You can be compelled to produce a physical key to a safe. However what if the contents of the safe are paper with text written in an invented language, known only to you?
Can you be compelled to translate them for the court?
What if they just contained numbers? Could you be forced to explain what the numbers mean?
I would conclude that such an action would violate the 5th ammendment.
Forcing her to decrypt the hard drive is the same thing.
Given a warrant, the police have the right to search her hard drive. If they can't understand what it says, she should not have to explain it to them.
Right now, they have no evidence. She is being compelled to produce evidence against her self.
Providing a physical key produces no evidence. It produces a key.
Providing a decrypted version of the data on the laptop is producing information. The contents of the laptop are such that they exhibit a high level of entropy. By definition, they are not information. If they did contain information, they would by definition not be encrypted.
Thus, the request is for the defendant in a criminal trial to replace something that is not information with something that is information. That is clearly a violation of the 5th ammendment.
Actually if you read the ruling, it states that they have a recording of a conversation, transcribed in the ruling, where she basically admits what they are looking for is on the laptop. They then use existing Vermont case law where some perv had child porn on his laptop that an officer and ICE agent witnessed before getting locked out of the laptop. The case law the judge quotes says "where the existence and ___location of the documents are known to the government, no constitutional rights are touched, because these matters are a foregone conclusion." So basically the established case law they are using is where they already knew for sure the perv's laptop contained the evidence they are looking for because they saw it firsthand. In this lady's case, they know the laptop contains the documents they are looking for because they have her recorded saying so. The judge states as much in the ruling: "There is little question here but that the government knows of the existence and ___location of the computer’s files."
So as much as people are freaking out about this, I don't think this is definitive case law that says the 5th amendment doesn't ever apply. The Vermont case and now the Colorado case both hinge on the government knowing that what they are looking for is on the encrypted drive because they saw it and have an admission to it respectively. This is what the ruling states in my opinion.
The 5th amendment may still apply if they don't know for sure the encrypted drive contains what they are looking for, that is to say they never saw the contents nor you admitted to it containing the contents which they seek.
The laptop does not "contain" what they are looking for. It contains gibberish.
If they had her on tape saying "the evidence is in my house" and then they searched her house and didn't find anything, could they force her to tell them where the evidence was?
No.
Any position based on an analog to a vault, is ignorant of the facts. Encrypted data is not locked in anything. It's scrambled.
Here's another analogue:
A locked safe on your portch carries an expectation of privacy. It can't be opened by the police without a warrant. A dropped disk in plain site on your steps does not. The police could copy the disk, break its encryption and use the data as evidence against you.
Why? Because encrypted data isn't "locked", it's scrambled. If a credible expert can unscramble it, then reading it was not a "search". It's equivalent to reading a paper taken from your garbage.
The tape recording of her changes nothing about the facts of what the contes of the drive are (gibberish), nor what the nature of decryption is (testimony). Any judicial holdings to the contrary are erroneous violations of the constitution and should be vacated.
A compressed file has a bit pattern that clearly identifies it as compressed. It has statistical structure. Either way, a court couldn't compel her to uncompress a file either, as it would still constitute testimony.
There were all kinds of rulings, and it has never reached the Supreme Court. So until then, a judge can lock you up indefinitely, until you produce the password.
No, assuming you mean high entropy. (You need a qualifier with "entropy", e.g. high or low.) Roughly, high entropy means disorder, information means order:
This is an interesting case. From a civil liberties, card-carrying ACLU member standpoint, I'm all for the "anti" side of this - keep the gov't out.
On the other hand, there's a decent case made that establishing this kind of precedent would basically mean that if criminals are smart enough to use PGP, then that data can never be used against them. Since you can be compelled to turn over a physical key via due process, why can you not also be compelled to turn over a digital one?
Most of the privacy arguments vanish as well since they don't want the password (which could give them access to other things they're not supposed to have), but they just want the data.
why can you not also be compelled to turn over a digital one?
Because you may have forgotten it. It's likely you would not have had access to the hardware in the many months these things drag out. I know I've forgotten some complex passwords in a day or two.
Also, there may be an argument to be made that by demonstrating your knowledge of the password you are being forced to confess to ownership of whatever content is unlocked. Although the lock-and-key metaphor seems very attractive, it not necessarily the case that "decryption" equals "authentication".
Encryption is easy, authentication is the harder problem! There have been encryption products sold and used that did not provide effective authentication, i.e., someone who didn't know the key could tamper with the contents of the disk so that it decrypted to something else.
On the other hand, there's a decent case made that establishing this kind of precedent would basically mean that if criminals are smart enough to use PGP, then that data can never be used against them.
So now smart criminals will move to Truecrypt hidden volumes and claim there isn't any hidden volume. So now what do you do? Jail someone who might be telling the truth, or let him go?
This doesn't solve anything. Encryption is way past it.
My understanding of existing case law regarding safes is that you can be compelled to give up a key, as it is just physical property to which the state has right to request, but can not be compelled to give a combination, as that is just memory and would violate the fifth amendment. Just because cryptographers use the term "key" doesn't mean the should be treated as real keys. It seems obvious that a key/paraphrase is perfectly analogous to a safe combination.
You don't have to give up a key. They would be asking you to decrypt the drive. Whether that requires you to enter a passphrase or turn on the webcam and do a jig, it doesn't matter. They have no interest in your key/password/secret 4 digit code. They want the contents of the drive.
Now they could be playing at a disadvantage, but the point is that the 5th amendment does not enter into here. If the police have a warrant for papers in your safe, they simply ask you to open the safe, by whatever means. This is no different when they have a warrant for files (papers, information) on your encrypted drive (safe) and are asking you to open it by whatever means.
It does not matter whether the government forces you to do something (e.g. open a combination lock), as opposed to providing information (e.g. tell them the combination). The deciding factor is whether there is an invasion of your mental privacy inherent in the government compulsion. Whether you disclose the combination or open the lock yourself, the contents of your mind are being used to incriminate you, so your Fifth Amendment rights are being violated. This is distinct from the government demanding the key to a safe, or even taking a blood sample from you against your will, both of which are purely physical impositions.
===
Longer Version:
If the police have a warrant to search your documents, that does not mean that they can make you provide the documents to them. They can look through your stuff to find the documents, but if the police cannot read them, that is their problem.
However, a grand jury can subpoena documents from you, in which case you will be compelled to provide them. In this case, you can invoke the Fifth Amendment privilege against testimonial self incrimination as it relates to the production of documents. To the extent that the act of producing the documents requires you to use the contents of your mind, the act of production cannot be used to incriminate you. So, on one hand, your Fifth Amendment right will not protect you if the police already know that the documents exist and all of the information that is contained in them. However, if the police do not know exactly what documents they are looking for and what the documents say, then the information found in the documents cannot be used against you in court, nor can it be used to find other incriminating information.
In other words if my password is "I am guilty" I can invoke the 5th and tell the grand jury that I will not tell them my password.
However, when the grand jury says "produce the crooked accounting books we know you have (witnesses have testified that you have them) that are stores on your laptop", am I required to somehow produce them or do I just say "nope, not going to happen." In the latter case, if those books are the difference between an acquittal and a conviction, do they just let you go, or do they hold you in contempt until you give in?
Lastly, what is the difference between using the contents of my mind when entering a password vs telling the police where I left the key to my safe?
1 (re: Crooked Account Books) - if the government knows you have accounting books, they can force you to turn them over. You must provide them with physical access to the books. In your example, you could take the hard drive out of your laptop and hand it to them. However, if your hard drive was encrypted, and you had the encryption key memorized, you would not have to tell them. If the judge hearing your case did not understand the intricacies of Fifth Amendment doctrine, like the judge in this case, he might order you to decrypt the hard drive. In this case, your lawyer would ask the judge to stay (i.e., delay) his order to give you a chance for interlocutory appeal.
If the judge did not grant the stay, you could turn over the key but explain that you were not waiving your Fifth Amendment rights. Then when you were found guilty, you could appeal, argue that your Fifth Amendment rights were violated, and get your conviction overturned. Alternatively, you could not turn over the key, go to jail for contempt, and wait for your lawyer to appeal the contempt finding and get you out of jail.
2 (re: password vs. physical key in secret place) - in some cases, the act of producing a physical key may actually be protected under the Fifth Amendment. If the police can show that you know the key's ___location, then by forcing you to produce the key they are not forcing you to give any testimony, and you have no Fifth Amendment protection. However, if they ask you for a key but can't prove that you have it, they are asking you to create implicit testimony. The implicit testimony is "I know where the key is." If this testimony would end up incriminating you, the it is protected by the Fifth Amendment and you don't have to produce the key.
isnt the simple point of the 5th supposed to be more or,ess "you do cannot be compelled bylaw to help convict yourself)... ay law to the contrary would be unconstitutional.
No, the point of the 5th is that you cannot be compelled to give testimony against yourself (which is under oath and for which you will go to jail if you perjure yourself.) You are not protected from helping to convict yourself if you leave the evidence of your crimes available to the court. An encrypted drive is being considered as something like an un-crackable safe for which you have the combination; providing the password is not testifying, it is providing the court access to evidence that you would otherwise be concealing from a valid warrant.
Providing the password to a safe that contains incriminating documents actually is testimonial in nature because it requires you to disclose information you have in your mind (see above). As such, any information that the government obtains by compelling you to give them the password cannot be used against you in a criminal trial. The judge in the case being discussed here got it wrong, and his decision will be overturned on appeal if it goes up to the Supreme Court.
"Prosecutors in this case have stressed that they don't actually require the passphrase itself, and today's order appears to permit Fricosu to type it in and unlock the files without anyone looking over her shoulder."
So the state is arguing that they're not demanding the password, only the plaintext.
Still seems fishy, but it's not clear that it's testimonial.
I suppose one could argue that it's more akin to a judge demanding that you produce the corpse the police have so far been unable to locate.
Better still, as someone else said, it's like the police demanding that you translate notes you wrote down in your own made-up-and-known-only-to-you language.
The production of decrypted plaintext by means of an encryption key stored in your mind falls squarely within the rule on production of documents from U.S. v. Hubbell, discussed in jpol's comment above. It therefore seems quite likely the state will lose on appeal.
> This is no different when they have a warrant for files (papers, information) on your encrypted drive (safe) and are asking you to open it by whatever means.
This seems acceptable if they have a warrant for the contents of your safe. If they had a warrant for "evidence" and no knowledge or reason to believe that it was in the safe, could they open it/force you to open it simply because you own the safe. Similarly, if you had a hard drive, could they force decryption without knowing how the contents relate to the case.
Another issue that comes to mind is what happens if a hard drive containing truly random data is found, but the state thinks it contains encrypted data. Could someone be held in contempt for not releasing the (nonexistant) keys. This is probably related to the problem of destroyed keys.
Criminal contempt would have to be proven beyond a reasonable doubt, and the elements of proving the defendant's failure to provide the encryption key would include (1) showing that the key exists and (2) showing that they key is in the defendant's possession.
You mean a witness testifies they saw you unlock a system that looks a bit like the one they are seeing in front of them at trial?
Witness testimony is incredibly unreliable in practice, but courts LOVE that crap. So someone basically could get locked away in contempt forever because someone thinks they saw you unlock a system you can't actually unlock...
They savy criminal argument doesn't pass constitutional muster.
You could say "allowing criminals to not testify against themselves could frustrate law enforcement because a savy criminal could just commit everything to memory."
The 5th ammendment clearly says "too bad, those are the rules."
It's not a "reduction to the absurd". It brings up the point that there is no "essential law enforcement" interest that overrides the right to avoid self incrimination. No matter how badly someone wants to convict you, you have a right to not give testimony against your self against your will.
Since you can be compelled to turn over a physical key via due process, why can you not also be compelled to turn over a digital one?
I know this is rare, but in my opinion it's best to reason about the digital world by explicitly ignoring any analogies to the real world. Rep. Watt said during the SOPA committee hearings that we need parallels in the virtual world to the physical world. I couldn't disagree more.
Okay, American hackers, here's your civil disobedience:
Go to a foreign country. Buy a flash drive. Set up two partitions; make one a small TrueCrypt bootstrap partition, configured to decrypt the second with a password. Random-wipe the second. (For insurance, you may wish to do this provably. Maybe use a publicly-accessible source of random data?)
Travel back across the border. When you are asked to decrypt your drive, inform the authority that you are unable to do so, since no password exists, and the data is utterly meaningless.
They will probably want you to provide some evidence of this. Refuse; insist that you cannot be required to prove that you have not done something wrong.
If all goes well, they'll arrest you for something. Then, call a lawyer.
Let's look a little bit further down the road, say 100 or 200 years. If the computer is implanted in my head, can you compel me to give you the data in it? What if the computer is made partly of cells? Just how tightly integrated do I have to be with the storage device before it's part of the private, protected sphere of my personal consciousness?
I don't mean to be frivolous. As we become ever more dependent on cloud storage and mobile devices as extensions of our memories and our capabilities, we're eventually going to have revisit the legal boundaries of our personhood.
My communications with my attorney are subject to attorney-client privilege. It's almost like the attorney is considered to be a subprocess of me when he is thinking about my problems. We correctly see it as being in the public interest to allow me to communicate with my attorney without hindrance. Why shouldn't my communications with myself be given the same privilege?
Well, governments can compel to collect DNA sampling from you now. Why not go further and compel to read your implanted chip? They can collect your recorded GPS ___location as evidence.
If I encrypt a letter by hand using, say, Caesar's cipher (despite how weak it is), could a court compel me (i.e. is there common law precedent in the US or elsewhere) to decrypt said letter? Surely there must be some precedent before we had computers and whatnot, right? This, after all, seems to be the closest-fitting analogy I can think of—both the "key to lock" and "privacy of mind" arguments seem to be stretching it.
Unless the reason they're using these analogies is that no one has ever brought a non-digital encryption case before a court, which would make sense as to why they're not consulting that precedent, but surely 230 years of US law and several times that of British law would bring up something...
There is precedent that a court can't compel you give up the combination to a combination lock, because it would be considered testimony. Seems to me that this falls under that precedent.
>The assembly of those documents was like telling an inquisitor the combination to a wall safe, not like being forced to surrender the key to a strongbox. Id., at 210, n. 9. The Government’s anemic view of respondent’s act of production as a mere physical act that is principally non-testimonial in character and can be entirely divorced from its “implicit” testimonial aspect so as to constitute a “legitimate, wholly independent source” (as required by Kastigar) for the documents produced simply fails to account for these realities.
For these reasons, we cannot accept the Government's submission that respondent's immunity did not preclude its derivative use of the produced documents because its "possession of the documents [was] the fruit only of a simple physical act-the act of producing the documents." Id., at 29. It was unquestionably necessary for respondent to make extensive use of "the contents of his own mind" in identifying the hundreds of documents responsive to the requests in the subpoena. See Curcio v. United States, 354 U. S. 118, 128 (1957); Doe v. United States, 487 U. S., at 210. The assembly of those documents was like telling an inquisitor the COMBINATION TO A WALL SAFE, not like being forced to surrender the key to a strongbox. Id., at 210, n. 9.
I used to think of moving to USA. I'm a pretty good programmer and it would've been nice to work in an American startup. When reading these news, about SOPA/PIPA, about the crazy amount of spying and control in the airports, about forcing to decrypt my laptop, I don't want to go there even for a holiday anymore. I'm happy here in Berlin and even though the salaries are half what I would get from Silicon Valley, the cost of living is also much lower.
>Dubois said that, in addition, his client may not be able to decrypt the laptop for any number of reasons. "If that's the case, then we'll report that fact to the court, and the law is fairly clear that people cannot be punished for failure to do things they are unable to do," he said.
So can everyone just claim they can't decrypt their drive because of <sort-of-plausible-excuse-here> ?
Yeah, does forgetting a password constitute one of these reasons? It's perfectly plausible if the laptop has been sitting in an evidence locker for a while. People forget passwords all the time.
Happens all the time in child support cases. Dad won't pay because he says he doesn't have the money (or can't find a job), judge doesn't believe him and throws him in jail for contempt.
There's a huge lawsuit in Georgia arguing that this essentially creates a debtors prison.
This should be cause for serious concern. There's often no way to prove that someone knows a key or pass-phrase. If a personal computer I've used for years has TrueCrypt at boot, perhaps a reasonable argument[1] could be made that I know the password. That's not true of a flash drive or an encrypted file on a shared computer.
If someone plants a safe in my house, I may be held in contempt for a while while it's drilled open. Properly encrypted data might withstand attacks for a lifetime or more.
[1] Best I can tell, it's possible for me to TrueCrypt encrypt your computer with only physical access. You wouldn't notice until next boot.
For anyone wondering what this might look like in practice, look up the Regulation of Investigatory Powers Act. There have been a number of prosecutions in the UK for failing to provide encryption keys, many of them resulting in imprisonment.
Notably, the first prosecution was of a paranoid schizophrenic man, who was moved to a secure psychiatric hospital during his prison sentence.
We have not yet had a test case regarding deniable encryption, but I imagine it will be only a matter of time.
Ceci n'est pas une pipe. Reasonable people are sophisticated enough to understand that there is a difference between using a sentence as a password, and believing that sentence to be true.
On a related note, I once looked into changing my middle name to an executable implementation of RSA, so that my passport would be a non-exportable munition. (No go.)
I would guess that it would be too long if written out in English, and that they'd probably deny a name change to a name that contains characters not normally used in names (asterisks, semicolons, underscores...)
I'm a government-should-leave-reasonable-people-the-hell-alone libertarian and a crypto-is-the-shit kind of guy. I also think warrants for searches of encrypted media are totally legit, and think the hair splitting over "typing in the password without anyone seeing it" vs. "being compelled to dictate the password" is completely pointless.
1. Not every vocal Utterance qualifies as Testimony, and the only person who gets to self-identify with an encryption key is Whitfield Diffie, and that rule only applies after 3 bong hits -OR- when he's doing Salvia with Ron Rivest as his sitter. Your weasel card-skimming ass ain't no Whitfield Diffie.
2. If you leak enough inculpatory evidence outside your encrypted hard drive, such that the police are now holding a warrant for searching inside your encrypted hard drive, the jig is up, son! Shouldn't have leaked all that other guilt-stench, and should have plausibly-deniably deleted that evidence.
I appreciate that the adversarial method of trial has given rise to that and other threads of argument on behalf of defendants; I'm just not buying it in this case.
It's an absurdly low bar for "active participation." He's not being asked to compute the AES decryption on 3x5 cards, or help the prosecution find the spot where the laptop is buried in the woods. When you're caught, you're forced to empty your pockets. If your 'pockets' include 1TB of incriminating data, that's your bad.
Is one also actively participating in his own prosecution when he fails to resist arrest? How about when he agrees not to leave the country as a condition for posting bail? After all, he's had that vacation to [insert non-extradition country here] for months! Why should he change his plans to benefit the prosecution?
Isn't this one of the things TPMs are designed to defend you against? The TPM only releases the encryption key after the right password is entered, some number of wrong passwords cause a reset, and perhaps a single duress code instantly causes a reset? Once the TPM is erased, who's to tell if it wasn't just broken to begin with.
. . . which is subsequently rendered useless by the TPM erasing itself.
(The standard procedure is to encrypt the drive using a key stored in the TPM. The TPM then decrypts the drive when provided with the proper authentication. If the designated security policy is violated the TPM destroys the key, rendering the drive's contents useless.)
They are intended to be tamperproof, yes. Mirroring the contents of a TPM is an exercise in hardware deconstruction where you also have to worry about setting of auto-erase traps. It's not impossible by any means, but it's not standard procedure and there's no guarantee it will actually work.
(Presumably serving an 18 month contempt sentence in a county jail is better than the 25-to-life in a maximum security federal prison you'd get if they saw the contents of your hard drive.)
Imprisonment for civil contempt can be of unlimited duration, but the purpose of it is to force you to give up the information. Once you have been in jail long enough for the judge to realize that imprisoning you won't change your mind, you will be released. That could be a very long time.
I've read that it's tied to a particular grand jury session, which is something like 18 months.
Either way, the longest contempt sentence ever was 14 years, which is nothing compared to what you'll get if the government convicts you of laundering money, selling drugs, possessing child porn, or all the other crimes that you might have documented on your computer.
Because I believe in the right of a person to be secure in his papers. If you've done something illegal, the government should be able to make its case without needing your computer. If they can't, what you've done is, to me, not illegal. The people that wrote the Constitution seem to agree.
Perhaps I don't understand some dynamic here, but what prevents someone from just stating that they no longer know the pass phrase? I thought that was more or less a free pass, as no one can prove what you do or don't remember. Hence why the phrase "I'm sorry, I don't recall that senator" is used so often when everyone knows they're lying.
The problem here is what are they going to find that ISN'T Illegal?
Everyone has cracked software, pirated movies, & torrents. Then there's content that isn't illegal but very personal: chat logs, email archives, contact lists, usernames & passwords, FTP info, master passwords to everything, OH and my entire life's worth of inventions and ideas. I'm not saying they'd steal them but remember, we're talking about the American Government here. The same one that can't account for billions of dollars in missing money. Lost 6.6 Billion in Iraq and doesn't know what happened to it. And doesn't know how or why a warehouse full of missiles in the middle east is empty. If that's how they treat their money and weapons, I wonder how they're going to treat my life's work. So...
Just use TrueCrypt to create a hidden volume on a flash drive or SD card, keep everything else un-encrypted. They won't even know it's there. I've got a 32 GB SD card just for this purpose, it's got all my project files on it, thunderbird portable, my entire collection of inventions and business ideas, my life's work basically. If anyone were to plug that card in, it would just read "card has not been formatted yet". I've got a backup of it as well.
If you have a hard drive full of torrented content or DVD rips that look like torrented content just make 2 TrueCrypt volumes, one that is visible (put some porn on it to simulate a "this is all I have hidden" excuse) and the other volume hidden (with all of your pirated content). They literally won't ever know it was there.
>Everyone has cracked software, pirated movies, & torrents
That's a bit of a leap, really.
Also, Truecrypt's deniable encryption here doesn't seem like it would help, since they're talking at the computer level. Presumably, a power on or hard drive password. Assuming there's only one volume, you put that one in and the attacker has the keys to the kingdom.
Besides that, most averages joes wouldn't go through this kind of trouble. If you're running in opposition to a ruling power who might, say, launch a missile at you from 30,000 feet while you're in foreign territory (not naming any names here), then you probably already know to cover your ass.
On the other hand, an average joe thinking that they're cute by giving up the password to the concealed volume will only land a contempt charge when the file access times are checked.
That's not a leap at all. Many people don't have things like that, either for moral reasons, or there just don't care. Of the four computers I maintain for others, none of them has anything on your list.
You can despise the MPAA without downloading movies. Just as you can desire privacy without committing any crimes.
In support of the notion that Under a microscope, everyone is a criminal I'll add this data point.
The police raided the house of a veteran here in town a few months back for possession of small amounts of marijuana. The veteran opened fire and during the ensuing shoot out one officer died and five more were sent to the hospital. The news continuously talked about this veterans limited criminal history.
Ultimately he had a speeding ticket and had been charged with something like jay walking which was dismissed. That was his limited criminal history.
I completely agree that if you look at someone close enough, almost all will have limited criminal histories.
None of the things you mentioned are, in themselves, illegal.
Saving an image or an article to your hard drive is not illegal, but redistributing it can be. Writing negative stories about other people is (in practically all cases) not illegal, either. Nor is having secret information.
Unless the majority secretly has an ungodly amount of child porn in their web cache I don't know about, I am not very inclined to believe that everyone is a criminal under a microscope.
Many? Yes, I agree. Most? I personally highly doubt it. I don't think I've known a single person since the late 90s who doesn't on at least rare occasion download or otherwise acquire unlicensed music.
Sure there are some, and when you consider the population of the world is several billion that "some" can become "many" without really saying anything about the majority.
TrueCrypt supports Hidden OS partitions much like its normal hidden containers and it asks for these passwords at boot.
You could enter one password and have it boot into a boring Windows XP environment while the true password would boot to your actual environment with all your secret files.
There's the file time problem, though. Okay, let's say you're Joe Randomguy and you keep two XP partitions. One that you actively use and might have all manner of contraband on it, and another "boring" one for showing any would-be snoopers.
It's Jan 2012. What do you think is going to happen when they see that the one you gave up the code to hasn't been touched since July 2011?
Does Truecrypt have an option to not record date/time stamps on volumes, or better yet, scramble them?
Standard practice is to use the one you don't care about for things you don't care about (which for most people, will be most things. Web browsing, gaming, emailing the aunt, whatever).
Timestamps are going to be at the FS layer or higher, not much Truecrypt can realistically do about that..
Truecrypt does have an option to disable file time updates on file volumes. Also for ext at least, you can mount with nomtime, noatime, noctime and completely disable file times.
How does preventing the filesystem from writing timestamps solve anything? We're talking about the 'boring partition' having timestamps that suggest that you haven't used it in months (i.e. really old timestamps), when there is probably evidence elsewhere that you have used it (e.g. emails that you've sent since those timestamps).
Or scramble them altogether. Every write to the filesystem through Truecrypt's driver results in a completely random (but still valid) ctime/atime for that file.
I can't readily think of any Windows processes this would break.
I'm curious what the courts would say when told that it is possible to have a hidden inner volume that is impossible to detect and when I hand over my key it may just be the outer containers, not the hidden inner container that I have unlocked.
The jurisprudence in this area has to evolve. In a house, for example, the police might be able to search your house because they have a warrant, or they might be able to search your house because of any other exception to the warrant requirement. In all of those cases, police can only search for discrete things--as in, they probably couldn't turn over your bed, unless they thought someone was hiding under it, or the warrant they got suggested that they could. The "plain view" doctrine might indicate that something clearly illegal in plain view could be seized, but this is somewhat narrowly tailored.
If digital jurisprudence evolves the same way, perhaps a warrant (or discovery request) could be obtained to search within a single folder only, but not another, or the like. Perhaps there are cases out there like this already--but possibly a whole body of jurisprudence needs to evolve to deal with these issues.
If we build laws around files and folders, I can't wait to see what happens when filesystem design changes and there's no such thing as a 'folder' anymore.
The best way to hide something is with misdirection and dead ends. It's by letting someone win a little but not all the way.
If you're a straight male just make a second inner hidden volume and put a ton of gay porn on it. After a few days of arguing with the court just reveal your password to it and they'll think "oh shit, this is what he was hiding. Well nothing to see here, moving on. That's all."
This is the best comment really... I brought up Truecrypt's Hidden OS feature a while ago (here: http://news.ycombinator.com/item?id=3415658 ) and apparently in the UK you have to somehow prove the non-existence of such a thing. If you can't get them to leave you alone through such above trickery it becomes a fairly simple calculated choice deciding whether obstruction of justice is a less harmful penalty than what they want to find and charge you for after decryption.
I really like this idea but I think it is important to ensure that whatever XXX material you have, the actors are clearly over 18. Lord knows it may make your standing far worse if you have anything pushing the line.
So, 30+ year old models in your Safe For Government/get out of jail porn directory.
My gut reaction to this article was that something like what you've described must exist, although I wasn't certain if it was possible to completely hide a volume from an intimate inspection. What tools are you referring to?
Without the right password, there's no way to tell if there's an hidden volume, since the result of the encryption is indistinguishable from pure random data.
Are you SURE you don't have any of these? That's one of the interesting things I've learned over the years. You may THINK you don't have any, or that you have never gone out of your way to get such. But that presumes that when you visited YouTube that the unlicensed excerpt you watched wasn't cached on your computer, and won't be found and used as evidence against you. That a friend or family member never borrowed your computer for a couple minutes to check email and left a copy of an attachment they shouldn't have had. And so on...
Oh, and you think folks who have no problem casually planting a bag of something in your car would have a problem dropping some files on your computer if they think that would help?
I'm not being contrary either, but to claim that you have nothing to hide could be seen as perjury for someone who wants to make sure they get you of something. And in this day and age I suspect the odds that you have something is higher than you may believe.
"Everyone", in common language, is not equivalent to the mathematical "all elements in the set". It just means "almost everybody, excluding very few people that might as well be statistical error". Actually, even 95% of the people qualifies as "everyone" for all practical purposes.
Remember, who we're talking about here. They're not exactly CSI agents.
If someone really wants to smuggle data or keep it secret they WILL find a way. They could just cram it all on a MicroSD and put it under their tongue, or between their butt crack, super glued behind their scrotum, lodged up into their vagina, buried in their rectum, etc.... The methods are endless.
This won't catch terrorists or pedophiles, it'll just catch innocent people like your mom who have some illegally downloaded songs on their laptop.
> Everyone has cracked software, pirated movies, & torrents.
I make it a point to not have pirated movies. I torrent linux distributions and free music (OC Remix); and I buy my software or use free alternatives. It may be true that most people have cracked software, pirated movies and [illegal] torrents, but it's not everyone.
I don't even think most people have those things. Many, sure, but while I am on your end of the spectrum (free software, etc.), many people don't care, or can't be bothered to get those thing, morals aside.
No, it doesn't. This finds files suspected to be TrueCrypt volumes and it does so by looking for certain heuristics. If your file passes a chi-square distribution test it is likely to be a TrueCrypt volume. If I create a file with a bunch of random data TCHunt would also likely peg it as a potential TC volume.
However, it does not detect the existence of a hidden inner volume.
I use truecrypt to encrypt lots of legitimate stuff. All my financial data is on a truecrypt volume on DropBox. And I suspect that folks with something to hide wouldn't find it hard to hide trucrypt itself.
> The problem here is what are they going to find that ISN'T Illegal?
This isn't really a problem. Cops can get a warrant to search your house, and I'm pretty sure they'll find some things that aren't illegal, but are very personal.
If you restrict evidence finding procedure to those in which only evidence (and nothing else) can be found, then I'm pretty sure you'll end up with no evidence.
do people here honestly believe that its not okay for cops with warrants to search someone's encrypted hard drive because they might find something that's not illegal?
Many people have secrets that, if disclosed, could ruin their lives even though they are not illegal. For example, a politician with politically unacceptable activities. I'm sure you can come up with examples, such are regularly reported on the news.
Sometimes the police might need to enter someones property or get access to data to stop crime.
Whilst I think that of course people should stand up for civil liberties etc we have to bear in mind if we completely neutered the police your civil liberties aren't worth shit as a criminal can just take them from you as nobody has enough power to gather evidence against them.
You then risk people turning to mob justice with no due process whatsoever.
In a world where I have an absolute defence against the invasion of police officers, I also have protection against criminals. The "real world" version of cryptography does not of course exist, but nevertheless I subscribe to the belief that all transactions should be voluntary.
Police can serve warrants to search my home. There is nothing I can do to stop them, and I won't attempt to stop them (since I value my life). However that does not mean I consent or approve. "They have a warrant", provides me with zero comfort.
tl;dr: Police are going to keep being police without my approval, so I don't see why my system of ethics needs to give them room to operate.
this an absolutely ridiculous position. if you are charged with a crime, police absolutely do and should investigate for evidence, which includes breaching your privacy. the entire of idea of finding evidence is to breach your privacy.
without this, almost no crimes would have enough evidence to go to prosecution. that includes stuff that you don't care about, like privacy, and maybe stuff you do care about, like murders and kidnapping
They can apply various methods, such as polygraph to determine whether she really forgot the key, and it won't be so easy for her to avoid revealing the real fact.
A stupid idea: what if we passed a law making, say, knowing an encryption key illegal, with a $0.01 penalty per year? Then asking you for your encryption key would be asking you to provide self-incriminating testimony.
You don't need to do that - there's a decent argument to be made that forcing you to decrypt a drive is already forcing you to testify against yourself, in violation of the 5th Amendment.
If you're able to pass silly laws, wouldn't it be easier to just pass a law saying discovery can't compel people to divulge encryption keys kept only within their own head?
Personally I think this is reasonable, provided that requests for decryption keys are handled with the same level of respect for law & privacy afforded to physical keys.
There is a thornier issue though: stenanography + encryption. What if the encrypted data aren't visible in the first place? Or, what if the data aren't provably encrypted data?
I can imagine a case where someone languishes in jail for contempt of court, after being ordered to produce something that doesn't actually exist.
Once again - either providing password, or entering it without revealing password itself is a self-incrimination simply because this way you prove you are owner of this information.
Why this is important? It might be not yours information but you might know password. And this will make you incriminating yourself.
And most important, no matter what, right to not incriminate yourself should be remain untouched. Otherwise, nothing protects people from its government.
This is a serious question that I hope gets answered: Is it possible to tell Linux (or Windows I guess) to immediately crash if you boot it up and are either 1) not connected to the internet or 2) not connected from a certain IP address.
Then you could give up the key, but tell them "see, it's broken and I haven't been able to use it anyway."
Does the defendant's fate hinge on the contents of this laptop? It seems not: the article mentions other evidence against her.
If a case hinges entirely on the contents of an encrypted laptop, perhaps it's not the strongest of cases... which is kind of the point of the fourth and fifth amendments: keeping the government honest, so to speak.
I wonder by what means they will make their hands type. Can they be taser-ed into submission, like the guy who couldn't stand up in the college library?
"He said the All Writs Act, which dates back to 1789 and has been used to require telephone companies to aid in surveillance, could be invoked in forcing decryption of hard drives as well."
I respectfully disagree, even if his opinion is correct under the law. A defendant should never, ever, be forced to assist in his own prosecution, and being forced to decrypt the drive would be doing exactly that.
I wonder about this: What if the key to the encryption is written on a dozen seemingly random notes on yellow sticky notes in your office full of yellow sticky notes? Or, it is composed of the last letter on each page of a series of innocuous looking documents, such that the government might seize the documents but naturally in the process of doing so, scramble the documents order rendering the password irretrievable. Or its some combination of words from a book, or some other innocuous piece of material that they'd simply ignore and that would be thrown out after they left. The one FBI raid I'm directly familiar with involved them seizing the computers and even the phones, but not the desks or the phone books, etc.
In this case the passphrase existed in the ___location where the laptop was seized but in the intervening months, or in the act of seizing it, the phrase was destroyed. Thus it is the responsibility of the cops who seized it that the passphrase is no longer retrievable, and thus it is the government's fault the data is impossible to decrypt.
I'm sure there's an even better way to accomplish something similar that I'm not thinking of, where the phrase is kept handy, but only obvious to you so that you know how to derive it, but the simple act of serving a search warrant will eliminate the phrase by rearranging the key elements.
Then in court you can testify honestly to exactly how you looked up the phrase, but the government would have no way to recreate it.
Sure. You could do even better: keep your computer on at all times and keep everything you do in RAM. No encryption is necessary here, just a $100 UPS and your laptop's own battery.
The problem with all these comments about "what if I give half of my phrase to a friend?" or "what if I write it in the dust at the entrance to my house and the FBI wipes it away when they bust in?" is that it doesn't really address the core issue. There is no technological solution to this situation:
1. The gov't can just give up on the idea of looking at encrypted drives. Not likely and possibly bad for society as a whole. I am not able to judge that.
2. The judge can just refuse to understand that there is no way to decrypt the drive and hold you in contempt of the court indefinitely at which point you'll be cursing yourself for not burying the passphrase chiseled into a stone in your back yard.
3. The gov't makes it illegal to encrypt drives without giving them the keys. At best this is done through some kind of third-party escrow service so that an actual warrant needs to be given before the key is given out. At worst, you just drop off your encryption keys with the nearest post office.
4. There is no #4. The judicial system won't just go "well, this guy has an encrypted drive and we can't get in. Let's just let him go since he clearly outsmarted us." They either will find something else on you, or compel you to decrypt the drive.
Like I said, there is no technical solution, only social/behavioral. Encryption became too sophisticated and there isn't much that we can do nowadays.
No problem. With enough money you could set up a dead man switch to erase your laptop if you step more than 3 feet away from it which is bound to happen if the FBI drags you away. Or set up a voice recognition system that would listen for the words "Open up! Police!".
My point is that with all these amateur lawyer "I can outsmart them on a technicality" schemes I think it needs to be said that you probably don't want to do any of that. Instead, if you do have something that you feel you don't want to expose, use whole disk encryption with hidden volumes, duress codes, etc. but keep your options open. The worst possible scenario to be in is where the only way to prove that you are innocent (or to enter into a plea bargain) is to decrypt your drive but some crazy scheme of yours now prevents you from ever recovering your passphrase.
You can also just, you know, refuse to decrypt the drive. If they're going to torture you, you're pretty much screwed anyway so you probably don't care about the data (unless perhaps it contains crucial private information about friends and family, or business dealings).
For chain of custody etc. you always need to make a master copy and sign/hash it and then work off of a copy. If you tried to do forensics on the actual computer as seized you'd be busy destroying disk & memory evidence as you worked.
That is fine for working on it (and having taken computer forensics classes at college something I am intimately familiar with), however it no longer needs to be done on ___location. The device can safely be removed without requiring a tech to go out to the ___location.
This is probably good enough for most cases, where ham-fisted cops will pull the plug to seize the computer.
But RAM isn't instantly wiped when turned off. The capacitors take some time to discharge, and it is possible to quickly snatch a RAM stick and put it in a device that will preserve its content and allow to read it later on.
If the strategy you propose becomes more prevalent, law officiers will adapt.
> I'm sure there's an even better way to accomplish something similar that I'm not thinking of
One example is what TrueCrypt calls plausible deniability. Your drive has an encrypted volume which initially appears to be completely random data (like all well-encrypted data). You have two decryption keys: an "innocent one" and the "real one." If asked or compelled to decrypt your drive, you decrypt it with the innocent one, and it becomes something innocent (like a bare operating system with no personal info). Obviously, the "real key" reveals your real operating system which you actually use, and thus contains personal information.
The kicker is, without the real key, not only can they not see your personal information, but it's physically impossible to even prove that there's another key which decrypts different data on the drive.
"In a paper published in 2008 and focused on the then latest version (v5.1a) and its plausible deniability, a team of security researchers led by Bruce Schneier states that Windows Vista, Microsoft Word, Google Desktop, and others store information on unencrypted disks, which might compromise TrueCrypt's plausible deniability. The study suggested the addition of a hidden operating system functionality; this feature was added in TrueCrypt 6.0. When a hidden operating system is running, TrueCrypt also makes local unencrypted filesystems and non-hidden TrueCrypt volumes read-only to prevent data leaks. The security of TrueCrypt's implementation of this feature was not evaluated because the first version of TrueCrypt with this option had only recently been released."
It clearly states that it did not evaluate the security plausible deniability of the 'hidden OS' feature.
This is basically saying that if you mount a hidden partition, you may leak information via things like browser cache that ends up getting saved to unencrypted areas. On the other hand, this says nothing about the case where you have the full drive encrypted and boot a different OS if you mount the hidden partition via the bootloader.
In fact that is exactly what defense is saying would be the next argument coming from them.
One can claim they forgot the password. The judge might not believe them, so they can just slap contempt of court charges one after another? What the person has actually forgot the password? How can they prove that they forgot something.
> Then in court you can testify honestly to exactly how you looked up the phrase, but the government would have no way to recreate it.
Not a bad idea in theory. However if the judge/jury can be convinced that you set up your password retrieving system specifically so that a search would destroy the password, they can still slap obstruction and contempt charges on you. I think that is the problem -- inability to convince the judge that you can't decrypt vs that you don't want to....
> One can claim they forgot the password. The judge might not believe them, so they can just slap contempt of court charges one after another? What the person has actually forgot the password? How can they prove that they forgot something.
Shouldn't the court be the one proving stuff? Having to prove you have forgotten your password is like being guilty before being proven innocent.
Obviously, there are many cases where it seems extremely unlikely to us that someone has just forgotten his/her password, but as far as I'm concerned that does not constitute proof. (Otherwise, I think this would be one of those cases where people can get convicted just for being not very smart.)
> Not a bad idea in theory. However if the judge/jury can be convinced that you set up your password retrieving system specifically so that a search would destroy the password, they can still slap obstruction and contempt charges on you. I think that is the problem -- inability to convince the judge that you can't decrypt vs that you don't want to....
Except that one could argue that you have been using this system for a long time (as you have) in case people who were not authorized to use your computer stole it. They can't prove you've set up this system specifically to disrupt their case.
This doesn't solve the problem when law enforcement simply asks you to hand over your computer, of course, but when they come stomping through the door and take away your stuff, you can say "neener-neener, you should've just asked." (I suggest not using those exact words.)
The problem here is that you have to convince people you're telling the truth. If there are any number of stenographic techniques at your disposal, and only way to confirm whether you're being honest is if the drive decrypts, then unless that occurs it can't be easily determined whether you were giving a good faith answer or not.
A bit torn on the issue and don't have a strong opinion either way. I slightly lean towards they shouldn't have to hand over the password, but I really thing courts should try to be flexible (is that even possible?) and go case by case.
Will be looking towards hearing more opinion on the issue.
I hate that I think I agree with the ruling. If the authorities had a warrant to someone's house and barricade themselves in so there could be no entry, we'd hardly give it a second thought that they were violating the warrant. Refusing to give up a password to an encrypted drive is effectively barricading your content.
I guess my issue is what they describe as probable cause for issuing the warrant in the first place.
Can you be compelled to translate them for the court?
What if they just contained numbers? Could you be forced to explain what the numbers mean?
I would conclude that such an action would violate the 5th ammendment.
Forcing her to decrypt the hard drive is the same thing.
Given a warrant, the police have the right to search her hard drive. If they can't understand what it says, she should not have to explain it to them.
Right now, they have no evidence. She is being compelled to produce evidence against her self.
Providing a physical key produces no evidence. It produces a key.
Providing a decrypted version of the data on the laptop is producing information. The contents of the laptop are such that they exhibit a high level of entropy. By definition, they are not information. If they did contain information, they would by definition not be encrypted.
Thus, the request is for the defendant in a criminal trial to replace something that is not information with something that is information. That is clearly a violation of the 5th ammendment.