US Judge Rules Defendant Can Be Forced To Decrypt Hard Drive 1047
A Commentor writes "Perhaps to balance the good news with the Supreme Court ruling on GPS, a judge in Colorado has ordered a defendant to decrypt her hard drive. The government doesn't have the capability to break the PGP encryption, and 'the Fifth Amendment is not implicated by requiring production of the unencrypted contents' of the defendant's computer."
Talk or else! (Score:5, Funny)
Re:Talk or else! (Score:5, Funny)
No. This is the Government. That wrench cost about $2,000.
Re:Talk or else! (Score:5, Informative)
You've been reading this [xkcd.com] again, haven't you!
Am glad that I ain't American !! (Score:5, Insightful)
No American judge gonna force me to decrypt anything !
I ain't gonna buckle under America's draconian laws
Re:Am glad that I ain't American !! (Score:5, Funny)
Yes, it's a good thing you live in England!
Re:Am glad that I ain't American !! (Score:5, Insightful)
Irrelevant. If the US government wants to extradite him, the British government will happily hand him over, no matter the offence.
Let's hope he gets extradited, he'll be better off (Score:5, Insightful)
First, why not use the obvious countermeasure here. When you create an encrypted volume, you should enter 2 keys, not just one. One will unlock your drive, another will appear to unlock your drive, but in fact deletes the contents of the disk entirely. Essentially it replaces the on-disk encryption keys (which is what your password in reality unlocks) with keys that are only useful for the second partition. The second partition is then enlarged to extend over the original copy. Several programs provide this ability (granted they're for-pay and not cheap, but nevertheless, your privacy is worth something to you isn't it ?). This trick is known to have worked in China (that must have taken some serious amount of balls).
This is how banks do it (one code unlocks the safe, another, seemingly identical sets of an explosive charge destroying the vault's contents).
As for the extradition, let's hope for UK encryption users that they do that. After all, in the US, the above judge will probably get called back, providing such horribly weak justification. Even if this stands, the reality is : in the UK there is zero doubt : authorities can imprison you for not revealing passwords to them, in the US there is doubt (as the supreme court has not yet ruled on a case like this), with predictions that this judge's decision will not stand.
Very subtle, adding the bit about Bush about this judge. As if it's relevant. Nobody ever points out that democrat-appointed judges blocked the repeal of slavery for decades ... And that's equally relevant to today's democrats as this decision reflects on republicans.
In the UK, it is established legal precedent to imprison people for refusing to reveal keys [pcpro.co.uk]. (in fact this can be applied to foreignors in the UK)
And of course nobody seems to have read the entire article. May I present a blatant repeat of a few paragraphs that seem to have escaped most people's attention ?
In March 2010, a federal judge in Michigan ruled that Thomas Kirschner, facing charges of receiving child pornography, would not have to give up his password. That's "protecting his invocation of his Fifth Amendment privilege against compelled self-incrimination," the court ruled (PDF).
A year earlier, a Vermont federal judge concluded that Sebastien Boucher, who a border guard claims had child porn on his Alienware laptop, did not have a Fifth Amendment right to keep the files encrypted. Boucher eventually complied and was convicted. the article fails to mention this was not his laptop, but government property. He had signed that he would provide access to a govt administrator. So an obvious detail : you can rely on ecnryption, but don't rely on your employer doing it for you. Also : read contracts BEFORE signing them
The article provides a thoughtful conclusion :
Much of the discussion has been about what analogy comes closest. Prosecutors tend to view PGP passphrases as akin to someone possessing a key to a safe filled with incriminating documents. That person can, in general, be legally compelled to hand over the key. Other examples include the U.S. Supreme Court saying that defendants can be forced to provide fingerprints, blood samples, or voice recordings.
On the other hand are civil libertarians citing other Supreme Court cases that conclude Americans can't be forced to give "compelled testimonial communications" and extending the legal shield of the Fifth Amendment to encryption passphrases. Courts already have ruled that that such protection extends to the contents of a defendant's minds, the argument goes, so why shouldn't a passphrase be shielded as well?
Re:Let's hope he gets extradited, he'll be better (Score:5, Insightful)
First, why not use the obvious countermeasure here. When you create an encrypted volume, you should enter 2 keys, not just one. One will unlock your drive, another will appear to unlock your drive, but in fact deletes the contents of the disk entirely.
Problem is that forensics officers take backups. They'd back up the drive first and boot from the backup so whether it destroys the data or not is irrelevant. And if you gave the officers the "self destruct" password that horked the backup then that is further evidence that you are up to no good.
What you need instead is a hidden volume. The idea is you have a normal OS and a hidden OS where your dirty secrets reside. You are prompted for a password at boot time and the password you enter determines which volume is booted into. Tools like Truecrypt support this already.
The problem is the very fact you are using an encryption tool which supports hidden volumes is likely to raise suspicions that you have a hidden volume even if they cannot prove one exists. At the very least you would have to ensure the decoy volume looks plausible, e.g. you use it frequently for your non incriminating activities, scatter around some sensitive looking but non incriminating documents, all to give the impression that is the one and only volume. The more plausible the decoy is, the more plausible your defence is after you hand over the key.
Even then they might catch you out. by building up a list of inconsistencies of activity shown by the computer's event log and other logs on the HDD vs what they can glean from other logs. e.g. if they might know you were on the internet at such and such a time, or downloaded a particular file, or your phone says it was USB synced at the time yet your OS has no knowledge of these events. Enough inconsistencies combined with evidence of using crypto that supports hidden volumes combined with other evidence they have might still be sufficient to find you guilty.
Re:Let's hope he gets extradited, he'll be better (Score:5, Interesting)
What you need instead is a hidden volume. The idea is you have a normal OS and a hidden OS where your dirty secrets reside. You are prompted for a password at boot time and the password you enter determines which volume is booted into.
What you need instead is two hidden volumes. The idea being that when you decrypt the normal OS with a tool that supports a hidden volume and people find it squeaky clean, they'll tell you "ha ha now tell us the other password" so you have a hidden OS where your porn resides, and a hidden OS where your dirty secrets reside. Ad nauseum depending on how nauseous your dirty secrets are.
Re:Let's hope he gets extradited, he'll be better (Score:5, Insightful)
A single hidden volume is good enough, maybe better than multiples (I'm not sure there is software which supports more than 2 volumes total, you get into trouble with volumes potentially overwriting each other's contents since they each have to not know about the others). A single hidden volume creates plausible deniability, because the default configuration is no hidden volume.
Now here's the problem with secondary volumes. In order for it to be plausible, you need to keep the red herring volume up to date. It needs to have files with recent timestamps on it and so forth. If they look in there and all the files are out of date and haven't been modified in 6+ months, it's not credible and threatens the plausibility of the denial. It works poorly for whole-disk encryption unless you're very good about doing most of your work in the primary volume, and only booting into the secret volume for short periods of nefarious activity.
It's possible to mount both volumes at once, and just be careful about sticking all the evidence on the secondary volume, but in most modern OS's, there'll be problematic artifacts indicating the secondary volume exists in the form of "Recent Files" lists in applications or in the OS level. You'll also have to worry about program caches being written out to the primary volume and being recoverable from free space on the drive; so as part of shut-down you'll need a script which writes random data to the empty space and knows how to destroy the internal cache files of all your applications - even ones you don't use for nefarious purposes since a cache file may not be zeroed out when it's allocated (thus capturing sensitive data). Basically keeping both mounted at the same time is a sure fire way to accidentally leave behind some evidence on the "safe" drive.
The only safe way to do this is to dual-boot sensitive and non-sensitive volumes. Boot into the sensitive volume only for secret activities, and otherwise be booted up on the non-sensitive volume for everything else. You can see why maintaining multiple red herrings is problematic, and since the plausibility of the denial does not significantly increase, while the chances of leaving behind some indicators of a tertiary volume increases significantly, you're better off with a single hidden volume. As a final note, if you do maintain two red herring volumes, your secondary volume needs to have a reason you'd keep it secret. If there's nothing sensitive on there, it's too obvious of a distraction; you might as well label the volume "red herring."
Re:Let's hope he gets extradited, he'll be better (Score:4, Informative)
The issue with maintaining two volumes is that each will report lower capacities than the total drive capacity reported through the BIOS or via the label on the drive
This is not how secret volumes work. For one thing, both volumes look like randomized data since everything is encrypted. You can only examine them if you have the decryption key. With the decryption key, both volumes will report their size as the entire allocated space. The primary volume writes data start->end, while the secondary (secret) volume writes end<-start.
For example if you encrypted a 20GB physical drive, both volumes report that they are 20GB. Indeed if you write 20GB of data to either volume, you will OVERWRITE the alternate volume. It's up to you to know how much data you have on each volume and be careful not to write enough data so that the sum of both volumes exceeds the total volume size. You can mount both volumes at the same time, and the encryption software will reject writes to either volume which would overwrite data on the alternate volume.
Re:Let's hope he gets extradited, he'll be better (Score:5, Insightful)
Even then they might catch you out. by building up a list of inconsistencies of activity shown by the computer's event log and other logs on the HDD vs what they can glean from other logs. e.g. if they might know you were on the internet at such and such a time, or downloaded a particular file, or your phone says it was USB synced at the time yet your OS has no knowledge of these events. Enough inconsistencies combined with evidence of using crypto that supports hidden volumes combined with other evidence they have might still be sufficient to find you guilty.
Maybe... But I would submit that their phone likely wouldn't be configured to sync with the "dirty" volume. And, of course, a truly "bad guy" wouldn't be using a smart phone... he'd be using a simple burn phone, dialing all numbers from memory, and calling only other burn phones.
Finally, it seems like a much better idea to use a bootable USB that you encrypt somehow to house your "secret" volume. Boot your machine to the flash drive, when you're not using it hide it somewhere. Done with it? Wipe it, encrypt the blank drive then change the keys and throw it in a river.
Granted, it is slower than booting off your internal SSD/SATA2-3 buuut... you can't always have privacy & convenience.
Re:Let's hope he gets extradited, he'll be better (Score:4, Interesting)
Problem is that forensics officers take backups. They'd back up the drive first and boot from the backup so whether it destroys the data or not is irrelevant. And if you gave the officers the "self destruct" password that horked the backup then that is further evidence that you are up to no good.
A nefarious person could designate a sequence of sectors in various parts of your hard drive as "sectors that will never be read" during the normal course of system operation.
And then patch their hard drive firmware so that if more than 4 of the "off limits" sectors are read, the hard drive will start zero'ing all sectors in the background, and on next power cycle start an ATA Secure erase.
In other words... latent tamper resistant hardware mechanisms implemented such that unauthorized backup attempts result in hardware level self-destruct, so if someone steals the hard drive they can't use it.
Another method of protecting against physical theft of the HDD and passphrase guessing is to utilize online cloud-based services for key distribution.
Instead of the passphrase being used to decrypt the HDD, it gets entered into software, which connects using the internet and makes an API request that results in contacting a number of off-site cloud-based services.
If the passphrase gets entered incorrectly enough times, FAILS to get entered on a certain schedule, or a passphrase with certain characteristics gets entered instead of the correct one, the remote cloud services shut themselves down, and can no longer pass binary data required to derive the HDD decryption keys.
They can also monitor each other and contain an IDS, so if one of them is compromised, it will be ordered to shutdown, and key material required to bootstrap can be incinerated.
e.g. I'm saying the group of all the 'remote cloud security nodes' would form a cooperative group, and for a cloud security node to bootstrap, the other nodes would have to reach an agreement through an election process, and each node would only contain 1/3 or 1/4 of the key material required to reconstruct the HDD decrypt key after presentation of the right passphrase-decoded material from the requestor.
The cloud services can be in disparate geopgrahic locations, even multiple countries, to help reduce the chance of a hacker breaking into a sufficient plurality of those remote providers.
Re:Let's hope he gets extradited, he'll be better (Score:5, Insightful)
As naive as it may sound, why not just do less illegal stuff?
Who says they are doing illegal stuff? The government's alleging it, but in the ordinary course of events, the 5th Amendment is supposed to protect us against being required to give evidence against ourselves. We are supposed to be presumed innocent until proven guilty in a court of law.
And yet, the cops can get away with [youtube.com] feeding people information, planting information, and pulling every dirty trick they can come up with to try to get a conviction, innocent or not. The US history books are replete with innocent people railroaded by a corrupt system. The evidence in the Troy Davis case, where police intimidated and coached witnesses and doctored evidence, shows that an innocent man was put to death just recently by the corrupt system.
I'm not advocating doing illegal stuff, but I am suggesting that you probably want to keep your affairs under wraps anyways, even if fully legal. The moment you start waiving one of your rights, courts start ruling you also waived others.
Re:Let's hope he gets extradited, he'll be better (Score:5, Insightful)
And unless you think I'm joking, consider the case of a police officer coming round to your house because he wants to "ask you some questions." Maybe he claims it's about a neighbor's domestic disturbance. Maybe there was a noise complaint that your dog was barking too loud late at night. Could be any number of things. You let him inside to "talk." Courts in some jurisdictions have ruled that by opening the door and letting him pass the threshold, you just consented to him searching your house for anything he might find suspicious.
Or say you get pulled over by one of the famous Texas "you got a taillight out bud *nightstickcrashbreaknoise*" Badged Highwaymen. You get out of your car but leave it unlocked, or do you lock it and hold on to the keys? In the first case, some courts have ruled that by leaving it unlocked you consented to it being searched!
The point again is: once you start waiving your rights, you wind up giving up others. And it keeps going and going and going. You think you're "cooperating with the police" and that they will like you and not charge you with anything and treat you nice because of it? Bullshit - the police are the initial arm of "evidence gathering" for prosecutors, a set of conscienceless, amoral assholes who see all citizens as nothing more than a potential conviction notch in their belts.
Re:Let's hope he gets extradited, he'll be better (Score:5, Insightful)
What's wrong with cops lying to or misleading suspects?
Aside from the fact that it is KNOWN to make innocent people plead guilty? Aside from the fact that it makes the already dirty cops look that much closer to using forged evidence?
It's a valid tactic...
And if you had this thing called a "conscience" you'd realize it should NOT be valid. Period.
I'm not saying innocent people haven't been railroaded, many have, but reality doesn't permit police (especially in crime-ridden cities) to be knights in shining armor. Crime is an ugly thing, why would trying to solve it be much prettier?
Every time I hear someone like you I want to throw up. What was it our justice system used to be about? Didn't Thomas Jefferson say he would rather a dozen guilty men go free than see one innocent man convicted? When did we abandon our principles?
Re:Am glad that I ain't American !! (Score:5, Informative)
England already has laws that force suspects to decrypt their hard drives... but maybe you were ironically referring to that?
Re:Am glad that I ain't American !! (Score:5, Interesting)
"Excellent, thank you for the key to the container. Now, give us the key to the hidden container."
"I didn't use one. There is no hidden partition."
"There is nothing incriminating on the container we can access; Just bank statements and a password file. You must have incriminating evidence in the hidden container."
"I didn't use a hidden partition."
"We'll see who the jury believes."
Re:Am glad that I ain't American !! (Score:5, Insightful)
Well, you could always take the two years you'll get for refusing to hand over the key. Clearly anyone with really dodgy stuff on their HD will choose that option over say 10+ years for terrorism or 5+ years and a lifetime on the sex offenders register.
Re:Talk or else! (Score:5, Funny)
Or rather: "Ah. You must be made of stronger stuff! Cardinal Fang! Get... THE COMFY CHAIR!"
Re:Talk or else! (Score:4, Informative)
Actually, the defendant is specifically not being asked to talk (verbally give up her password). That would be a 5th amendment violation. She is also not being asked to write it out, which would again be a 5th amendment violation. She is, however, being asked to type it into the computer, without being watched. That is not a 5th amendment violation as she is not being required to actually divulge the password.
At least that is the argument. Basically, it is treating an encrypted hard drive like a safe. You can be forced to divulge the combination of a safe, but you can be required to open it yourself. The password is being treated like the combination. She can't be forced to divulge it, but can be compelled to enter into the system.
Re:Talk or else! (Score:5, Funny)
I think you a word out.
Re:Talk or else! (Score:4, Informative)
You think "I judge Robert Blackburn is stabbed repeatedly" is correct grammar?
I judge your skill with the English language is somewhat deficient
I judge your skill with English to be somewhat deficient.
no 5th? (Score:5, Insightful)
If there's incriminating evidence, surely this is a perfect example on why the person can't decrypt as it WOULD self incriminate them!
Re:no 5th? (Score:5, Informative)
Re:no 5th? (Score:5, Insightful)
Produce the gun that was used in the robbery. Here is the subpoena
Re:no 5th? (Score:5, Informative)
What's the problem with this? If the prosecution knows the defendant owns a pistol and is accusing the defendant of robbing a liquor store with a pistol, the prosecution is certainly within its rights to subpoena the defendant to produce the pistol so it can be tested against the three slugs pulled out of the counter clerk.
The defendant can claim the pistol doesn't exist (in which case the prosecution has to be able to prove it does), the defendant can claim it was lost or stolen, or ... etc. There are a ton of ways to prevent turning over the pistol. However, none of these ways invalidate the central fact, which is that the subpoena is valid and enforceable: if the prosecution can demonstrate you have the pistol, the judge will happily put you in jail until you turn it over to the prosecution.
Re:no 5th? (Score:5, Insightful)
So what's the difference between claiming the pistol is lost, and claiming you can't remember the password to your hard drive? How does the prosecution prove that you haven't forgotten something?
Re:no 5th? (Score:5, Informative)
Re:no 5th? (Score:5, Insightful)
> > How does the prosecution prove that you haven't forgotten something?
> The problem is the judge can throw you in jail for contempt to "give you time to remember".
But, purely in the semantic sense, 'forgetting' is not the same as 'being in contempt of'. Kinda like the difference between an accidental death and premeditated, deliberate murder.
Besides, if you really did forget your long passphrase, no time in jail will likely 'make you remember'. How do I know? Forgot my own not just once. Mostly after a mere two or three months of not actually using it. Your body memory of typing it in gets messed up. If you use it each day you have the illusion to never forget. Well, take a vacation to Australia for 10 weeks and then find yourself dumbfounded sitting in front of your machine (I'm talking 128-bit passphrases here). The important point here is, that this can happen even without any outside pressure! And you will rack your brain for days, sometimes you will remember, more often you won't. In a pressure situation, legal proceedings etc. chances are, your passphrase has long been eaten by a synapse grue.
PS: Chadwick's wife is a b*&%!!
Re:no 5th? (Score:5, Insightful)
The difference? There are a couple but the first of which is that the lawyers and judges involved are not stupid, they may not be techsters but they are almost certainly not stupid and this encrypted data is but one piece of evidence and you f-ed up long before if you're in this position. Second, there is a judge that will judge.
If you pistol is stolen or lost, you have some obligation to report it as such. It's typically registered and in that case, they know you have it, know the make and model. If you conveniently discover that it is missing when a court requests it they can check to see if you reported it lost or stolen beyond that, there is a judge there to judge you and he'll judge your credibility as he sees it from your behavior up to that point. Basically, keep track of your weapons, particularly when you're getting ready to be involved in a trial. Are you the kind of person that loses a pistol and forgets to tell anyone?
The password isn't quite the same. They may have some idea if you regularly used the computer. Again, I'll reiterate a couple things, the other guys aren't stupid and you didn't get in this position simply because of an encrypted drive. Now if you've spent 3 years doing something considered crime and there is other testimony where you've suggested you don't remember something because it's on the computer you use daily and now you don't remember the password, I can tell you how I'd judge you. Or maybe it's on the computer you resisted handing over and kept in a safe, those factors might not be admissible in the case against you but they certainly come in to play when you attempt to "forget" the password. Do you regularly use computer and keep track of dozens of accounts and passwords but this one computer you had locked up in a safe at your mothers house that you tried to pretend didn't exist, you forgot how to log in?
What will a judge think from your story?
Re:no 5th? (Score:4, Informative)
In court you are required to tell the truth aren't you?
Only while under oath. You are not required to tell the truth during a police investigation, but any lie that you tell them can impeach your credibility later in court. And since sometimes you telling the truth can be impeached by the testimony of another person, your credibility can be damaged in court later regardless of the truth of your statements... so don't talk to the police except to demand a lawyer.
So if you lie about robbing the store but later confess and plead guilty, can they get you for lying in a court of law too??
Only if you testify in court that you did not rob the store. But perjury can actually be somewhat difficult to prove, so normally as part of a confession and guilty plea, you would get a pass for any false statements you made already.
Re:no 5th? (Score:4, Informative)
True but easily worked around - the prosecution can only make a point of what you failed to say "under questioning". That doesn't mean when an officer asks you questions on the street - it means when you're in a custody suite being recorded.
If you ask for legal counsel they are not allowed to ask you any questions until you've spoken to a lawyer. If the first thing you do is ask for a lawyer they can't ask you questions and what you DON'T tell them cannot be used against you.
When you do see a lawyer you only have to get them to agree to some vague statement like "should I try not to say more than I have too". Then you can answer any questions with "On legal advice I decline to answer".
What is the prosecutor then going to do:
Prosecutor: "So Mr Sixpack, why did you fail to mention this to the police when you were questioned?"
Mr Sixpack: "My lawyer told me not to say anything".
Prosecutor: " . . . "
Re:no 5th? (Score:5, Insightful)
Providing an encryption key is the state effectively asking you to help them interpret evidence. Suppose they grab your appointment book.
The next thing you know you are in court and the prosecution is demanding you explain how all the entries for yoga class, and dinner with Sarah, are really codes for drug deliveries and pickups?
Really its pretty simple, they have data and they want YOU to explain how to transform it into evidence you have committed a crime. Its CLEARLY UNCONSTITUTIONAL.
Re:no 5th? (Score:5, Insightful)
The issue is that the government CANNOT compel you to talk about evidence in the case. I thought that was the essence of the 5th. So if you sit quietly, you are now guilty for not cooperating? You have the right to remain silent. Unless you are compelled to speak the password, in which case you no longer have the right to remain silent. Better change the wording... :-)
Re:no 5th? (Score:5, Informative)
Re:no 5th? (Score:5, Informative)
The argument goes like this:
You can't be forced to testify against yourself. You can be forced to provide evidence that may incriminate you - that's the whole point of a warrant.
So it's something you know, vs something you have.
So if you had a smartcard to unlock encrypted data, you could be forced to hand it over, same as a safe key.
So what if it's something you know that is the key, like the passphrase or combination to the safe?
Well, as long as the passphrase or combination in itself is not incriminating (i.e. they don't open something you don't own) then it's treated as evidence, not testimony.
If you claim you've forgotten it, and the judge thinks you're lying, then you can be found in contempt of court until you remember, for withholding evidence.
I'm not saying its fair, but it is consistent with prior law and practise.
Re:no 5th? (Score:4, Insightful)
What a fucked up system do you have over there? I don't have to hand over anything. The State wants to restrict my freedom, THEY have to provide evidence. And they are allowed to violate my private space for that. But that's it. Anything they can't come up with themselves, tough luck.
You guy should really see to not letting yourself get fucked in the ass any more. It's getting scary.
Where do YOU live, Somalia? Either that, or you don't understand the laws you are living under wherever you are.
The judge's ruling in this case is perfectly reasonable, and in conformance with the US Constitution and US law. And common sense.
I'm not a USA law fanboi, but I have worked around enough GOOD lawyers (there actually are a few), and witnessed enough ACTUAL legal proceedings, to understand just how balanced and fair our system is. This "news" story really isn't news at all, except to someone who really doesn't understand the bigger picture here.
Re:no 5th? (Score:4, Interesting)
Yeah it's not going to hold water once the SCOTUS gets ahold of it. I can't imagine this really holding up.
Re: (Score:3)
Re:no 5th? (Score:5, Funny)
Re:no 5th? (Score:4, Funny)
Which is why I've always kept my password as "ImurderedMrandMrsBlevinsonJune171982inJacksonCounty!" Satisfies those pesky security requirements as well.
YOU'RE the one who killed Uncle Ahmed and Aunt Lorraine? :`(
Re:no 5th? (Score:5, Informative)
"The 5th amendment does not protect you from being required to provide subpoenaed materials. It just means you dont have to testify or speak..."
Very definitely incorrect. I looked into this when I first read about the second court case mentioned in TFA. The one about the guy at the border who had child pornography on his computer. TFA gives a woefully incomplete account of that case; there is almost no chance that it is anything like this one at all.
The court ruled that he had to provide the password to an encrypted area on his hard drive, because Customs had already seen some child pornography on his computer, in the encrypted portion of the drive. The decryption software was running at the time, so these files were open and 2 Customs agents were able to see them. But somehow the man then managed to turn off the computer so the files could no longer be accessed.
The key thing here is that the court did not want the password in order to perform a SEARCH. It was already known that there was illegal material there. That is a FAR different situation.
In its ruling, the court made this point very clearly: the government normally cannot force someone to provide an encryption password, in order to SEARCH for items or material that are only SUSPECTED to be there. That would constitute a clear violation of the 5th Amendment.
However, in that particular (and really very unusual) case, the government already knew that there was illegal material, and even where it was. And the court wanted that material for the trial. There could be no violation of the 5th Amendment in that particular situation the court ruled, because it amounted to seizing illegal materials that were already known to be there. Therefore it was not a "search" in any reasonable sense of the term, and the defendant was not supplying anything incriminating that was not already known. He was not "testifying against himself" in other words.
Other courts have made this VERY clear: except under very unusual circumstances, rendering your password up to authorities is most definitely "testifying against yourself", and falls under the 5th Amendment. They cannot demand that information in order to search for evidence that might incriminate you.
When I mentioned all this earlier, when this post still hadn't appeared yet, somebody (sjames) replied that this was "sophistry", to use his word, and that if the court really "knew" it was there, they would not have required that it be supplied to the court.
However, that in itself is sophistry. Apparently he was forgetting several things: (1) As long as the court is not violating the 5th amendment (and in THAT rare case it was not), it can order the material to be presented for pretty much any damned reason it pleases. I did not say it was "needed" by the court to obtain a conviction; I simply stated that it was ordered to be given up. (2) Considering that the court already had consistent and concurring testimony from 2 Customs agents, if they had committed perjury it would have been ridiculously easy to very that without much compromising the defendant's privacy, and any further intrusion could be immediately ended. So there was little danger to the defendant's rights. And most importantly, (3) I wasn't asking sjames to take my word for it; he can look up the damned court decision himself on Google, just like I did, and read about it for himself.
Re:no 5th? (Score:4, Interesting)
Wouldn't this be a 4th amendment issue instead of a 5th amendment?
If you are compelled to hand over the password it's pretty much the same as handing over physical keys.
I'd attack this on grounds of search and seizure, not self incrimination.
Yeah, I see the 5th amendment arising if they ask you to translate a language that only you speak (as you would have to give testimony to the content of the message). The 4th amendment would be them subpoenaing you to translate a language that numerous people speak... ("Higher a damn translator, I don't have to cooperate with your search, I just can't interfere.")
Had an issue once, and I turned over a notebook full of well... notes, as evidence to a lawyer. The English didn't need translation, and I translated the German for them, because they could just translate it anyways (better to unlock your door for a police search than have them bust down the door.) but my own private language? I told them that was confidential, and I wouldn't translate it until I were advised by a lawyer representing my interests to do so.
Re:no 5th? (Score:5, Interesting)
Yep, definitely seems to be a real problem, like that poor dude that stayed in jail for 14 years because of his ex-wife's word.
How about the USB drive thing? If there's no passphrase, but rather a very long key stored on a USB drive, it should be pretty easy to claim you lost it. Even if they did find the USB drive (amongst a handful of other USB drives), if the key is hidden on there somewhere not obvious, such as in the metadata for a photo or something, they wouldn't find that. And how are they going to prove you don't have the key? Their encryption "experts" should at least be able to verify your claim that a long (i.e. too long for a human to remember) key is needed, and then you tell them, "it was on the bright red USB drive. Didn't you guys find that among my personal effects? No? I have no idea where it could be then, it was on my dresser last time I checked! Maybe one of your evidence guys took it, as it was one of those nice big and expensive 64GB models."
Re:no 5th? (Score:4, Funny)
encrypt it with drm then if they try to force you to decrypt it they would be forcing you to brake the dmca. thus decrypting it would itself be a fellony for you or them to decrypt it (stopping attempts by them to brute force or exploit a flaw in the drm scheme). i am fairly sure that you can not be ordered to break the law even by the court. thus you are safe
Re:no 5th? (Score:5, Insightful)
An extreme case, sure but history has shown us that government will push any power they are allowed to gather to the extremes (All the while wailing that they don't have enough power)
Re:no 5th? (Score:5, Insightful)
TrueCrypt doesn't have a "burn the data" password, because that would be pointless - firstly, any digital forensics person worth their salt will make a bit-for-bit copy of your data to a separate storage device before working on it, and secondly, you're likely to attract additional criminal charges for attempting to destroy evidence.
What it does have is a "hidden volume" system - it can store a second volume hidden in the freespace tail of the first. Because encrypted data looks random, it's easy enough to peg a volume as being encrypted, but it's virtually impossible to be sure that there isn't a hidden volume in the freespace at the end.
You have two pass phrases ; one for the first volume, where you keep stuff that could be construed private or slightly embarrassing (tax returns and *legal* porn, or photos of your naked wife, etc) to make it believable, and one for a second volume, where you keep your dastardly plan to conquer the world.
You put up a sufficient amount of resistance to giving up your first password to make it look convincing. "None at all" is an option - that way you look like a hopeless amateur cowed by the almighty power of the state. You do not give up the second password, or give any hint that there might be a hidden volume.
Re:no 5th? (Score:5, Insightful)
What if the key itself is the confession to a crime?
As numerous people have pointed out, but I will do so much more simply.
They don't care about your password, they care about the data that it unlocks, so what your password is is immaterial. The case is not asking for the password to unlock the data, but rather an unencrypted version of the data.
Re:no 5th? (Score:5, Informative)
Ah, but incriminating evidence of what? She might be completely innocent of what she's charged with but guilty of something else. In fact, she probably is, and so are you [wsj.com].
Re:no 5th? (Score:5, Interesting)
If there's incriminating evidence, surely this is a perfect example on why the person can't decrypt as it WOULD self incriminate them!
A person does not have a right to destroy, withhold, or falsify evidence of their wrongdoing with the intent of stymieing investigators. That's obstruction of justice.
Where it gets tricky, and where the law is still unsettled, is how this privilege of the government to investigate is balanced by a person's right against being forced to testify against themselves. In an ideal world, the accused should not be required to have any part in his trial at all. He should be able to simply say and do nothing, and the government can either prove its case or not. The reason that this is tricky, is that if the accused reveals his password, he actually divulges two distinct facts: 1. the encrypted evidence, and 2. that the accused knew how to decrypt the evidence. #2 should not be underestimated, because that eliminates the need for the prosecutor to prove that the accused had access to the encrypted evidence, knew of the evidence, etc.
In my opinion, which isn't worth the paper it isn't printed on, this should hinge on whether or not it can be shown that the accused knows the password. If it can't be shown, then I don't think it's right to compel the defense to divulge both facts. But if it can be shown (or has already been admitted/learned) that the accused knows the password, then I think the accused must decrypt the files.
A low-tech example of this is in safes. The authorities can make you hand over the key to a safe, but not the combination. If the safe is locked with a combination, they must crack open the safe if they want its contents. Obviously this is less feasible with modern encryption technology.
Why we need plausible deniability encryption... (Score:5, Informative)
"I forgot."
Re:Why we need plausible deniability encryption... (Score:4, Funny)
That's how I see it. The idea of files within files so you can reveal /something/ when you unlock the file also looks to be good. "ok, now the other passwrd" "what other one? that's it, that's all there is, 100gb file to hide my bankPassword.txt file"
Re:Why we need plausible deniability encryption... (Score:5, Interesting)
Re: (Score:3)
like a truecrypt hidden volume [truecrypt.org]?
Re: (Score:3)
Assuming her lawyers fail to get the judges order reversed, or convince the judge she really can't comply, she just needs to decide whether the potential penalties of her alleged crimes (and whatever increased likelihood of conviction the data would cause) outweighs the time the judge is going to put her in jail for contempt. The article says bank fraud, wire fraud, and money laundering -- so forgetting sounds like a good idea.
No risk of contempt (Score:4, Informative)
If she claims she cannot provide the password for whatever reason (or simply because she forgot) there is nothing they can do. Read the article, it even states that someone cannot be punished for something they cannot do.
They would need evidence she HAS the password at all.
Re: (Score:3)
That rarely happens, at least in the United States.
And even if it does, in many cases you will be in a better facility than a maximum-security prison, depending on the state and the crime you are accused of. You will likely eventually be released, and you will have not been convicted of the crime, therefore retaining your civil rights (if you were accused of a felony).
That, or eventually they crack the crypto.
Re:Why we need plausible deniability encryption... (Score:5, Insightful)
Re:Why we need plausible deniability encryption... (Score:5, Informative)
Nono, that defense is reserved for important people, don't be silly!
Re:Why we need plausible deniability encryption... (Score:4, Insightful)
That rarely happens, at least in the United States.
And even if it does, in many cases you will be in a better facility than a maximum-security prison, depending on the state and the crime you are accused of. You will likely eventually be released, and you will have not been convicted of the crime, therefore retaining your civil rights (if you were accused of a felony).
That, or eventually they crack the crypto.
Happens more often than you would think [wsj.com]. And in the case of contempt of court, since the judge is actually a witness to the offense of contempt of court, your detention does not require a trial.
Re:Why we need plausible deniability encryption... (Score:4, Informative)
That rarely happens, at least in the United States.
And even if it does, in many cases you will be in a better facility than a maximum-security prison, depending on the state and the crime you are accused of. You will likely eventually be released, and you will have not been convicted of the crime, therefore retaining your civil rights (if you were accused of a felony).
That, or eventually they crack the crypto.
Apparently you haven't been in a family court lately. In Missouri as a case in point, you have *no right to appeal any contempt ruling*. Meaning, not only will you sit in jail indefinitely in a nasty county lockup facility, you will have no means to free yourself from a wrongful contempt charge. In addition to which, our wonderful Missouri law adds the extra kicker of "No other judge may remove, nor revoke the contempt order of another".
Some disagreements in recent history (Score:5, Informative)
I find it funny that a quick search on the subject yielded an article from the same site, with the opposite finding.
Article in 2007: Judge: Man can't be forced to divulge encryption passphrase
http://news.cnet.com/8301-13578_3-9834495-38.html [cnet.com]
Article in 2012: Judge: Americans can be forced to decrypt their laptops
http://news.cnet.com/8301-31921_3-57364330-281/judge-americans-can-be-forced-to-decrypt-their-laptops/ [cnet.com]
I'm fine with them breaking your encryption if they have probable cause; however, forcing you to give the password does seem to have a pretty straight-forward logical path to incriminating yourself (Especially if you are guilty and a subsequent search will yield something on the device).
Re:Some disagreements in recent history (Score:5, Funny)
That's why my password is "I~Did-It". Then it actually would be self-incrimination to reveal the password.
Re:Some disagreements in recent history (Score:5, Funny)
Your password is too weak. Use passphrases, they're easier to remember and harder to hack.
Here's a few for example:
"My Hard Drive is full 0f stolen card data"
"I fed the body to neighbour's pigs"
"Me, with the candlestick, in the library"
Re:Some disagreements in recent history (Score:5, Funny)
"Me, with the candlestick, in the library"
I don't think that's illegal yet.
Oh. You meant hitting someone with the candlestick.
Re:Some disagreements in recent history (Score:4, Interesting)
Assuming you don't actually _know_ any national secrets, a CSS decryption key would be just as good. "I would be breaking the law if I gave you a copy of that key".
Re:Some disagreements in recent history (Score:4, Interesting)
Can they force _you_ to break the law by giving them the key though?
Yes (Score:4, Insightful)
This is as so often the silly debating of the law of little kiddies and the reason lawyers in general are so reluctant to discuss law. First year law teachers hate their job because of the constant attempts by students to re-examine the laws that has already been re-examined for hundreds of years by far greater minds then the average student... like cats.
An execution is written down as a murder. Every executed prisoner in the US is a murder victim. Just that the law has ways of allowing such a thing to happen, in certain circumstances while murder in general is forbidden.
You can see kiddies at work when it comes to the police speeding without lights or sirens. Allowed? YES, regardless of what you think the law says, especially traffic law, IF the police has good reasons to do so and with a high expectation of the police not to endanger others. But if the police on their way to a crime scene feel the need to turn of the siren to avoid alerting the criminals and you jump in front of them on a zebra crossing... don't expect much sympathy from a judge.
It is the INTENT of the law vs the actual wording in a changing world. Jews do it all the time, the Sabbath rules are hard to deal with in a modern world of electricity, batteries and essential technology. Can you use an elevator on the Sabbath? In a skyscaper? With a bad heart? It didn't matter when there were no elevators or when the highest floor could be reached by anyone able to survive for that long. But modern medicine has allowed people to continue to live when they became feeble and created housing so high that even top fit humans would need to take a breather.
What about a fridge? Even if you don't use it, you are using it. Food put in before the Sabbath if kept fresh for you by the labour of someone else at the power company. The laws were written in a time before fridges, how do interpret them?
This is an interesting exercise because you avoid the emotional baggage of the 5th and protection against unreonable searches and can focus on a simpler balance (provided you ain't religious yourself) of the "Intent of the law" and the "written law". On the "need" for their being one day of the week in which the people can reflect (except farmers (livestock) of course who never can take a day off) on their god AND the "need" to deal with the parts of the world that cannot be told to wait for one day.
There are of course many types of labor, especially labor itself (woman giving birth) that have not been part of the sabbath rules for millenia, mid-wiving for instance. Taking care of the dead. Health-care in general. And yet, when thousands of years later the standbye mode is inventented, it has to be discussed how this applies to Jews who want to observe the laws of their fate.
Computer encryption is the same to our general law. The intent of the law is that the police when in possession of a search warrant, can search. I had it happen to me, I lived in small room inside a larger house and a warrant had been issued on the house, so my room was searched. Not very thoroughly, they were looking for a person and the room as said was small, but I was still very upset about it AND unable to do anything about it. Because the law was written with an intent, not a complete checklist for every exception.
And if they had found a dozen children in my room, tortured and killed. Could the police have done anything?
THINK carefully, the answer might surprise you. YES and NO... how can that be? They certainly could have launched an investigation HOWEVER it is highly likely you would walk away from it IF there is no way to find any evidence without having to go through the illegally obtained evidence first.
And that sucks... but if they had seen a blank CD that I had payed the fee for artists on... should they be able to launch an investigation?
No, they can't (and wouldn't for that matter) but why?
Because we INTEND the law to weigh the needs of society vs the needs of the individual. There is no way to write this d
Re:Some disagreements in recent history (Score:5, Insightful)
I'm fine with them breaking your encryption if they have probable cause; however, forcing you to give the password does seem to have a pretty straight-forward logical path to incriminating yourself (Especially if you are guilty and a subsequent search will yield something on the device).
They aren't forcing you to give up the password, they are forcing you to deliver up evidence (in cleartext). Generally speaking, the right not to self-incriminate has never held to apply to tangible evidence like documents -- to which the court analogizes computer files. The distinction between testimony and evidence seems to me to be on old
If the armchair lawyers at /. want to suggest that the 5A privilege extends to documents (or that a defendant can protect documents from the courts merely by running TrueCrypt), they are most free to do so. I, at least, would caution that this would have serious implications for the investigation of white collar crime, financial malfeasance, collusion. The antitrust case [wikipedia.org] against Microsoft, for instance, was based largely on email correspondence that could well have been encrypted before the court ordered them disclosed -- and if such protection actually existed, would have certainly been encrypted if only to trigger that legal protection.
And, let's be honest, for every hapless Joe whose child pornography collection lands him in hot water, there will be a dozen of these well-dressed assholes with well-dressed-lawyers whose job it is to argue any and all points that have a chance of sticking to the fan. The law has this perverse sort of uniformity about it that let's everyone have the same sort of protections regardless of the circumstances that it was thought up in.
Re:Some disagreements in recent history (Score:5, Informative)
The antitrust case [wikipedia.org] against Microsoft, for instance, was based largely on email correspondence that could well have been encrypted before the court ordered them disclosed -- and if such protection actually existed, would have certainly been encrypted if only to trigger that legal protection.
In fact, there are emails there that say, "Ooo, this might be getting murky, let's CC a lawyer, then it's protected by attorney-client privilege!" They didn't understand that you can't just invoke attorney-client privilege by including a lawyer in the conversation, you have to be actively seeking legal advice for your actions to gain privilege.
In the same way, priest-confessor privilege is only protected as long as you're seeking penitence. If you confess a crime to a priest with no intent to seek spiritual absolution (say, in the lunch line), then the priest is perfectly allowed to divulge and even be forced to divulge your confession.
Re: (Score:3)
depending (Score:3, Insightful)
Re:depending (Score:5, Insightful)
Which key do I have to give? (Score:5, Interesting)
If the cipher doesn't require the ciphertext to give you a test for determining whether a given key is the right one, then you can claim that any key (including one you just made up from a thermal noise source) is the "real" key, and the fact that it decrypts to gibberish just means you were storing gibberish on the computer.
You won't be believed, but then at that point -- where the government gets to cross-examine and challenge your purported key -- you're pretty clearly coercing testimony, and much more obviously violating the fifth.
Encryption and security is about layers (Score:4, Insightful)
Interesting quote (Score:3)
That's a fitting random quote from Slashdot if I ever saw one. Perhaps that's an implied part of "facing the consequences including contempt of court".
Simple: don't know your password (Score:5, Interesting)
"Sorry your honor, I used a very long password made up of computer-generated, random characters: one that I could not possibly remember. I had it written on a scrap of paper on my desk and would only need to type it in on the infrequent chance that I had to reboot my computer. .... You should ask the detectives to re-search through the evidence they collected as the scrap of paper is likely in what they took."
Re:Simple: don't know your password (Score:5, Interesting)
True story: I've entered my 4-digit ATM PIN dozens of times from memory, but the other day, I couldn't remember it. It just fell out of my memory for no particular reason. I'm still not sure what it is; I'll have to check my password database (encrypted, of course).
This has happened to me several times before, and no, I'm not old enough to make senility a likely explanation :)
The judge's interpretation is spot on (Score:3)
The people shall be secure in their... effects ...papers...
As a society that hadn't even conceived of electronics, much less computers, I'm quite certain that they would have considered electronic documents to be equivalent to "papers".
Yet another nail in the heart of the US Constitution, and another denial of fundamental rights.
However, if the court issues a subpoena and/or a warrant for the papers, the court is entitled to access them, even if they're on an encrypted device. I'm not sure a simple judicial order from the bench qualifies, but certainly if the judge SIGNS an order he's in the right.
The protection of the constitution is against unreasonable search and seizure, not against justified and documented court inquiries.
I could see how some might wish to treat this as a Fifth Amendment issue, but the documents presumably exist on the hard drive. There is no additional information being demanded of the individual, only that they turn over EXISTING evidence.
Re: (Score:3)
Just don't write it down. (Score:5, Insightful)
5Th Ammendment (Score:4, Insightful)
Has anyone actually read the 5th? If not here is is:
"No person shall be held to answer for a capital, or otherwise infamous crime, unless on a presentment or indictment of a Grand Jury, except in cases arising in the land or naval forces, or in the Militia, when in actual service in time of War or public danger; nor shall any person be subject for the same offense to be twice put in jeopardy of life or limb; nor shall be compelled in any criminal case to be a witness against himself, nor be deprived of life, liberty, or property, without due process of law; nor shall private property be taken for public use, without just compensation"
The few words that are relevant here are "nor shall be compelled in any criminal case to be a witness against himself".
A defendant does not have to answer questions about a case but has to allow lawful searches and provide subpoenaed documents in readable form. If those documents or other evidence is in a safe the defendant is required to open the safe. To me that is the same thing as providing a password.
Another point is that the founding fathers never conceived of a situation where evidence could be hidden in plain sight by using a special word. They never took that into account when they wrote the amendment and interpretation has to change to take that issue into account.
The real crime is... (Score:4, Insightful)
Yellow sticky note (Score:4, Interesting)
I will gladly type the password if they provide me with the yellow sticky note that I wrote it down on. I have too many passwords to remember, why should this one be any different. Like anyone can actually remember a password.
Courts Won't Win -- Use Hidden Volumes (Score:5, Interesting)
Since there's no way to prove that a second volume exists within the blank space of the first one, encryption will win the day.
Re:Same as opening a safe. (Score:5, Informative)
Re: (Score:3)
Re:Same as opening a safe. (Score:4, Insightful)
You know, I can't find the citation right now... but you're ...sort of right.
If it's a physical key to a safe, and you have it, you must provide it.
If it is a /combination/ to a padlock -- you're not.
Of course, the feds don't give a shit since they're a pair of boltcutters or a drill bit away from the inside.
The real question would be if you had an 'unbreakable diamond safe with a combination' if they could require you to produce the combination.
Frankly, I choose to say no. When you create a class of crime for which there exists an innocent person who could not possibly prove prove innocence, you've created something that should not exist.
Of course, they are supposed to prove guilt in the US -- but the notion of knowing the mind of the criminal... is...fallacious at best.
Requiring a man to provide something from the contents of his mind is the very equivalence of creation of thoughtcrime.
Re:Opening under duress (Score:5, Interesting)
Using it will scramble the disk beyond ANY recoverability.
And then you've committed the crime of tampering with evidence / destroying evidence. Good luck evading conviction for that.
No, your only hope is to set up a random password whose mnemonic is something the *police* will destroy when they search your premises, as in "Your honor, my password was recorded by the order in which I kept Skittles on my desk but the act of collecting these Skittles destroyed my record of my password. It is irretrievably lost due to the actions of the police. I would help if I were able but my memory is wholly inadequate, and the only record was destroyed by the police."
Re:Pesky constitution (Score:5, Funny)
Re:Pesky constitution (Score:5, Insightful)
the NDAA killed the first, fourth, and sixth amendments.
The NDAA provision is a statutory law, it CANNOT overrule any amendment. If they are in conflict, then the NDAA loses.
And after that, WTF? How did it kill the first amendment? Did it establish a relgion? Prohibit the free exercise of religion? Abridge the freedom of speech, or press? Or our right to peacefully assemble? Or did it eliminate our ability to petition the government for a redress of our grievances?
The second amendment has been dead for decades.
WTF? The Supreme court just recently ruled that the District of Columbia, and later a state jurisdiction as well are unable to effect regulation of gun ownership in a way that prohibits the ownership of a gun by the general citizenship. No less, the ruling also enforced that regulation of gun ownership cannot require that the gun be dismantled, or otherwise stored in a non-functional state.
And before anyone brings up the dissenting opinions in those cases, even the dissenting opinions stated that the 2nd amendment CLEARLY applies to all citizens, and not just to militia forces.
I think only the 21st amendment is safe in the entire constitution.
Your apocalyptic rhetoric is unnecessary hyperbole.
Re:Pesky constitution (Score:5, Informative)
so remind us all how PATRIOT got passed??
I didn't say that unconstitutional statutory law cannot be passed. I said that it cannot overrule the constitution, and thus is null and void. ... I'm going to note here as well, that doesn't mean that the executive won't enforce an unconstitutional statutory law either, but you're perfectly within your first amendment rights to petition for a redress of your grievance with the courts.
For instance, Rosa Parks committed a crime by not sitting at the back of the bus. She was arrested and sent to jail. Civil disobedience is one of the fastest ways to get a legal argument for unconstitutionality before the court, but it does not come free, and it does not exempt you from suffering as a result of breaking the law. However, if the courts do eventually agree with you, you can seek compensation for being punished for violating a law that was null and void. But you will still have to suffer harm at first.
Re: (Score:3)
That's called spoliation and is a crime already. You can't do anything to destroy evidence that a court is likely to be interested in.
Re:so take the next step (Score:5, Informative)
destruction of a key is not destruction of evidence. The evidence is still intact - just encrypted.
Re:Fake passphrase (Score:5, Informative)
"Prosecutors in this case have stressed that they don't actually require the passphrase itself, and today's order appears to permit Fricosu to type it in and unlock the files without anyone looking over her shoulder. They say they want only the decrypted data and are not demanding "the password to the drive, either orally or in written form."
So this quote makes me wonder, what encryption software is out there that can be configured with a "doomsday" passphrase that will automatically begin some sort of secure delete process when entered? Of course with a fancy "decryption in progress" dialog window or something?
I guess if they figure out what you did, you could be charged with destruction of evidence but if that is a lesser sentence than the wire fraud it wouldn't be a bad move.
I think one of the first things they do is make an image of your hard drive, preserving the data, no matter what you do to it. Much better to keep the key itself on destructible media and destroy it when the cops knock at your door. Or steganographically hide it in plain sight in the digital picture frame with your kid's pictures. Without the passphrase, they can't prove that a suitably random key exists in a JPG.
Re:5th Amendment Clarification (Score:5, Interesting)
5th amendment protects one against oral testimony against oneself, not self-incrimination or being forced to provide evidence.
The 5th amendment doesn't specify "oral testimony against oneself"
It says:
No person shall be ...compelled in any criminal case to be a witness against himself.
That is fairly broadly worded such that giving a passphrase can certainly be witnessing against oneself as it means providing information (witnessing) against yourself. Not to mention that the passphrase is in your head, so it isn't a physical thing to hand over either.
Which brings us to the 4th amendent which is supposed to keep the government out of our personal effects.
People seem to forget that the amendments to the Constitution do not give us any rights, but rather they limitthe government and how far they" can infringe on our "natural rights."
Re:2-key Encryption? (Score:5, Informative)
You are aware that the first thing they do is to create a copy of the files. Actually, an image of the file system.
The very first thing you do in forensics is to create an image. Standard procedure. A bit for bit identical duplicate. Destroy it all you want, the only thing you accomplish is to piss me off because I have to repeat that procedure.
Re:2-key Encryption? (Score:5, Informative)
This has been talked about on the TrueCrypt forums ad nauseum: A suggestion that the utility has a password that would erase volumes.
First, it is part of forensic practice to whip out a hardware write blocker. No hardware write blocker, and the evidence can be thrown out of court.
So, if someone hands a decent forensic analyzer a key, and it zaps the contents of the image, they just roll back the logs, add a destruction of evidence charge.
Re:This has come up before (Score:5, Insightful)
In the UK, it is illegal to "fail to provide" they key when asked. Therefore, it is, in fact, illegal to forget the password, illegal to lose the password and illegal to have never known the password in the first place, to an encrypted volume in your possession.
Yes, seriously.