Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Privacy The Courts Encryption Your Rights Online

US Judge Rules Defendant Can Be Forced To Decrypt Hard Drive 1047

A Commentor writes "Perhaps to balance the good news with the Supreme Court ruling on GPS, a judge in Colorado has ordered a defendant to decrypt her hard drive. The government doesn't have the capability to break the PGP encryption, and 'the Fifth Amendment is not implicated by requiring production of the unencrypted contents' of the defendant's computer."
This discussion has been archived. No new comments can be posted.

US Judge Rules Defendant Can Be Forced To Decrypt Hard Drive

Comments Filter:
  • by Zeroedout ( 2036220 ) * on Tuesday January 24, 2012 @12:20AM (#38801329)
    If you don't, you'll have to see a man with a $5 wrench...
    • by dmomo ( 256005 ) on Tuesday January 24, 2012 @12:34AM (#38801423)

      No. This is the Government. That wrench cost about $2,000.

    • Re:Talk or else! (Score:5, Informative)

      by Anonymous Coward on Tuesday January 24, 2012 @12:45AM (#38801509)

      You've been reading this [xkcd.com] again, haven't you!

    • by Taco Cowboy ( 5327 ) on Tuesday January 24, 2012 @01:01AM (#38801627) Journal

      No American judge gonna force me to decrypt anything !

      I ain't gonna buckle under America's draconian laws

      • by Anonymous Coward on Tuesday January 24, 2012 @01:17AM (#38801739)

        Yes, it's a good thing you live in England!

        • by Grishnakh ( 216268 ) on Tuesday January 24, 2012 @01:33AM (#38801829)

          Irrelevant. If the US government wants to extradite him, the British government will happily hand him over, no matter the offence.

          • by Anonymous Coward on Tuesday January 24, 2012 @05:28AM (#38802907)

            First, why not use the obvious countermeasure here. When you create an encrypted volume, you should enter 2 keys, not just one. One will unlock your drive, another will appear to unlock your drive, but in fact deletes the contents of the disk entirely. Essentially it replaces the on-disk encryption keys (which is what your password in reality unlocks) with keys that are only useful for the second partition. The second partition is then enlarged to extend over the original copy. Several programs provide this ability (granted they're for-pay and not cheap, but nevertheless, your privacy is worth something to you isn't it ?). This trick is known to have worked in China (that must have taken some serious amount of balls).

            This is how banks do it (one code unlocks the safe, another, seemingly identical sets of an explosive charge destroying the vault's contents).

            As for the extradition, let's hope for UK encryption users that they do that. After all, in the US, the above judge will probably get called back, providing such horribly weak justification. Even if this stands, the reality is : in the UK there is zero doubt : authorities can imprison you for not revealing passwords to them, in the US there is doubt (as the supreme court has not yet ruled on a case like this), with predictions that this judge's decision will not stand.

            Very subtle, adding the bit about Bush about this judge. As if it's relevant. Nobody ever points out that democrat-appointed judges blocked the repeal of slavery for decades ... And that's equally relevant to today's democrats as this decision reflects on republicans.

            In the UK, it is established legal precedent to imprison people for refusing to reveal keys [pcpro.co.uk]. (in fact this can be applied to foreignors in the UK)

            And of course nobody seems to have read the entire article. May I present a blatant repeat of a few paragraphs that seem to have escaped most people's attention ?

            In March 2010, a federal judge in Michigan ruled that Thomas Kirschner, facing charges of receiving child pornography, would not have to give up his password. That's "protecting his invocation of his Fifth Amendment privilege against compelled self-incrimination," the court ruled (PDF).

            A year earlier, a Vermont federal judge concluded that Sebastien Boucher, who a border guard claims had child porn on his Alienware laptop, did not have a Fifth Amendment right to keep the files encrypted. Boucher eventually complied and was convicted. the article fails to mention this was not his laptop, but government property. He had signed that he would provide access to a govt administrator. So an obvious detail : you can rely on ecnryption, but don't rely on your employer doing it for you. Also : read contracts BEFORE signing them

            The article provides a thoughtful conclusion :

            Much of the discussion has been about what analogy comes closest. Prosecutors tend to view PGP passphrases as akin to someone possessing a key to a safe filled with incriminating documents. That person can, in general, be legally compelled to hand over the key. Other examples include the U.S. Supreme Court saying that defendants can be forced to provide fingerprints, blood samples, or voice recordings.

            On the other hand are civil libertarians citing other Supreme Court cases that conclude Americans can't be forced to give "compelled testimonial communications" and extending the legal shield of the Fifth Amendment to encryption passphrases. Courts already have ruled that that such protection extends to the contents of a defendant's minds, the argument goes, so why shouldn't a passphrase be shielded as well?

            • by DrXym ( 126579 ) on Tuesday January 24, 2012 @06:00AM (#38803087)

              First, why not use the obvious countermeasure here. When you create an encrypted volume, you should enter 2 keys, not just one. One will unlock your drive, another will appear to unlock your drive, but in fact deletes the contents of the disk entirely.

              Problem is that forensics officers take backups. They'd back up the drive first and boot from the backup so whether it destroys the data or not is irrelevant. And if you gave the officers the "self destruct" password that horked the backup then that is further evidence that you are up to no good.

              What you need instead is a hidden volume. The idea is you have a normal OS and a hidden OS where your dirty secrets reside. You are prompted for a password at boot time and the password you enter determines which volume is booted into. Tools like Truecrypt support this already.

              The problem is the very fact you are using an encryption tool which supports hidden volumes is likely to raise suspicions that you have a hidden volume even if they cannot prove one exists. At the very least you would have to ensure the decoy volume looks plausible, e.g. you use it frequently for your non incriminating activities, scatter around some sensitive looking but non incriminating documents, all to give the impression that is the one and only volume. The more plausible the decoy is, the more plausible your defence is after you hand over the key.

              Even then they might catch you out. by building up a list of inconsistencies of activity shown by the computer's event log and other logs on the HDD vs what they can glean from other logs. e.g. if they might know you were on the internet at such and such a time, or downloaded a particular file, or your phone says it was USB synced at the time yet your OS has no knowledge of these events. Enough inconsistencies combined with evidence of using crypto that supports hidden volumes combined with other evidence they have might still be sufficient to find you guilty.

              • by Qzukk ( 229616 ) on Tuesday January 24, 2012 @07:37AM (#38803559) Journal

                What you need instead is a hidden volume. The idea is you have a normal OS and a hidden OS where your dirty secrets reside. You are prompted for a password at boot time and the password you enter determines which volume is booted into.

                What you need instead is two hidden volumes. The idea being that when you decrypt the normal OS with a tool that supports a hidden volume and people find it squeaky clean, they'll tell you "ha ha now tell us the other password" so you have a hidden OS where your porn resides, and a hidden OS where your dirty secrets reside. Ad nauseum depending on how nauseous your dirty secrets are.

                • by nahdude812 ( 88157 ) * on Tuesday January 24, 2012 @08:33AM (#38803955) Homepage

                  A single hidden volume is good enough, maybe better than multiples (I'm not sure there is software which supports more than 2 volumes total, you get into trouble with volumes potentially overwriting each other's contents since they each have to not know about the others). A single hidden volume creates plausible deniability, because the default configuration is no hidden volume.

                  Now here's the problem with secondary volumes. In order for it to be plausible, you need to keep the red herring volume up to date. It needs to have files with recent timestamps on it and so forth. If they look in there and all the files are out of date and haven't been modified in 6+ months, it's not credible and threatens the plausibility of the denial. It works poorly for whole-disk encryption unless you're very good about doing most of your work in the primary volume, and only booting into the secret volume for short periods of nefarious activity.

                  It's possible to mount both volumes at once, and just be careful about sticking all the evidence on the secondary volume, but in most modern OS's, there'll be problematic artifacts indicating the secondary volume exists in the form of "Recent Files" lists in applications or in the OS level. You'll also have to worry about program caches being written out to the primary volume and being recoverable from free space on the drive; so as part of shut-down you'll need a script which writes random data to the empty space and knows how to destroy the internal cache files of all your applications - even ones you don't use for nefarious purposes since a cache file may not be zeroed out when it's allocated (thus capturing sensitive data). Basically keeping both mounted at the same time is a sure fire way to accidentally leave behind some evidence on the "safe" drive.

                  The only safe way to do this is to dual-boot sensitive and non-sensitive volumes. Boot into the sensitive volume only for secret activities, and otherwise be booted up on the non-sensitive volume for everything else. You can see why maintaining multiple red herrings is problematic, and since the plausibility of the denial does not significantly increase, while the chances of leaving behind some indicators of a tertiary volume increases significantly, you're better off with a single hidden volume. As a final note, if you do maintain two red herring volumes, your secondary volume needs to have a reason you'd keep it secret. If there's nothing sensitive on there, it's too obvious of a distraction; you might as well label the volume "red herring."

              • Even then they might catch you out. by building up a list of inconsistencies of activity shown by the computer's event log and other logs on the HDD vs what they can glean from other logs. e.g. if they might know you were on the internet at such and such a time, or downloaded a particular file, or your phone says it was USB synced at the time yet your OS has no knowledge of these events. Enough inconsistencies combined with evidence of using crypto that supports hidden volumes combined with other evidence they have might still be sufficient to find you guilty.

                Maybe... But I would submit that their phone likely wouldn't be configured to sync with the "dirty" volume. And, of course, a truly "bad guy" wouldn't be using a smart phone... he'd be using a simple burn phone, dialing all numbers from memory, and calling only other burn phones.

                Finally, it seems like a much better idea to use a bootable USB that you encrypt somehow to house your "secret" volume. Boot your machine to the flash drive, when you're not using it hide it somewhere. Done with it? Wipe it, encrypt the blank drive then change the keys and throw it in a river.

                Granted, it is slower than booting off your internal SSD/SATA2-3 buuut... you can't always have privacy & convenience.

              • by mysidia ( 191772 ) * on Tuesday January 24, 2012 @08:13AM (#38803799)

                Problem is that forensics officers take backups. They'd back up the drive first and boot from the backup so whether it destroys the data or not is irrelevant. And if you gave the officers the "self destruct" password that horked the backup then that is further evidence that you are up to no good.

                A nefarious person could designate a sequence of sectors in various parts of your hard drive as "sectors that will never be read" during the normal course of system operation.

                And then patch their hard drive firmware so that if more than 4 of the "off limits" sectors are read, the hard drive will start zero'ing all sectors in the background, and on next power cycle start an ATA Secure erase.

                In other words... latent tamper resistant hardware mechanisms implemented such that unauthorized backup attempts result in hardware level self-destruct, so if someone steals the hard drive they can't use it.

                Another method of protecting against physical theft of the HDD and passphrase guessing is to utilize online cloud-based services for key distribution.

                Instead of the passphrase being used to decrypt the HDD, it gets entered into software, which connects using the internet and makes an API request that results in contacting a number of off-site cloud-based services.

                If the passphrase gets entered incorrectly enough times, FAILS to get entered on a certain schedule, or a passphrase with certain characteristics gets entered instead of the correct one, the remote cloud services shut themselves down, and can no longer pass binary data required to derive the HDD decryption keys.

                They can also monitor each other and contain an IDS, so if one of them is compromised, it will be ordered to shutdown, and key material required to bootstrap can be incinerated.

                e.g. I'm saying the group of all the 'remote cloud security nodes' would form a cooperative group, and for a cloud security node to bootstrap, the other nodes would have to reach an agreement through an election process, and each node would only contain 1/3 or 1/4 of the key material required to reconstruct the HDD decrypt key after presentation of the right passphrase-decoded material from the requestor.

                The cloud services can be in disparate geopgrahic locations, even multiple countries, to help reduce the chance of a hacker breaking into a sufficient plurality of those remote providers.

        • by metacell ( 523607 ) on Tuesday January 24, 2012 @02:09AM (#38802031)

          England already has laws that force suspects to decrypt their hard drives... but maybe you were ironically referring to that?

          • by L4t3r4lu5 ( 1216702 ) on Tuesday January 24, 2012 @05:57AM (#38803069)
            I don't think we do. We have a law which makes it an offence to fail to provide the decryption key, which in my opinion is far worse. I use the anecdote of TrueCrypt container with no hidden partition:

            "Excellent, thank you for the key to the container. Now, give us the key to the hidden container."
            "I didn't use one. There is no hidden partition."
            "There is nothing incriminating on the container we can access; Just bank statements and a password file. You must have incriminating evidence in the hidden container."
            "I didn't use a hidden partition."
            "We'll see who the jury believes."
          • by AmiMoJo ( 196126 ) on Tuesday January 24, 2012 @06:04AM (#38803107) Homepage Journal

            Well, you could always take the two years you'll get for refusing to hand over the key. Clearly anyone with really dodgy stuff on their HD will choose that option over say 10+ years for terrorism or 5+ years and a lifetime on the sex offenders register.

    • by fahrbot-bot ( 874524 ) on Tuesday January 24, 2012 @01:04AM (#38801659)

      If you don't, you'll have to see a man with a $5 wrench...

      Or rather: "Ah. You must be made of stronger stuff! Cardinal Fang! Get... THE COMFY CHAIR!"

    • Re:Talk or else! (Score:4, Informative)

      by Dcnjoe60 ( 682885 ) on Tuesday January 24, 2012 @08:40AM (#38804009)

      Actually, the defendant is specifically not being asked to talk (verbally give up her password). That would be a 5th amendment violation. She is also not being asked to write it out, which would again be a 5th amendment violation. She is, however, being asked to type it into the computer, without being watched. That is not a 5th amendment violation as she is not being required to actually divulge the password.

      At least that is the argument. Basically, it is treating an encrypted hard drive like a safe. You can be forced to divulge the combination of a safe, but you can be required to open it yourself. The password is being treated like the combination. She can't be forced to divulge it, but can be compelled to enter into the system.

  • no 5th? (Score:5, Insightful)

    by MrDoh! ( 71235 ) on Tuesday January 24, 2012 @12:22AM (#38801343) Homepage Journal

    If there's incriminating evidence, surely this is a perfect example on why the person can't decrypt as it WOULD self incriminate them!

    • Re:no 5th? (Score:5, Informative)

      by Kenja ( 541830 ) on Tuesday January 24, 2012 @12:30AM (#38801405)
      The 5th amendment does not protect you from being required to provide subpoenaed materials. It just means you dont have to testify or speak out about maters which may incriminate you. I can easily see how supplying a password or decryption key would not be covered. But it would be a hard call to make in my opinion.
      • Re:no 5th? (Score:5, Insightful)

        by maxwells_deamon ( 221474 ) on Tuesday January 24, 2012 @12:43AM (#38801495) Homepage

        Produce the gun that was used in the robbery. Here is the subpoena

        • Re:no 5th? (Score:5, Informative)

          by Anonymous Coward on Tuesday January 24, 2012 @01:25AM (#38801789)

          What's the problem with this? If the prosecution knows the defendant owns a pistol and is accusing the defendant of robbing a liquor store with a pistol, the prosecution is certainly within its rights to subpoena the defendant to produce the pistol so it can be tested against the three slugs pulled out of the counter clerk.

          The defendant can claim the pistol doesn't exist (in which case the prosecution has to be able to prove it does), the defendant can claim it was lost or stolen, or ... etc. There are a ton of ways to prevent turning over the pistol. However, none of these ways invalidate the central fact, which is that the subpoena is valid and enforceable: if the prosecution can demonstrate you have the pistol, the judge will happily put you in jail until you turn it over to the prosecution.

          • Re:no 5th? (Score:5, Insightful)

            by Grishnakh ( 216268 ) on Tuesday January 24, 2012 @01:35AM (#38801839)

            So what's the difference between claiming the pistol is lost, and claiming you can't remember the password to your hard drive? How does the prosecution prove that you haven't forgotten something?

            • Re:no 5th? (Score:5, Informative)

              by berzerke ( 319205 ) on Tuesday January 24, 2012 @01:45AM (#38801911) Homepage
              The problem is the judge can throw you in jail for contempt to "give you time to remember". One guy spent 14 yrs in jail for contempt (H. Beatty Chadwick). In his case, according to Wikipedia, he was jailed "solely on the word of Chadwick's wife".
              • Re:no 5th? (Score:5, Insightful)

                by muckracer ( 1204794 ) on Tuesday January 24, 2012 @04:45AM (#38802723)

                > > How does the prosecution prove that you haven't forgotten something?

                > The problem is the judge can throw you in jail for contempt to "give you time to remember".

                But, purely in the semantic sense, 'forgetting' is not the same as 'being in contempt of'. Kinda like the difference between an accidental death and premeditated, deliberate murder.

                Besides, if you really did forget your long passphrase, no time in jail will likely 'make you remember'. How do I know? Forgot my own not just once. Mostly after a mere two or three months of not actually using it. Your body memory of typing it in gets messed up. If you use it each day you have the illusion to never forget. Well, take a vacation to Australia for 10 weeks and then find yourself dumbfounded sitting in front of your machine (I'm talking 128-bit passphrases here). The important point here is, that this can happen even without any outside pressure! And you will rack your brain for days, sometimes you will remember, more often you won't. In a pressure situation, legal proceedings etc. chances are, your passphrase has long been eaten by a synapse grue.

                PS: Chadwick's wife is a b*&%!!

            • Re:no 5th? (Score:5, Insightful)

              by Nelson ( 1275 ) on Tuesday January 24, 2012 @08:00AM (#38803723)

              The difference? There are a couple but the first of which is that the lawyers and judges involved are not stupid, they may not be techsters but they are almost certainly not stupid and this encrypted data is but one piece of evidence and you f-ed up long before if you're in this position. Second, there is a judge that will judge.

              If you pistol is stolen or lost, you have some obligation to report it as such. It's typically registered and in that case, they know you have it, know the make and model. If you conveniently discover that it is missing when a court requests it they can check to see if you reported it lost or stolen beyond that, there is a judge there to judge you and he'll judge your credibility as he sees it from your behavior up to that point. Basically, keep track of your weapons, particularly when you're getting ready to be involved in a trial. Are you the kind of person that loses a pistol and forgets to tell anyone?

              The password isn't quite the same. They may have some idea if you regularly used the computer. Again, I'll reiterate a couple things, the other guys aren't stupid and you didn't get in this position simply because of an encrypted drive. Now if you've spent 3 years doing something considered crime and there is other testimony where you've suggested you don't remember something because it's on the computer you use daily and now you don't remember the password, I can tell you how I'd judge you. Or maybe it's on the computer you resisted handing over and kept in a safe, those factors might not be admissible in the case against you but they certainly come in to play when you attempt to "forget" the password. Do you regularly use computer and keep track of dozens of accounts and passwords but this one computer you had locked up in a safe at your mothers house that you tried to pretend didn't exist, you forgot how to log in?

              What will a judge think from your story?

      • Re:no 5th? (Score:5, Insightful)

        by SecurityTheatre ( 2427858 ) on Tuesday January 24, 2012 @12:50AM (#38801559)

        The issue is that the government CANNOT compel you to talk about evidence in the case. I thought that was the essence of the 5th. So if you sit quietly, you are now guilty for not cooperating? You have the right to remain silent. Unless you are compelled to speak the password, in which case you no longer have the right to remain silent. Better change the wording... :-)

        • Re:no 5th? (Score:5, Informative)

          by Greyfox ( 87712 ) on Tuesday January 24, 2012 @01:39AM (#38801865) Homepage Journal
          You can be held in contempt of court and imprisoned indefinitely until you decide to cooperate. This is often used on journalists who refuse to reveal their sources.
        • Re:no 5th? (Score:5, Informative)

          by arkhan_jg ( 618674 ) on Tuesday January 24, 2012 @02:36AM (#38802203)

          The argument goes like this:
          You can't be forced to testify against yourself. You can be forced to provide evidence that may incriminate you - that's the whole point of a warrant.
          So it's something you know, vs something you have.

          So if you had a smartcard to unlock encrypted data, you could be forced to hand it over, same as a safe key.

          So what if it's something you know that is the key, like the passphrase or combination to the safe?

          Well, as long as the passphrase or combination in itself is not incriminating (i.e. they don't open something you don't own) then it's treated as evidence, not testimony.

          If you claim you've forgotten it, and the judge thinks you're lying, then you can be found in contempt of court until you remember, for withholding evidence.

          I'm not saying its fair, but it is consistent with prior law and practise.

      • Re:no 5th? (Score:4, Interesting)

        by rwven ( 663186 ) on Tuesday January 24, 2012 @12:54AM (#38801575)

        Yeah it's not going to hold water once the SCOTUS gets ahold of it. I can't imagine this really holding up.

      • Comment removed based on user account deletion
      • Re:no 5th? (Score:5, Funny)

        by Warhawke ( 1312723 ) on Tuesday January 24, 2012 @01:50AM (#38801939)
        Which is why I've always kept my password as "ImurderedMrandMrsBlevinsonJune171982inJacksonCounty!" Satisfies those pesky security requirements as well.
      • Re:no 5th? (Score:5, Informative)

        by Jane Q. Public ( 1010737 ) on Tuesday January 24, 2012 @05:23AM (#38802877)

        "The 5th amendment does not protect you from being required to provide subpoenaed materials. It just means you dont have to testify or speak..."

        Very definitely incorrect. I looked into this when I first read about the second court case mentioned in TFA. The one about the guy at the border who had child pornography on his computer. TFA gives a woefully incomplete account of that case; there is almost no chance that it is anything like this one at all.

        The court ruled that he had to provide the password to an encrypted area on his hard drive, because Customs had already seen some child pornography on his computer, in the encrypted portion of the drive. The decryption software was running at the time, so these files were open and 2 Customs agents were able to see them. But somehow the man then managed to turn off the computer so the files could no longer be accessed.

        The key thing here is that the court did not want the password in order to perform a SEARCH. It was already known that there was illegal material there. That is a FAR different situation.

        In its ruling, the court made this point very clearly: the government normally cannot force someone to provide an encryption password, in order to SEARCH for items or material that are only SUSPECTED to be there. That would constitute a clear violation of the 5th Amendment.

        However, in that particular (and really very unusual) case, the government already knew that there was illegal material, and even where it was. And the court wanted that material for the trial. There could be no violation of the 5th Amendment in that particular situation the court ruled, because it amounted to seizing illegal materials that were already known to be there. Therefore it was not a "search" in any reasonable sense of the term, and the defendant was not supplying anything incriminating that was not already known. He was not "testifying against himself" in other words.

        Other courts have made this VERY clear: except under very unusual circumstances, rendering your password up to authorities is most definitely "testifying against yourself", and falls under the 5th Amendment. They cannot demand that information in order to search for evidence that might incriminate you.

        When I mentioned all this earlier, when this post still hadn't appeared yet, somebody (sjames) replied that this was "sophistry", to use his word, and that if the court really "knew" it was there, they would not have required that it be supplied to the court.

        However, that in itself is sophistry. Apparently he was forgetting several things: (1) As long as the court is not violating the 5th amendment (and in THAT rare case it was not), it can order the material to be presented for pretty much any damned reason it pleases. I did not say it was "needed" by the court to obtain a conviction; I simply stated that it was ordered to be given up. (2) Considering that the court already had consistent and concurring testimony from 2 Customs agents, if they had committed perjury it would have been ridiculously easy to very that without much compromising the defendant's privacy, and any further intrusion could be immediately ended. So there was little danger to the defendant's rights. And most importantly, (3) I wasn't asking sjames to take my word for it; he can look up the damned court decision himself on Google, just like I did, and read about it for himself.

    • Re:no 5th? (Score:5, Informative)

      by Pseudonym ( 62607 ) on Tuesday January 24, 2012 @12:37AM (#38801443)

      Ah, but incriminating evidence of what? She might be completely innocent of what she's charged with but guilty of something else. In fact, she probably is, and so are you [wsj.com].

    • Re:no 5th? (Score:5, Interesting)

      by Slashdot Parent ( 995749 ) on Tuesday January 24, 2012 @03:05AM (#38802333)

      If there's incriminating evidence, surely this is a perfect example on why the person can't decrypt as it WOULD self incriminate them!

      A person does not have a right to destroy, withhold, or falsify evidence of their wrongdoing with the intent of stymieing investigators. That's obstruction of justice.

      Where it gets tricky, and where the law is still unsettled, is how this privilege of the government to investigate is balanced by a person's right against being forced to testify against themselves. In an ideal world, the accused should not be required to have any part in his trial at all. He should be able to simply say and do nothing, and the government can either prove its case or not. The reason that this is tricky, is that if the accused reveals his password, he actually divulges two distinct facts: 1. the encrypted evidence, and 2. that the accused knew how to decrypt the evidence. #2 should not be underestimated, because that eliminates the need for the prosecutor to prove that the accused had access to the encrypted evidence, knew of the evidence, etc.

      In my opinion, which isn't worth the paper it isn't printed on, this should hinge on whether or not it can be shown that the accused knows the password. If it can't be shown, then I don't think it's right to compel the defense to divulge both facts. But if it can be shown (or has already been admitted/learned) that the accused knows the password, then I think the accused must decrypt the files.

      A low-tech example of this is in safes. The authorities can make you hand over the key to a safe, but not the combination. If the safe is locked with a combination, they must crack open the safe if they want its contents. Obviously this is less feasible with modern encryption technology.

  • by faedle ( 114018 ) on Tuesday January 24, 2012 @12:23AM (#38801347) Homepage Journal

    "I forgot."

  • by byrnespd ( 531460 ) on Tuesday January 24, 2012 @12:27AM (#38801379)

    I find it funny that a quick search on the subject yielded an article from the same site, with the opposite finding.

    Article in 2007: Judge: Man can't be forced to divulge encryption passphrase
    http://news.cnet.com/8301-13578_3-9834495-38.html [cnet.com]

    Article in 2012: Judge: Americans can be forced to decrypt their laptops
    http://news.cnet.com/8301-31921_3-57364330-281/judge-americans-can-be-forced-to-decrypt-their-laptops/ [cnet.com]

    I'm fine with them breaking your encryption if they have probable cause; however, forcing you to give the password does seem to have a pretty straight-forward logical path to incriminating yourself (Especially if you are guilty and a subsequent search will yield something on the device).

    • by bondsbw ( 888959 ) on Tuesday January 24, 2012 @12:38AM (#38801455)

      That's why my password is "I~Did-It". Then it actually would be self-incrimination to reveal the password.

      • by Anonymous Coward on Tuesday January 24, 2012 @12:50AM (#38801555)

        Your password is too weak. Use passphrases, they're easier to remember and harder to hack.

        Here's a few for example:
        "My Hard Drive is full 0f stolen card data"
        "I fed the body to neighbour's pigs"
        "Me, with the candlestick, in the library"

    • by Wrath0fb0b ( 302444 ) on Tuesday January 24, 2012 @12:57AM (#38801595)

      I'm fine with them breaking your encryption if they have probable cause; however, forcing you to give the password does seem to have a pretty straight-forward logical path to incriminating yourself (Especially if you are guilty and a subsequent search will yield something on the device).

      They aren't forcing you to give up the password, they are forcing you to deliver up evidence (in cleartext). Generally speaking, the right not to self-incriminate has never held to apply to tangible evidence like documents -- to which the court analogizes computer files. The distinction between testimony and evidence seems to me to be on old

      If the armchair lawyers at /. want to suggest that the 5A privilege extends to documents (or that a defendant can protect documents from the courts merely by running TrueCrypt), they are most free to do so. I, at least, would caution that this would have serious implications for the investigation of white collar crime, financial malfeasance, collusion. The antitrust case [wikipedia.org] against Microsoft, for instance, was based largely on email correspondence that could well have been encrypted before the court ordered them disclosed -- and if such protection actually existed, would have certainly been encrypted if only to trigger that legal protection.

      And, let's be honest, for every hapless Joe whose child pornography collection lands him in hot water, there will be a dozen of these well-dressed assholes with well-dressed-lawyers whose job it is to argue any and all points that have a chance of sticking to the fan. The law has this perverse sort of uniformity about it that let's everyone have the same sort of protections regardless of the circumstances that it was thought up in.

      • by snowgirl ( 978879 ) on Tuesday January 24, 2012 @01:41AM (#38801873) Journal

        The antitrust case [wikipedia.org] against Microsoft, for instance, was based largely on email correspondence that could well have been encrypted before the court ordered them disclosed -- and if such protection actually existed, would have certainly been encrypted if only to trigger that legal protection.

        In fact, there are emails there that say, "Ooo, this might be getting murky, let's CC a lawyer, then it's protected by attorney-client privilege!" They didn't understand that you can't just invoke attorney-client privilege by including a lawyer in the conversation, you have to be actively seeking legal advice for your actions to gain privilege.

        In the same way, priest-confessor privilege is only protected as long as you're seeking penitence. If you confess a crime to a priest with no intent to seek spiritual absolution (say, in the lunch line), then the priest is perfectly allowed to divulge and even be forced to divulge your confession.

    • When multiple circuit courts result in differing opinons on the matter its generally a good indication that the Supreme Court will hear the matter at some point. The aforementioned GPS tracking case is a good example of this.
  • depending (Score:3, Insightful)

    by arbiter1 ( 1204146 ) on Tuesday January 24, 2012 @12:28AM (#38801391)
    Depends on what is stored on that drive i would say No, and take the contempt of court charges.
    • Re:depending (Score:5, Insightful)

      by introp ( 980163 ) on Tuesday January 24, 2012 @12:44AM (#38801505)
      You realize that you can be held indefinitely on contempt charges? As in, for the rest of your life or until you comply? There's no violation of your rights in that case because you are considered to hold the keys to your own cell, as it were.
  • by DriedClexler ( 814907 ) on Tuesday January 24, 2012 @12:29AM (#38801399)

    If the cipher doesn't require the ciphertext to give you a test for determining whether a given key is the right one, then you can claim that any key (including one you just made up from a thermal noise source) is the "real" key, and the fact that it decrypts to gibberish just means you were storing gibberish on the computer.

    You won't be believed, but then at that point -- where the government gets to cross-examine and challenge your purported key -- you're pretty clearly coercing testimony, and much more obviously violating the fifth.

  • by mercnet ( 691993 ) on Tuesday January 24, 2012 @12:35AM (#38801427)
    Since the laws mean nothing in the US anymore. TrueCrypt goes into great detail about making a decoy OS: http://www.truecrypt.org/docs/?s=hidden-operating-system [truecrypt.org]
  • by maugle ( 1369813 ) on Tuesday January 24, 2012 @12:37AM (#38801441)
    "You will obey or molten silver will be poured into your ears."

    That's a fitting random quote from Slashdot if I ever saw one. Perhaps that's an implied part of "facing the consequences including contempt of court".
  • by crimoid ( 27373 ) on Tuesday January 24, 2012 @12:49AM (#38801545)

    "Sorry your honor, I used a very long password made up of computer-generated, random characters: one that I could not possibly remember. I had it written on a scrap of paper on my desk and would only need to type it in on the infrequent chance that I had to reboot my computer. .... You should ask the detectives to re-search through the evidence they collected as the scrap of paper is likely in what they took."

  • by msobkow ( 48369 ) on Tuesday January 24, 2012 @12:50AM (#38801561) Homepage Journal

    The people shall be secure in their... effects ...papers...

    As a society that hadn't even conceived of electronics, much less computers, I'm quite certain that they would have considered electronic documents to be equivalent to "papers".

    Yet another nail in the heart of the US Constitution, and another denial of fundamental rights.

    However, if the court issues a subpoena and/or a warrant for the papers, the court is entitled to access them, even if they're on an encrypted device. I'm not sure a simple judicial order from the bench qualifies, but certainly if the judge SIGNS an order he's in the right.

    The protection of the constitution is against unreasonable search and seizure, not against justified and documented court inquiries.

    I could see how some might wish to treat this as a Fifth Amendment issue, but the documents presumably exist on the hard drive. There is no additional information being demanded of the individual, only that they turn over EXISTING evidence.

    • by msobkow ( 48369 )
      Dang. I should have deleted the "another nail" sentence. It goes counter to my argument. *LOL* Typos, typos, typos. Always in a rush and with the typos... :P
  • by demonlapin ( 527802 ) on Tuesday January 24, 2012 @12:51AM (#38801567) Homepage Journal
    Remember, kids: if you have to do something illegal, do not write it down. Anywhere. Once you do, it's no longer something contained solely in your mind and nowhere else, and it is probably subject to subpoena, which will be deemed eminently legal. Don't put it in your diary. Don't tell anyone (you'll lose your expectation of privacy). If you must break the law, never ever speak about it. Do it and move on.
  • 5Th Ammendment (Score:4, Insightful)

    by jklovanc ( 1603149 ) on Tuesday January 24, 2012 @01:21AM (#38801769)

    Has anyone actually read the 5th? If not here is is:
    "No person shall be held to answer for a capital, or otherwise infamous crime, unless on a presentment or indictment of a Grand Jury, except in cases arising in the land or naval forces, or in the Militia, when in actual service in time of War or public danger; nor shall any person be subject for the same offense to be twice put in jeopardy of life or limb; nor shall be compelled in any criminal case to be a witness against himself, nor be deprived of life, liberty, or property, without due process of law; nor shall private property be taken for public use, without just compensation"

    The few words that are relevant here are "nor shall be compelled in any criminal case to be a witness against himself".

    A defendant does not have to answer questions about a case but has to allow lawful searches and provide subpoenaed documents in readable form. If those documents or other evidence is in a safe the defendant is required to open the safe. To me that is the same thing as providing a password.

    Another point is that the founding fathers never conceived of a situation where evidence could be hidden in plain sight by using a special word. They never took that into account when they wrote the amendment and interpretation has to change to take that issue into account.

  • by ibsteve2u ( 1184603 ) on Tuesday January 24, 2012 @02:21AM (#38802077)
    Ramona Fricosu indulged in mortgage fraud. Only the banks, the ratings agencies, and Wall Street are allowed to do that.
  • Yellow sticky note (Score:4, Interesting)

    by KevMar ( 471257 ) on Tuesday January 24, 2012 @02:30AM (#38802165) Homepage Journal

    I will gladly type the password if they provide me with the yellow sticky note that I wrote it down on. I have too many passwords to remember, why should this one be any different. Like anyone can actually remember a password.

  • by FsG ( 648587 ) on Tuesday January 24, 2012 @03:19AM (#38802383)
    Disk encryption software already supports hidden volumes [truecrypt.org]. Even if this kind of decision becomes dominant case law, that won't accomplish anything. People will just start deploying volumes with two passphrases, and when ordered to give up the passphrase, giving up the one that decrypts grandma's recipe collection.

    Since there's no way to prove that a second volume exists within the blank space of the first one, encryption will win the day.

You know you've landed gear-up when it takes full power to taxi.

Working...