornography", because I just know they have a different agenda/priority in mind if they had to use that, but they'd rather give the child pornography line to the public.
Thick walls and windows and door locks do make it harder for law enforcement to break in and catch criminals. If technology drove the cost of fortified residences down to the point where random common criminals were more likely than not to live in nearly impregnable vaults, law enforcement would quite rightly have a reason for concern.
It is a fallacious nerd narrative that LEOs want super powers to keep track of what kind of anime porn you watch. They don't care. The day-in day-out of LEOs involves crimes so banal (embezzlement, narcotics, counterfeiting, &c) that they don't catch your attention.
What's changing is that technologies that dramatically raise the cost of investigating those crimes are now the default. As a civil libertarian, I'm glad of that. But as a citizen and a counterparty to the social contract, I can appreciate the underlying concern.
The thing you "just know" is false. They care a lot more about child pornography (which happens a lot more than you appear to think it does) than you think they do.
When they try to outlaw full disk encryption to increase their chances of catching child pornographers, let's all share outrage together. Until then, try opening your mind a little bit to LEO's concerns. They have real ones.
"What's changing is that technologies that dramatically raise the cost of investigating those crimes are now the default."
Do you really think so?
Last time I checked, facebook made really really easy to investigate the live of everyone as never before. I'm not the one that says that, the FBI chief officers said that.
Last time I checked, there are cameras anywhere in the cities, from banks and shops to circulation plates readers with days of video buffers, so if something bad happens(terrorism) they have more information(and less cost) than ever before.
Last time I checked, they store your telephone tower triangulation information that stores when you were at what time.
They even can analogize all telephone communications of the entire country on real time, store them on a hard drive, and transcribe it for easy searching.
Today this people have more information than ever, but of course, they want more because they want to control everybody.
Terrorism and children protection has become the wild card they use to break the freedom of the people, convert us in the serves and making them the masters ( I got to meet the TSA people).
I have a friend who is a cop, and on slow days they just browse through the facebook pages of suspects. People regularly publicly post pictures of themselves breaking laws. A paroled felon posted a picture of himself holding a rifle as his _profile picture_ (in the US it is illegal for any convicted felon to posses a firearm).
What are you objecting to, exactly? There's no indication that the police would bypass the judicial system in this case. I would assume they would knock on his door and ask him about it. If they still thought a crime occurred, they'd make an arrest, and then proceed through the system as usual.
> facebook made really really easy to investigate the live of everyone as never before. I'm not the one that says that, the FBI chief officers said that.
Note that some Facebook investors have professional relationships with the management of In-Q-Tel, a nonprofit VC firm created by the CIA in 1999.
Keep in mind that the same organizations advocating the destruction of constitutional guarantees of liberty and freedom are the same organizations that conduct clandestine and often illegal investigations of people like Martin Luther King.
This isn't a nerd fantasy, the reality is that the FBI is interested in things like which political candidate you support. These aren't investigations to catch criminals, these are investigations to subvert the rule of law and hamper the democratic process.
There wasn't a supreme court decision saying that passwords are testimony because the FBI believed it was testimony, the supreme court decision came about because the FBI believed that it was perfectly constitutional to demand citizens testify against themselves. The mandate of the FBI should not be "maintaining the existing social and political order."
From the Church Committee:
Too many people have been spied upon by too many Government agencies and too much information has been collected. The Government has often undertaken the secret surveillance of citizens on the basis of their political beliefs, even when those beliefs posed no threat of violence or illegal acts on behalf of a hostile foreign power. The Government, operating primarily through secret informants, but also using other intrusive techniques such as wiretaps, microphone "bugs", surreptitious mail opening, and break-ins, has swept in vast amounts of information about the personal lives, views, and associations of American citizens. Investigations of groups deemed potentially dangerous -- and even of groups suspected of associating with potentially dangerous organizations -- have continued for decades, despite the fact that those groups did not engage in unlawful activity.
"They" is a very broad pronoun. Ban encryption, and sure, detectives will genuinely be able to catch more pedophiles. That's almost certainly true, and I wouldn't dispute it.
But there are trade offs, and you also get more insidious elements. Certain officials in the government care about who you vote for, what websites you visit, what software you have installed, who you communicate with. This isn't new and has been par for course since time immemorial.
I'd liken it to freedom of speech. Most people, if they use freedom of speech to say something controversial, use it to say stupid and socially damaging stuff. Bush personally planned 9/11, Obama is a Kenyan Muslim plant, etc. But it's still worth fighting like crazy to make sure they have the right to say it, because as a society we do better if there is that ability to say whatever you want, even if people abuse it. It's that way we can fight against the government when we need to.
In the same way, encryption is a valuable tool that prevents government power from being exerted when it should not be. This can range from more effectively avoiding government attempts to undermine counter-establishment political organization to opening up markets that should not be being shut down by government violence.
I don't know if you'd even disagree with any of this. It's of central importance, though, to make sure that people know the debate isn't about whether we should allow child pornographers to avoid punishment.
It is a fallacious nerd narrative that LEOs want super powers to keep track of what kind of anime porn you watch. They don't care.
It depends on who you classify as LEO. One of the big paradigms the US Intelligence Community is into, aside from Open Source Intelligence, is behavior patterning and such mundane things as what anime porn you like do play into that.
This is why they mass-collect cell phone & financial records -- not only to see if you're buying a lot of ammonium nitrate, but to data mine everything you're buying and try to assemble a behavior patterning prediction system.
FBI Director Louis Freeh is the most outspoken advocate of encryption
restrictions. He argues that the capability to conduct court-authorized
electronic surveillance should be built into any technology, including
powerful encryption software. [1]
One Freeh proposal is that all users of powerful encryption software be
asked to turn over their keys to a third party, so that law-enforcement
officials can gain access to them with a court order.
Freeh's allies include his boss, Attorney General Janet Reno, and
legislators including Rep. Gerald B.H. Solomon (R-N.Y.), the retiring
chairman of the House Rules Committee.
"Let there be no doubt," Reno wrote congressmen last year. "Without
encryption safeguards, all Americans will be endangered."
See also law enforcements contention that they are free to invasively check the data on any laptop or phone that crosses the border, etc.
As always, child porn / blah blah blah (while not minimizing my concern for the children involved) is, as always, merely the excuse. This will, as always, be used for harassing people growing pot or civil rights protestors or to help beat hippies.
Correct me if I'm wrong but that was just the journalist giving one of two examples for when we want law enforcement to succeed in their goals - it wasn't the Government covering up real reasons for anything.
Note he didn't point out crimes like embezzlement, bookmaking or murder. When spokespeople for the police say "We can't do X, which makes it harder to stop child pornography and drug dealing", that's PR-speak for "It's bad, trust us and don't think about it."
Also conspicuously absent is preventing terrorism, which is a scenario where obtaining the password is more likely to be impossible, because the owner is most likely dead.
My layman's understanding is that the law doesn't consider being compelled to reveal a password to be self-incrimination. Failing to reveal a password will get you held in contempt, or result in an "adverse inference" ruling from the judge.
"Terrorism" has less power to persuade, justifiably or not, when recent terrorist attacks are not on people's minds. "Child porn" doesn't have this disadvantage, because you can be told that it's going on all around you without your knowledge.
Sometimes it is an inevitable consequence of the march of technological progress that certain legal and civil artifacts of previous eras must fall away, and we need to let that run its natural course, instead of trying to put up pointless and ineffectual -- but costly and frightening -- bureaucratic boondoggles in its way.
We will just have to live with the fact that secure end-to-end electronic communication and storage encryption that is not accessible by law enforcement is available to anyone who really wants it. For the most part, this is good news for privacy, civil rights and protection from information crime; in a few extremely marginal cases, like terrorist plotters and whatnot, this is bad, but we can't have our cake and eat it too. Trying to stop it, roll it back, pretend it doesn't exist, etc. is a pointless waste of time.
200 years ago, every man could own a rifle and all rifles were assault rifles. Citizens were equal with their governments. They could ban together and form armies. Today, looking at the vast differences between arms that governments posses versus what their citizens may legally posses and you'll soon realize that the only technological equality we have remaining is strong encryption thus the governments attack that technology accusing everyone who uses it of being either a state sponsored terrorist or a child porn monster (why else would anyone use it... what do they have to hide). They themselves use encryption extensively, but they don't want me and you to do so.
The United States once classified some encryption algorithms as a munition and banned exports. We citizens can't buy tanks or air craft carriers or satellites, but we can legally use AES 256 encryption (at least for now) and we should. That's all we have left.
In 1810, the 1 in 6 Americans that were enslaved were not allowed to own guns. In another twenty years even free black men were no longer allowed to own guns (varied by state).
Not terribly relevant, but it is easy to forget where we come from and how far we've come in a relatively short time.
the only technological equality we have remaining is strong encryption – um, I can think of too many counter examples to even begin.
The United States once classified some encryption algorithms as a munition and banned exports. – remember to thank Al Gore for having the stones to let that be lifted and bringing us a fine SSL future with secure(ish) commerce in the Internet. (Ancient history, back in his VP days.)
I am not convinced, that all that much has changed at the core -- despite Ed Bernay's work and the American Dream. Today, 1 in 6 Americans that were enslaved are rotting in prison etc. Another sign of a larger problem tp is alluding to.
And Al Gore -- besides obviously having invented the InterTubes -- was only reacting post festa. The PGP printout-book was scanned Down And Under (take that Regulators!), and free implementations of strong crypto were popping up everywhere (ie .de). Banning export was useless. If you can't beat them, join them, and Let the Commerce Profit! Recent history, given his commercial interests of the Intertube days (iGOOG Board). The Doors (of revolving perceptions :).
being able to crack full disk encryption is vital for the prosecution of child porn and pharmaceutical spam barons, amongst others
Put in those terms, it seems that the trade-off between our right to privacy versus the needs of law enforcement is so ridiculously unbalanced that the law enforcement people ought to just slink away with their tails between their legs.
Could you explain that a little more? I'm not disagreeing, but I'm not sure I understand what's so vital about preventing people from reading the data on my hard drive after they've confiscated it.
First off: fuck them. That's why. You have a right to free speech, including speech in numbers, which is all that is. You also have a right to not incriminate yourself so they can't get your password.
But a line for people suffering from pragmatism would be this: In many, many cases someone has a secret. Sometimes even the secret that he has a secret within a domain is secret. For example, a CIA agent if arrested for child porn. Does he give up his password to the disk drive violating his top clearance status or does he shut the hell up. Or what about someone involved with a psychiatry practice that is arrested for child porn. She is legally obligated to keep those records secret. Or what about someone that signed an NDA with a tech or defense company?
The list goes on. Information is the most valuable resource on the planet. It's probably the most valuable resource in the universe. The most valuable information is the information that only you know. They do not have a right to destroy your wealth or to even know that you have any. I'd rather live in a society with a couple extra perverts.
Tangent: I am literally unable to understand why possession of digital child pornography images is, in and of itself, a crime. I'm surprised that this is regarded as a radical position. A digitised image is an arrangement of bits on a platter or a wire. It doesn't hurt anyone.
Laws that criminalise consumption of child pornography on the theory that it aids and abets its production by routing material financial support to the source date back to a time when almost all child pornography was obtained in consideration of payment, usually by mail order. That time is long past. Free porn abounds on the Internet, and anyone stupid enough to pay for illegal porn probably deserves to get arrested. There is several orders of magnitude--literally--more child porn today than could have possibly been imagined in the wildest dreams of postal inspectors in the 1980s.
As for the idea that there is a case for criminalisation of child pornography possession or transmission based on some statistical link between child pornography and actual child molestation, that directly contravenes millenia of legal thought. In other words, it should not matter at all whether there is any scientific basis for the allegation of such a correlation or not; it's beside the point. It doesn't matter if 99% of child molesters have child pornography. That shouldn't affect the underlying principle. And the underlying principle is this:
You can't punish someone for something they could--conceivably, in some hypothetical set of circumstances--do, but have not actually done.
I really find the idea that possessing a file is a crime, let alone a rather non-trivial one, to be literally unintelligible. It is one of the most incomprehensible things about contemporary life to me. I don't understand how it's possible given the intellectual pedigree of Western jurisprudence.
Ignoring images created without using a real child, the trading of actual images is illegal for the same reason that drugs are illegal - to remove the demand. The thought goes, if there is no demand then people will stop creating images with kids.
Unlike the drugs trade, I doubt there are significant numbers of child abusers who are in it for the money. It seems like an incredibly risky business compared to other illegal activities, like drug running. And customer acquisition must be incredibly expensive. Also, as any digital file, a single image can be viewed again and again in the way that 1g of heroine can not. The supply of new images could completely stop and the back catalogue would be enough for customers.
In other words, I don't think this is a market problem so I don't see market solutions having any justification (or indeed effect).
Except that demand destruction increases demand for substitutes, and one of the substitutes for viewing the existing child porn is abusing children to make more. There's another theory that watching child porn is a thoughtcrime that makes pedophiles more rather than less likely to go abuse children, but we've seen just the opposite with adults—rape and sexual assault stats decline as legal, adult porn becomes more prevalent. The whole mess reeks of the politician's fallacy (we must do something! this is something!) with little regard for the actual consequences, especially when they've started prosecuting teenagers over pictures of themselves.
Further, the definition of "child porn" now includes cartoon images, statements written by adults of a textual nature, and stories or other creations- by adults- depicting children.
Not to mention, many pictures our parents took of us as infants might count, as that is bad enough.
"Child Porn" has been stretched to include things that do not involve any actual children in any way, shape or form.
As for your last statement, contradictions cannot exist. I think that the presumed rationality of the "justice system" is in error.
And furthermore, I know of no Constitutionally valid principle under which the government can enact legislation for the sole purpose of preventing you from "thinking bad thoughts" or something of that ilk. So, it must hinge on showing actual harm to children. Downloading bits from the Internet does not harm children. You could argue that paying for them does, but that's not simple possession.
I just don't get it. I'd like to think I have a pretty broad mind. I'm not a radical or overly idealistic Libertarian. I am capable of comprehending abstractions, extrapolations, generalisations, and juridical pragmatism in the public interest. Still, the rationality of this eludes me completely.
I would also love a good answer. I think most people just don't think that deeply about it. When I questioned about this (as my camera was being confiscated), people were outraged at the thought of legalising child porn. And when pressed further, they will only say its morally wrong (and threatened to turn me to the police! - to which I backed down of course).
The best I can come up with is that legislators fear it will lead to copycats. Its been shown that people who hear about a suicide are more likely to both commit suicide and do it in the same manner. See http://en.wikipedia.org/wiki/Copycat_suicide. "Examples of celebrities whose suicides have inspired suicide clusters include the Japanese musicians Yukiko Okada and Hide and Marilyn Monroe, whose death was followed by an increase of 200 more suicides than average for that August month". And if you consider that copycat suicides may not have happened without the trigger suicide, the thought that copycat child abuse may not happen without a trigger child abuse is not a wild leap. And the trigger child abuse can be that harmless few bits.
I'd feel fine about losing some freedom to stop that child abuse trigger. There are all sorts of reasons why some information is protected from the public, and when that information can cause public harm but not be in any public interest the case to ban it is very strong. Child porn may be equivalent to that sort of may be "harmful and not in public interest" category which gets it perma-banned.
It's so important because most seizures are fishing expeditions. A political rival can be targeted with searches to find something that can be used against them. This could be anything from a misplaced comment in a chat log: 'I am going to kill that guy', 'man, someone should give that policeman the same beating he gave the protestor'. Likewise, a browser caches all manner of material, you can easily find your way into the wrong forum topic, or some vandal tweets you a link to child porn, or even regular porn that would be illegal in a certain jurisdiction.
I now see half way through posting that many other reasons have already been listed, so I'll end it at that. See the plight of Jacob Applebaum who works on the Torproject for a very specific example. I think it got to the stage where he had to replace his electronics when he travels because he couldn't trust what was returned, thats if he gets the equipment back at all from customs, or purchases fresh equipment in foreign countries to know they are 'clean'. I think he weighs is equipment too.
You have a fifth amendment right not to incriminate yourself, which the article mentions by noting that you don't have to give up your password when asked.
In my mind (IANAL), if I don't have to give up information about myself, then I have the right to encrypt my information, and to not be presumed a criminal merely for having encrypted my information.
Note that the 5th amendment is not about protecting your criminal activity, since you're presumed innocent unless convicted. It's a right that you have regardless of your character or activity.
I am not a lawyer either, but generally you can be compelled to reveal a password.
It is generally seen as analogous to the combination to a safe or a key to a door. Compelling revelation of the password is not generally seen as a violation of the Fifth ammendment.
While a ruling from a lower court, there is a good discussion of this at IN RE JURY SUBPOENA TO SEBASTIEN BOUCHER, Dist. Court, D. Vermont 2009 (which is available on Google Scholar)
Someone could use a two-factor system that splits the decryption key into a memorized passphrase and a physical token. Even if the person reveals their passphrase, the data cannot be decrypted without the rest of the key on the physical token (something that could easily be destroyed).
You're right, but I posed this very question to Kevin Mitnick once. He had just recounted how, during his prosecution, he'd been forced to give up his passphrase. (This was several years ago, and so I might have some specific details wrong, and I'm also going to be a bit vague about it as a result.) I asked him why he didn't just plead the 5th. He said he tried, but that they moved him into solitary and they started abusing him in jail. (abuse is my word, I don't remember the specifics) and they they used every method they could to force him to give up the passphrase, including, I believe, holding him in contempt for not revealing it. Eventually he revealed it.
It is my opinion, having read accounts of people being prosecuted by the government for various crimes over the past 20 years, that in many cases, the government does not hold itself within the bounds of the law, and that such prosecutions are often illegal themselves. Yet, they are able to get away with this, because, what prosecutor is going to destroy their career by pressing charges on cops, other prosecutors or judges?
Also, in this day and age, asset forfeiture is extremely easy. The government can seize all of your assets, effectively denying you the ability to pay your legal counsel, forcing you to rely on the legal services they provide for you. Further, even if you can afford your own counsel, as an "officer of the court" they are subject to extreme pressure. I've read about a fair number of situations where lawyers would not even introduce constitutional arguments for their defendants innocence because it would result in recriminations against the lawyers by the judge. (e.g.: its "frivolous" to claim that federal drug laws are unconstitutional, even though to criminalize alcohol an amendment was needed.)
I'm not a lawyer, of course, this is just my perspective.
It's unlikely there will be a breakthrough that allows adversaries (in the cryptography sense) to crack properly implemented strong encryption. Faced with this dilemma, the only other options for the government are varying degrees of black-bag and rubber-hose cryptanalysis. Surveillance (legal or otherwise), asset forfeiture laws, jailing for contempt, lawsuits, deception -- all are just different forms of the rubber hose. It worked against Mitnick, and it would probably work against most of us.
I'm hesitant to mention this again but it does seem that rubber hose is being overplayed as a trump card here too much. Shadow volumes and multiple layered passphrases in arbitrary memorised data offsets on various volumes amongst a scatter of purely random data is completely invulnerable to rubber hose.
It all depends on exactly how paranoid you are as to how deep you go with layers of misdirection here of course but the point remains, they cannot continuously compel you to provide a passphrase when they do not know that another one actually exists.
This is the one arena where the only reason the government has any power at all is due to our ignorance, they do not, and indeed should not, have any power at all in this realm.
I understand this, I mean that they don't know how many layers of misdirection are actually involved, you can provide n fake layers of encryption with trivially incriminating information, as long as the "free space" of the volume in question contains randomised data, they can never know if it is actually an encrypted volume one level deeper or not.
rdtsc's point is that you are assuming that the system will play by their own rules. Not necessarily the case, especially when the entire weight of public opinion is against you.
My point is that I understand that, I'm not expecting the system restrict itself in any way shape or form, this is par for the course in many places around the world where no quarter can be expected from the authorities. They can't continue to compel you for more and more passphrases for more and more encrypted shadow volumes that they're not even aware actually exist, this is what it eventually reduces down to.
> They can't continue to compel you for more and more passphrases for more and more encrypted shadow volumes that they're not even aware actually exist
The point is, they can. If you're in some place run by a dictator they can do whatever the hell they want to you, including torturing you until you die.
Sure, but it's tactically useless, as they can't know if they're just applying useless pressure because they don't know how many layers of shadow volumes there are to penetrate. So yes, they can be pricks, but to no discernible effect.
People in power have never been short on excuses for abuses thereof, this aspect of this issue is just another in a huge ocean of existing valid and arbitrary ones.
I don't want my company secrets to be leaked out if someone steals my laptop. The same mechanisms for preventing thieves from reading my data also prevent the government from reading my data.
Your hard drive is probably not vital. But that's not necessarily true for others.
I shouldn't have to provide specific examples, because you seem to basically be arguing that if I have nothing to hide, I have nothing to fear, but here are a couple anyway:
My doctor has a laptop; I sure hope that any medical records pertaining to me that are on that hard drive are encrypted. Ditto for my lawyer, accountant, etc. I carry around business data and keys to various production servers as well that my boss wouldn't want exposed, too.
1. Everyone on here except the tinfoil-hat brigade know that governments can't crack modern encryption that's been properly implemented. If they /do/ have the capability then it's tucked away somewhere very secret and they're using it for far more important things than catching criminals.
2. "with the cryogenic RAM freezing technique, presumably" - errr, no. With the "sit down at the computer and turn off the encryption/copy the data to an external drive technique", I think you'll find. Obvious bullsh*t to anyone technical but sounds 'cool' to your average 14yr old who reads these sort of sites.
3. "a risk to national security" ... "vital for the prosecution of child porn and pharmaceutical spam barons". Okay, so we eventually get closer to the truth. But hey - 'national security threats' sound much more urgent - let's put that in the article.
2. "with the cryogenic RAM freezing technique, presumably"
- errr, no. With the "sit down at the computer and turn off
the encryption/copy the data to an external drive
technique", I think you'll find. Obvious bullsh*t to anyone
technical but sounds 'cool' to your average 14yr old who
reads these sort of sites.
Errr, actually yes. You may be interested in [1] and [2].
I'm assuming he was mocking the ignorance of the article as it addressed live memory acquisition. The author jumped to something obscure (RAM freezing) when there are forensics tools (memorize, etc) that can be used to image memory on a running machine in hopes of getting a decryption key / other passwords.
There are other fun ways for your SWAT-team evidence seizure grunts to grab machines without powering them off, such as http://www.wiebetech.com/products/HotPlug.php -- a big UPS with connectors specially designed for vampire-tapping a live PSU lead.
There are lots of ways to overcome that as well. For one, you could set up your computer such that if you don't enter some key combination every minute it shuts down. Or you could set up a tricky kernel that does not allow opening/cp'ing certain files and if you try, triggers a shutdown. Or you could have speech recognition running, and as soon as you utter a certain phrase near your machine, it shuts down.
The point is that inaction or inadvertent action by the law enforcement may trigger an action on the machine. Such digital landmines could be made so unpredictable that there would be virtually no way to extract the data on site reliably.
In general, there is no solution to this problem. The person protecting their data will always be able to surprise the person that's trying to extract it. Furthermore, no government can control "manufacture" of encryption, the way that it can control manufacture of physical goods. It could mandate that a backdoor must be provided, or that you need to escrow your decryption key such that it could get at your data, but let's face it: people that do have something sinister to hide will not care much for this regulation anyways.
Hrm... I was aware of the research but thought it was just a proof-of-concept; didn't realise it was quite that polished.
Even still, I would doubt whether or not your average digital forensic investigator would be using such esoteric techniques. Most of the stuff they do is pretty routine using off-the-shelf products like EnCase. Thankfully, for the rest of us law-abiding citizens, your average criminal is pretty thick and therefore the level of sophistication required to catch them isn't that high.
I've seen vampire power taps used for field exploitation; you don't actually want to hang around at a lot of sites, but do want to retain power to prevent disk encryption.
Basically it's a vampire spice for the device input power, connected to a UPS, and then you kill the rest of the power; desktop is now portable in on-state.
In regards to 2, I have it on good authority (someone who this has happened to) that the feds come ready with a coldboot kit. To counter that, he has since epoxy'd all of his ram to prevent anyone from removing it in the future.
Great. I feel that full-hard disk encryption is necessary for our own privacy safety. If I had problems with Cops I would probably be shutting down my PC always before letting anyone in, though I already have quick auto-shutdown system with my SD card. I unmount my SD card and the PC shuts down and can not be logged in without the card if the SD card is not mounted.
I'm not sure what the benefit of the SD card is in this case -- something physical, you can be legally compelled to hand it over, since it's a physical object.
Also, SD cards are really really sturdy. You can drive a car over them, and I know from experience they can survive a fire.
Maybe if he'd use a micro-SD, he could swallow it. Or hide it pretty much anywhere cause it's the size of a fingernail. Dump the empty micro-SD/SD-adapter into one of those typical "computer paraphernalia" boxes always found on any desk, you know, the one that also contains an aged USB stick, three paperclips, a PS2-USB adapter, post-its, ear-phones and some USB cable, and nobody will expect a thing.
Well a couple of years ago, my house burnt down. I was "lucky" with only a melted flatscreen monitor and further mostly just smoke damage (which insurance still reimbursed as total loss, yay), my flatmate, where the fire started, less so. His part of the apartment, the next day, pretty much was a blackened cube with bits of black debris on the floor, what used to be furniture, his computer, books and audio equipment[1].
In the rubble we found his camera, which was of course useless if not because of the heat[2], then because of the water damage from the fire-fighters.
Inside was a 2GB SD card and it still worked.
So yeah, if for some strange reason you can't keep your backups off-site, nor in a fire-proof safe, store them on a SD card in a camera :-)
[1] He also wasn't insured, making the story even sadder. Fortunately he just landed a pretty good job, also he met his current girlfriend while staying at his parents until he found a new home. So some good came of it, I suppose.
[2] Glass windows melted, can you imagine? Looks like icicles. I later asked a glassworker friend, she said that means it must at least have been 800 degrees Celsius.
It's much easier to make a SD card unavailable (destroyed, "lost", etc.) vs. an entire laptop, and you wouldn't be as vulnerable if a third party got a hold of the laptop (since all the valuable data is sitting in your wallet (on your person) instead of the briefcase (in the seat next to you)).
Unless your SD card contains something vital to access of your data (encryption key, etc), all that setup does is protect your data from people who try to use your laptop in a coffeeshop while you're in the john. Still nothing stopping one from taking the entire laptop, removing the drive, and mounting it in another system.
The encryption key could be a function of his login password and it could be stored in-memory after he is logged in. The issue is to have a trigger which wipes it from memory by logging out the current user when the police shows up, and unplugging the SD is a nice trigger for that.
That's at least what I imagined, his setup might be completely different (a keyboard combination for logging out might also work better).
Basically the SD card contains encrypted key which is required to be mounted while logged into the PC. If I pull the card away the PC will automatically shutdown.
if the SD card is not mounted when the user logs in the system is automatically shutdown too.
Basically the SD card only fights against using the computer. You of course could remove the hard drive and mount it in another computer, but that is why the whole drive is encrypted.
Yes I know I can legally be compelled to hand it over, but it's a Micro SD to SD card converter. The Micro SD card can be quite easily be broken. I've tried. I could also make the script to automatically delete all necessary data if the system was booted without the card.
Couldn't someone:
a) physically remove your hard drive
b) mount it in a different machine
c) find your SD checking script
d) figure out what key file you're checking for
e) write that key file to a new SD card (or otherwise circumvent the check)
This assumes that your HD isn't fully encrypted, in which case you'd be pretty well protected. It does sound like a nifty way to auto-logout quickly though...
The HD is fully encrypted and the system does not only check if a file exists, but if the file in the SD card contains specific key, which is not stored in the system, but it's my own encryption implementation for the key so I'm not certain how secure it is.
a) Yes they can.
b) Of course they can do that if the HD is not encrypted or the encryption is broken.
c) Yes they can do that, but why would they do it if they already broke the hard drive encryption? They could just delete the script.
d) Well yes surely they could do this.
Anyway my only goal implementing the SD card shutdown was to secure the system from friends who want to invade my privacy and thief's. Basically I can do auto login to my admin account and if the SD card is not mounted it shut downs.
Well they could, but why would I give them If I seriously had something dangerous in my PC? Though I've secured my system more for theft, though It would be good to have guest account which could login normally, so that the thief would not just reformat the drive right away and I could actually trace the thief when he's using the PC before reformatting like some of the success stories, but more than that I don't want my files to be seen.
I think you're joking, but for what it's worth, that doesn't work. You can claim that the encryption key itself contains self-incriminating data, but then they'll simply say "ok, we completely understand. Go ahead and type it into your laptop and decrypt the data and you don't have to reveal the key."
Your honor, it has been more than six months since I was arrested and I can no longer remember the encryption key. All I can remember is that it twenty random letters/numbers.
Even if you lie in court it is very difficult to prove it.
> First, evidence-gathering goons can turn off a computer (for transportation) without realizing it’s encrypted, and thus can’t get back at the data (unless the arrestee gives up his password, which he doesn’t have to do);
I thought that if they had a warrant, you had to give up the password, much as you'd have to give up the key to a locked door in your house?
> No person shall...be compelled in any criminal case to be a witness against himself
Courts have previously upheld passwords as self-implicating information, which you cannot be constitutionally compelled to provide.
> in In re Boucher (2009), the US District Court of Vermont ruled that the Fifth Amendment might protect a defendant from having to reveal an encryption password, or even the existence of one, if the production of that password could be deemed a self-incriminating "act" under the Fifth Amendment.
Boucher ended up having to unlock the hard drive, because he had previously unlocked the drive for border agents. Had he refused, the court likely would have held that he could not be compelled to produce the password or the hard drive contents.
A warrant gives law enforcement the right to gather evidence, but doesn't compel you to provide it. If you won't provide it, they are authorized to take it by force. In the case of encryption, they don't have enough (legal) force to take it. Therefore, they are entirely dependent on the accused cooperating to gather that information, but the accused cannot be compelled to cooperate under the Fifth. This is scary for them, because it means that they can't legally compel you to give up the information, and they can't gain access to it by force. A wholly uncooperative defendant is effectively unassailable.
Boucher ended up having to unlock the hard drive, because he had previously unlocked the drive for border agents. Had he refused, the court likely would have held that he could not be compelled to produce the password or the hard drive contents
So it sounds like the actual legal question here, of whether the government can compel you to hand over your password in the general case, has never actually been tested?
IANAL, so I'm unqualified to say, but the way I read the ruling was that they decided that you can't be compelled to hand over your password, but because Boucher had already unlocked the drive for law enforcement once, doing so again would not further incriminate him. So, they forced him to unlock the hard drive without disclosing the password.
As I understand it, if he had initially refused to unlock the drive, then he couldn't have been compelled to unlock it again, under grounds that it could be self-incrimination.
It's a legal gray area because a password is something in your brain and compelling you to reveal the password can be interpreted as testifying against yourself. If you refused to give the police a key they could use physical means to extract the safe contents but there's no way to take data out of your soft tissue.
That might currently be the case for UK. Though it's quite reasonable to forget a password, especially in a high-stress situation of an interrogation. Extra hilarity ensues when there is actually _no_ password for a TrueCrypt volume that _does not_ exist, and one fails to provide a working password.
That is, while one can prove that there is no physical key to a door on the person, there is no way to prove that one does not know the password.
Does the UK have an "innocent until proven guilty" provision? If so, wouldn't the onus be on the prosecution to prove that the accused does in fact know the password?
You can't prove a universal negative, so the only way that becomes a prosecutable offense is if the initial assumption is of guilt rather than innocence, no?
> "Drage was convicted of failing to disclose an encryption key in September." [1]
Though it says that he "failed" to disclose a password when asked. Not clear if he was unwilling or unable, and if such a distinction even matters. (It's unclear if the use of the term "refusal" was an actual action, or a journalistic spin. It might come down to needing to be very careful about word choice in such situations; "I would like to speak with my lawyer first" seems like the most appropriate answer).
Yes, it does. That's where the US tradition comes from. It's originally derived from Roman law.
It's contrasted with Napoleonic code, in which innocence must be proven. It is or was the basis of law in countries conquered under Napoleon, and/or their colonies (e.g.: Mexico).
Yes if you use a lock with a key you can be forced by the court to produce it (if they can satisfy a judge that its in your possession), however, if you use a combination lock you cannot be compelled to testify as to the combination. (IANAL, that's just what I've read)
It's common knowledge that the government has few qualms about violating its own laws. No doubt they won't allow some pesky legal restrictions stand in the way of cracking FDE.
Thankfully, not all branches of the government go to the $5 wrench solution as quickly, frequently and without fear of accountability.
While that's probably no comfort to anyone who winds up accused of terrorism [1], it does mean there's a large chunk of law enforcement officials for whom FDE is still a practical problem.
[1] The express-lane to the wrench-room, I'm sure.
Violence is far easier and much less expensive. No need to hire a PhD in physics/math and purchase expensive equipment. Why bother? Violence is universally understood (no language barrier). All you need is a few guys who have no feelings. They could buy the equipment they need at Walmart. A few hammers and some pliers. Job done.
I think he's suggesting that the US government uses pain up to and including the amount of pain induced by breaking a limb or organ failure to extract information from those it holds without trial. This assertion would seem to be consistent with the official position of the US government. Whether inducing pain equivalent to organ failure to extract information is a violation US or International law is probably a question best answered by the ICC.
> Whether inducing pain equivalent to organ failure to extract information is a violation US or International law is probably a question best answered by the ICC.
No doubt this question has already been answered on numerous occasions with respect to such violations in 3rd world countries and enemies of the US and its allies. However, the US government, for all practical purposes, is above international law.
I am totally cool with the FBI lying, coercing and otherwise trying to convince criminals to give up the evidence against themselves, as long as they don't actually break out the wrench.
The idea that you can't be compelled to testify against yourself, present in many western legal systems, is a good one, and is designed to prevent both torture and false imprisonment due to torture-induced false confessions. But that doesn't mean it's not a good thing in those circumstances when a guilty person does incriminate themselves.
I believe that we will eventually return to "good" old days, when strong encryption was outlawed. If the intelligence sector doesn't get it overturned itself, then I expect that someone in Congress will probably push a bill through to do so under the guise of preventing child porn (after all, who isn't against child porn?).
Oh, and a tip of the hat to Phil Zimmermann, who created PGP twenty years ago this year.
Ever tried to obtain more than 10,000 of those US dollars? Not exactly "banned", but pretty heavily restricted, from what I understand, for just about that reason.
No, you can call your bank (in US at least) one or two days before and they will have those 10K, 20k, 50k ready for you. Whether that raises flags and FBI agents start tailing you is a different matter.
Obvious bullshit. Consider corporate payroll; anyone making more than $120,000 a year gets a monthly paycheck for more than $10,000, and this causes no problems.
That's exactly what I think. The fact that governments are now saying that some encryption is un-crackable makes me highly suspicious.
I'm not a tin-foil hat person, but I wouldn't trust any encryption out there with my life if there was a concentrated effort by combined governments to defeat it.
It sounds like it hurts fishing expeditions. They can always get a warrant and hide a tiny video recorder somewhere pointed at the screen, or install a key logger to capture the password (maybe not on a notebook?), or work with the *-baron's ISP to capture evidence that goes over the internet.
> the FBI, CIA, and NSA, also have a problem cracking encrypted hard disks — and according to a new research paper, this is a serious risk to national security.
Imagine what would happen if people could hold information in their minds without putting it computer files. That would be a very serious risk.
"US-CERT's mission is to improve the nation's cybersecurity posture, coordinate cyber information sharing and proactively manage cyber risks to the nation while protecting the constitutional rights of Americans. US-CERT vision is to be a trusted global leader in cybersecurity - collaborative, agile, and responsive in a complex environment."
Certainly sounds like intelligence (and counterintelligence) is one of the main aspects of their work. Agree, they don't sound like _human_ intelligence gatherers... but I'm fairly certain that US-CERT would know plenty of information about hackers, hacking, pirates, and so on.
The feds were worried a long time ago but full disk encryption (or any encryption really) was not adopted by the public. The barrier to entry was too high. Only now is this odd relationship (encryption is ok but only when it isn't commonly used) going to have to play out in our legal system and culture, and it will be super interesting to see how we decide as a society what the limits of this technology are.
Well goodness. If this same US government didn't insist they have the right to clone my hard disk without a warrant whenever I go through customs, maybe I wouldn't need full disk encryption.
"being able to crack full disk encryption is vital for the prosecution of white-collar criminals, child porn ringleaders, pharmaceutical spam barons, and the curtailment of terrorism"
Again, there is a terrorist and "child porn ringleader" hiding under every rock.
Before computers and full disk encryption people used other forms of information hiding, and the world did not end.
If the only evidence for a crime is to be found on some encrypted disk drive, it would be a weak case anyway.
The next step is reading people's minds to know what they fantasize about.
[The study, titled “The impact of brain privacy on police investigation,” illustrates the difficulty that CSI teams have in obtaining enough data to build a solid case against criminals.]
Misleading title, the quote is nowhere to be found in the article which says little beyond the fact that encryption is tough to crack. Nowhere does it say it can't be done.
I've always thought that a solution to the problems with insufficient 5th amendment protection would be to make your password a passphrase that contains an admission of a crime.
For instance:
"I admit that I smoked marijuana on the 5th of December 2010".
or
"I under paid my taxes in 2005 by $50."
These passphrases, as literal admissions of a crime, would have to be protected by the 5th amendment.
Of course, that presumes that the legal system operates under the constraints of the bill of rights, a presumption I don't believe currently holds very often.
(Neither of the example phrases given here are actually true about me. )
Full marks for lateral thinking, but I don't think that works.
It's the use-mention distinction. Uttering a set of words is not the same thing as asserting that they're true. If you say "My password is 'I killed and ate a young girl in Tucson'" then that does not count as a confession, and could not be taken as one by any court (thankfully, because I just typed out that sentence myself...). Therefore, uttering that sentence does not count as testifying against yourself.
I'm presuming that they are true, and that they are a revelation of an actual crime that you committed. Thus, by revealing the passphrase, you are revealing evidence about yourself, and effectively testifying against yourself.
I believe you'd have to be under oath as well.
Further, I believe that this strategy would be employed as an argument to not ever giving up the passphrase. You would tell the judge, or whomever, that the phrase is a literal confession of a crime, and thus, by doing so, invoke 5th amendment protection.
(You may be right, and my idea may not work. I just want to make sure you're not assuming that the confession is for a false crime, when I meant it to be for a real one (though my examples of course, are false.) Which is why I didn't use a murder as an example...)
The court is not interested in your passphrase, they want the information that it is protecting. The court will simply compel you to provide the information in another manner if you claim that revealing your passphrase would be a 5th amendment violation (although I doubt they would even buy that one to begin with.)
1) tell you to provide the pass phrase to your lawyer (which makes it protected via attorney-client privilege) and then tell your lawyer to unlock the system and provide it to the court
2) out-geek you and notify you that since your encryption system does not actually use your passphrase but instead passes it first through a strong hash function you are to provide the court with the hashed passphrase so that they can use a decrypt method which skips the hashing step.
The short version is that claims that a passphrase alone is protected via the 5th is unlikely to succeed.
1) I read about at least one case where that's about what happened. The police asked the defendant to unlock the computer; they didn't ask for the password itself.
Further, I believe that this strategy would be employed as an argument to not ever giving up the passphrase. You would tell the judge, or whomever, that the phrase is a literal confession of a crime, and thus, by doing so, invoke 5th amendment protection.
I'm not assuming the confession is for a false crime, but nonetheless uttering the phrase "my password is $string' where $string is a true confession is still not a confession.
In your strategy, there are two parts to your confession:
1. The information that your password is the string "$s", and
2. Your volunteering of the information to the judge that the strong $s is in fact a confession of a real crime which you did in fact commit.
Part 1 is not testifying against yourself, unless in conjunction with part 2. Since you voluntarily threw Part 2 into the discussion, you're voluntarily testifying against yourself, and there's no rule against that.
A physical equivalent to your strategy would be to write out a letter of confession, leave it in your basement, and tell the police that the existence of this letter means they're not allowed to search your basement. It's not gonna work.
The problem with that is that the 5th Amendment, as specifically formulated, protects you from being compelled to give _testimony_ against yourself.
The success of your strategy hinges on the idea that divulging the password is an act of a testimonial nature, and existing precedents have not gone that way. Testimony is a very particular kind of thing, rather narrowly circumscribed.
Could you be more specific? Under the 5th ammendment, you can refuse to talk to the police. If a judge orders you to reveal it, or be held in contempt of court, is that not a "Testimony"? And thus, wouldn't giving your passphrase literally be expressing a confession to a crime (presuming it was in the form of a confession)?
The question is really about whether the content of the password itself can be entered into evidence, and in most cases, the answer is no, though it would, of course, depend on the scope of the search warrant (if that's the context in which it is being evaluated) and several other factors. But in practice, a password is understood to be something rather arbitrary, so it is not regarded as having strong evidentiary weight. Of all the things I can do, setting my password to "ikillednicolebrownsimpson" is least likely to implicate me, even with a great deal of related supporting evidence.
Secondly, they can get around this quite easily by telling you to just type it in without disclosing it to them. Your refusal to comply will be regarded the same way as a refusal to open a safe or something similar, and you can be held (indefinitely, in many jurisdictions) for contempt of court. The difference, of course, is that the police can open a safe if they have to.
The 5th amendment does not release you from an obligation to cooperate with police, though, as you rightly point out, you are not required to disclose evidence to them or to aid their investigation apart from complying with their request to look around. To what extent divulging a password or passphrase enters into this scope is a matter of ongoing court battles. They have gone both ways.
On the other hand, by admitting that you have knowledge of the passphrase, you may be associating yourself with a piece of machinery or its contents more conclusively than would otherwise be possible to prove, which may be a non-trivial piece of information in itself. That, in turn, may be covered by 5th amendment protections.
If you tried to use that as a defense, you would likely have the court grant you immunity from using the contents of your passphrase as evidence of having committed a crime and that it would only be treated as a random string.
However, that then puts you in the awkward situation where you're admitting that the passphrase is an actual criminal admission and you might end up being "randomly" selected for an investigation along those lines to find evidence to independently corroborate the criminal act.
Why bother with the legal trickery? Jump straight to the conclusion that the legal system is a hostile entity, as it actually truly is in many places in the world, and act accordingly.
There are encryption methods to prevent key extraction under duress available and have been for some time. Let's not go thinking that the government actually has any power in this particular instance.
Actually, they probably have quite a bit of power. They have whatever evidence led to the warrant in the first place. If they don't find something they know you have, they'll know you have given them the wrong password. If your browser history is three months old and contains nothing but chocolate chip cookie recipes, they'll know you have given them the wrong password. I don't know what happens next, but I doubt they'll say "oh, that was sneaky" and let you go.
When Reiser was asked to explain why he hosed out his car and said "everybody loves a clean car", the jury was not particularly impressed.
This amounts to nothing more than suspicion. When we get to the point where their failure to find the incriminating evidence they were searching for is evidence of your guilt, we're by nature already at the point that that evidence was never required anyway, and we're just in a fascist dystopian reality.
Exercise to the reader to ascertain if this has already come to pass.
That's not how you are supposed to use (e.g.) TrueCrypt. Your dummy passphrase, without the incriminating data, should be the one that you use for all legitimate business.
If you have multiple dummies, be sure to have something embarrassing, but not incriminating, in the other dummies.
Geez ExtremeTech really needs to do something about their iPad support. That is without question the worst iPad viewing experience I've ever seen. Just give the iPad visitors the desktop version. Whatever mobile system they are using is horrendous, unusable, and should be abandoned.
This phenomenon presents a manifold of problems, including:
* Because we appear to be unable to move past the most immediately obvious point, we can't fit any other thoughts in our head, like, "maybe there is a real societal problem that needs to be addressed here" --- not by regulating encryption, but, for instance, perhaps by allocating funding and training differently.
* It's boring to have a bunch of people with more or less the exact same life experiences competing to agree with each other.
* When it's not boring, it's exasperating, such as when the thread competes to build a case that all of law enforcement is a conspiracy to find more effective ways to predict who we're going to vote for --- or creepy, such as when people more or less suggest that child pornography isn't a real problem.
Two thoughts. That's all I'm asking. I agree that the first thought is "don't regulate full disk encryption". The second thought though should be something along the lines of, "yes, that's an interesting new problem for law enforcement"; it shouldn't be "OH MY GOD LOOK HERE'S THE GOVERNMENT LOOKING FOR ANOTHER EXCUSE TO SPY ON MY PORN STASH."
† I know, I was just as bad on those TSA threads as everyone else.