DOJ: We can force you to decrypt that laptop

Discussion in 'privacy general' started by cm1971, Jul 11, 2011.

Thread Status:
Not open for further replies.
  1. cm1971

    cm1971 Registered Member

    Joined:
    Oct 22, 2010
    Posts:
    727
    The DOJ now says it can force people to decrypt their laptops.

    -http://news.cnet.com/8301-31921_3-20078312-281/doj-we-can-force-you-to-decrypt-that-laptop/
     
  2. chiraldude

    chiraldude Registered Member

    Joined:
    Jul 3, 2010
    Posts:
    157
    Here is a quote:
    Prosecutors stressed that they don't actually require the passphrase itself,
    the defendant would be permitted to type the password without anyone looking over her shoulder. They want only the decrypted data and are not demanding "the password to the drive, either orally or in written form."

    That's a really lame argument!
     
  3. x942

    x942 Guest

    To point out the article does say that there is a good chance, and most people think, the outcome will be in favor of the Fifth Amendment. They believe this because the passphrase is memorized and as such the courts are barred from forcing it's disclosure. Even if they say yes I guarantee the EFF will make an appeal to the supreme court (whom will overrule such a decision no doubt).

    What I see happening is this:

    The court will NOT be able to force the disclosure of passwords or encryption keys IF they are memorized by the defendant.

    HOWEVER

    The court WILL be able to force the disclosure of passwords or encryption keys IF they are store in another (Plain text) form (i.e paper or in a safe).
     
  4. hugsy

    hugsy Registered Member

    Joined:
    May 22, 2010
    Posts:
    167
    They can give their best shot.
     
  5. Baserk

    Baserk Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    1,321
    Location:
    AmstelodamUM
    Regarding the above, anyone know of a case where someone has been convicted for non-disclosure after stating they were willing to cooperate but they simply forgot the password?
     
  6. x942

    x942 Guest

    Not that I know of. I know that the article above cites several cases were the courts ruled in favor of law enforcement. There are more cases that rule in favor of the 5th amendment though.

    If you are cooperating and trying to remember the password I can NOT see them going after you. Especially if you cooperated during other aspects of the investigation as well.
     
  7. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    If a person did it right, they could give the appearance of trying to enter the password by trying different variations of what they are "sure is the right password", like forgetting a punctuation mark or using capitalization in a spot that didn't use it. A person could choose a passphrase that would make such typo mistakes would allow for plausible deniability.

    Of course the easiest way to avoid the problem is to not put the encrypted files on your laptop in the first place. Upload them elsewhere and download them after you get to your destination. Do what you need to do with them, then upload them somewhere else. If an individual wanted to, they could set up an automated task so that the folder or drive that contains the encrypted material is automatically wiped at shutdown. If that folder was a normal appearing temp folder, the task would look like normal maintenance (plausible deniability again). A script or batch file, accessible via keyboard shortcut that would wipe them instantly should the need arise. Written correctly, it would also erase itself. If you're in a situation where you need to worry about what's in an encrypted archive, file, etc, (like evidence of crime, corruption, human rights violations, etc) you should take such precautions long before you put those files on your PC or laptop.
     
  8. x942

    x942 Guest

    Much Agreed. Anything I need to dispose of quickly I store in RAM in an encrypted container using a key generated from /dev/urandom. This way the data is encrypted AND is destroyed once the computer is powered down for approx. 30-90 seconds.

    I also believe the whole TSA thing is blown out of proportion. Mainly because I have been "talked" to by them about my encrypted HDD and IronKey but all they asked is "Why do you encrypt you devices?" and "What type of data is on there?" No attempt at forcing decryption or anything, They were actually quite nice about the whole thing.

    Maybe because I am coming from Canada or maybe because I am not on any watch lists bu none-the-less I have never experienced the "Show us whats on there" issue some report.

    I have had more issues with Law Enforcement at the manciple level over encryption probably because the TSA sees it all the time while Law Enforcement may think "Encryption means you have something to hide".
     
  9. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    It's hard to say if the issue is exaggerated or not. So many factors come into play. Racial or appearance profiling, recent events, where you are, whether the officer or agent is acting like a legitimate law enforcement officer or a proverbial pig, etc. As for watch lists, it's not clear just what will get you put on them or if you can really find out if you are on one. There's also too many examples of the wrong people ending up on those lists, people who have done nothing but have a similar name to someone who has. I fear that we're near or at the day where speaking out against the system will be reason enough to put you on such lists.

    It's been years since I've crossed a border so I haven't had to deal with this. Even if I did, I don't own a laptop, smart phone, or similar device so they'd have nothing to search. Takes away the "probable cause" excuses.

    This and other privacy/security threads, combined with some of the current events suggest another reason to encrypt your hard drives, especially if law enforcement or the powers that be want to target you for some reason. In addition to not being able to search your system for "evidence", encryption will also prevent them from planting "evidence" on it.
     
  10. nix

    nix Registered Member

    Joined:
    Sep 22, 2010
    Posts:
    257
    Location:
    Miami
    This is an attempt to bootstrap a very narrow legal opinion that arose out of the Boucher case to a very broad set of circumstances. The attempt to circumvent Fifth Amendment protections by saying they won't view your password is the typical ridiculous rationalizations that I've come to expect from a certain group of legal "scholars" that seem to be advising LE on these issues.

    A password is testimonial. The judge in Boucher did not rule otherwise. Rather, Sessions ruled that the defendant was not entitled to protection because the ICE agents had already seen the unencrypted files when they searched his laptop at the border. In other words, the court didn't allow the password argument because Boucher had already cooperated.

    People need to understand that there is nothing to be gained by cooperation. Nothing. If you have material you want to shield, chances are that you will be in a worse position if you consent. If you have nothing to shield, they are wrong to detain you. Refuse, refuse, refuse. No matter what. If and when a court tells you you need to disclose your password, you can fight it from there or not, depending on your circumstances. You will face a contempt charge if you refuse a court's order. Only you know whether you are willing to sit in jail for contempt. I would, just as a matter of principle.

    What's the use of having a lock if you're going to give away the key on a silver tray? Why bother in the first place, if you don't believe in your right to protect your property?
     
  11. x942

    x942 Guest

    100% agreed. If anyone asks me I will say no and follow the EFF's guidelines: https://www.eff.org/wp/know-your-rights.

    They can try all they want but I don't have any unencrypted drives in my house :thumb: Even SD cards are encrypted :p
     
  12. hugsy

    hugsy Registered Member

    Joined:
    May 22, 2010
    Posts:
    167

    FINALLY someone who understands it. 100% agreed.
    Unfortunately there are only a minority of people (even on this forum) who understand the point of "innocent until proven otherwise", "right to remain silent", "encryption", "password in your head"

    One of the smartest post i have read here so far.
     
  13. hugsy

    hugsy Registered Member

    Joined:
    May 22, 2010
    Posts:
    167
    Oh yeah, the EFF. org advice are advisiable
     
  14. x942

    x942 Guest

    Not more than a few minutes this just happened to me. I run a TOR Exit node and apparently the RCMP got word of "suspicious" activity.:cautious:

    Did exactly as above and they left with those frightening words "We'll be back with a warrant". Good luck :thumb: I wish I had known before hand so i could have killed that node but oh well it's on an encrypted HDD anyways.:ninja:


    Kind of ironic as I had this thread up at the exact time they came in :p
     
  15. nix

    nix Registered Member

    Joined:
    Sep 22, 2010
    Posts:
    257
    Location:
    Miami
    The RCMP you say? Why, they're a fine bunch of fellows, I'm sure. Pitch-perfect timing, eh?

    And you just bravely stood your ground. Extraordinary.
     
  16. x942

    x942 Guest

    LOL. I think this will be the last time I run an End Node however. This is the second time I have been investigated over one, at least I encrypted the drive this time. I think I will go to Middle Nodes.
     
  17. x942

    x942 Guest

    LOL This about sums it up
    +1 for the EFF :thumb:
     

    Attached Files:

  18. jonyjoe81

    jonyjoe81 Registered Member

    Joined:
    May 1, 2007
    Posts:
    829
    They can force me to decrypt my laptop like they can force me to report for jury duty.
    How are they going to force you? waterboarding, hang you from the roof, beat the password out of you?

    These are mostly idle threats to save them time, if they want the password the CIA supercomputer can crack it in a matter of minutes but that requires paperwork to get computer time. Applying for computer time will take longer than it takes to crack the password.

    Many people believe that even there 60 word password is immune to cracking or that it would take billions of years to crack but the government has the capability of cracking anything, thats how they spy on foreign governments.
     
  19. x942

    x942 Guest


    Oh really? Links? proof? You do realize the Laws of physics disagree with everything you just said right? Cracking a password of that length (or AES) would require the approximate power equivalent to the sun Not to mention more time than the universe has been around.

    If the Government was so powerful than how come they can't even protect their own secrets? Considering the Pentagon was just hacked and 200,000 files were stolen :thumbd:
     
  20. jesusjesus

    jesusjesus Registered Member

    Joined:
    Jul 21, 2009
    Posts:
    61
    People have gone to jail over passwords they forgot, however the technicality was that the court believed the password to be too complex to remember and as such must have been written down. So guy went to jail for not revealing location of password, so his inability to recall password was no defence for not supplying password under a court order.
     
    Last edited: Jul 17, 2011
  21. x942

    x942 Guest

    Was this in the states?

    I find this a stupid decision on the courts part. I have successfully memorized random full ASCII 64 character passwords for each HDD I have encrypted. They can not say it's impossible and had to be written down I have never written them down.

    This also begs the question: What if the location is a keypass database? The password is in my head and barred from the courts jurisdiction (Under the 5th and similar in Canada). That's what I would say to that comment by the court. :cautious:
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.