Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Crime Security

Allegation: Philly Cops Leaned Suspect Over Balcony To Obtain Password 225

An anonymous reader writes with this news from Ars Technica: If you want access to encrypted data on a drug dealer's digital device, you might try to break the crypto—or you might just try to break the man.

According to testimony from a police corruption trial currently roiling the city of Philadelphia, officers from an undercover drug squad took the latter route back in November 2007. After arresting their suspect, Michael Cascioli, in the hallway outside his 18th floor apartment, the officers took Cascioli back inside. Although they lacked a search warrant, the cops searched Cascioli's rooms anyway. According to a federal indictment (PDF), the officers 'repeatedly assaulted and threatened [Cascioli] during the search to obtain information about the location of money, drugs, and drug suppliers.'
That included, according to Cascioli, lifting him over the edge of his balcony to try to frighten out of him the password to his Palm Pilot. That sounds like a good time for a duress password.
This discussion has been archived. No new comments can be posted.

Allegation: Philly Cops Leaned Suspect Over Balcony To Obtain Password

Comments Filter:
  • Done in movies... (Score:5, Insightful)

    by mi ( 197448 ) <slashdot-2017q4@virtual-estates.net> on Friday April 24, 2015 @06:36PM (#49548423) Homepage Journal

    I remember it being done in a few movies — by the good guys — without anybody in the audience cringing. Nor do I remember any calls to boycott a movie over such things.

    So, if popular culture approves of and encourages it, can't blame the cops too much for doing it despite it being merely illegal...

    • Re: (Score:2, Interesting)

      by Anonymous Coward

      So what you are saying is that it's up to Hollywood to dictate what is acceptable in society?
      They clearly don't have an agenda, right?

    • by jklovanc ( 1603149 ) on Friday April 24, 2015 @06:57PM (#49548511)

      Some of of can tell the difference between fiction and reality. They get away with lots of things in movies that are not acceptable in real life.

      • Some of of can tell the difference between fiction and reality. They get away with lots of things in movies that are not acceptable in real life.

        And you can rest assured, the shit they get away with in movies they wouldn't in real life ... have happened in real life. Many many many times. In many many different places.

        Police have been muscling up suspects as long as there have been police.

        That "fiction" you're talking about is straight out of real life. If anything, the "fiction" is probably tamer than s

      • Some of of can tell the difference between fiction and reality.

        And one would hope that law enforcement officers are near the top of the list of people who can tell the difference between fantasy and reality.

    • by houstonbofh ( 602064 ) on Friday April 24, 2015 @07:10PM (#49548575)
      We have been well trained that it is OK for the good guys to bend the rules to stop the bad guys. Of course how can you be you are the good guys? https://www.youtube.com/watch?... [youtube.com]
      • We have been well trained that it is OK for the good guys to bend the rules to stop the bad guys.

        In fairness, there ARE times when that is the case...

        A good example is during the movie "The Peacemaker" with George Clooney.

        A terrorist has a nuclear weapon in his backpack and is 10 blocks away from where he plans to set it off. He also plans to die, so if you confront him, he'll just set it off anyway.

        The sniper who is supposed to shoot the bad guy has his shot blocked by a girl on her daddy's shoulders. He doesn't have a clear shot.

        Do you shoot through the girl to hit the bad guy in that case?

        Is the c

    • So, if popular culture approves of and encourages it, can't blame the cops too much for doing it despite it being merely illegal...

      Let us know how well that "can't blame me, I saw it in a movie" defense works out for you.

    • Re: (Score:3, Insightful)

      by Anonymous Coward

      So, if popular culture approves of and encourages it, can't blame the cops too much for doing it despite it being merely illegal...

      Yes, we can. Police shouldn't receive their training from works of entertainment any more than doctors or lawyers should.

      When you watch ER, House, the Practice, Better Call Saul, you'd never take it seriously if you were a member of those professions.

      Might as well take Japanese anime as lessons in history.

      • So, if popular culture approves of and encourages it, can't blame the cops too much for doing it despite it being merely illegal...

        Yes, we can.

        Indeed, we can, but unfortunately "we" don't. And that's the problem.

        The "we" here is not the Slashdot readers (or other people well-informed about civil rights), but the population at large. And this population doesn't get any special training about their rights, but picks it up from movies and similarly unreliable sources.

        So, even though police's training tells them that they shouldn't behave in such a way, they are confident that there will be very little backlash against such behavior (except from the

    • It's important that you separate the fantasy that happens in movies and what happens in real life. As for your comment I think Ron White says it best "You can't fix stupid".
    • So, if popular culture approves of and encourages it, can't blame the cops too much for doing it despite it being merely illegal...

      Popular culture also approves and encourages Justin Bieber, but don't nobody want to see cops imitating that mess.

    • Nor do I remember any calls to boycott a movie over such things. So, if popular culture approves of and encourages it, can't blame the cops too much for doing it despite it being merely illegal...

      Finally, a like-minded individual. What movie/book should we boycott next?

      I tried boycotting a Harry Potter matinee once, but those little 8 year old kids can be incredibly violent and cruel.

    • by Jawnn ( 445279 )

      I remember it being done in a few movies — by the good guys — without anybody in the audience cringing. Nor do I remember any calls to boycott a movie over such things.

      So, if popular culture approves of and encourages it, can't blame the cops too much for doing it despite it being merely illegal...

      So what a group of people watching a fictional movie "approves of and encourages" should somehow translate to and justify actions in the real world? WTF? Man, that is some seriously busted logic, pal.

    • What the fuck are you talking about? We see all kinds of sick, crazy shit in movies because it's fantasy.

      Should we be okay with killing people because it Arnold blows people away?
      Should we be okay with incest because Game of Thrones is popular?
      Should we be okay with torture because they use it in the movies?
      Should we be okay with hitting women because Shawn Connery did in in films?

      I mean what the fuck kind of argument are you trying to put forth, and how the hell have you convinced people to mod
  • xkcd (Score:5, Informative)

    by cdxta ( 1170917 ) on Friday April 24, 2015 @06:37PM (#49548427)
    Obligatory https://xkcd.com/538/ [xkcd.com]
  • by turp182 ( 1020263 ) on Friday April 24, 2015 @06:38PM (#49548433) Journal

    https://xkcd.com/538/ [xkcd.com]

    Bam! My first obligatory post on Slashdot.

    Someone has probably posted it while I typed this though...

    • by gweihir ( 88907 )

      Actually, you are number 3 ;-)

      • Damnit. I tried. I've never tried first post, thought I could pull of an XKCD reference.

        • by gweihir ( 88907 )

          As the XKCD reference cannot be repeated to often, no harm done.

          • Who the fsck is often, and why don't they capitalize their name? ... and how do you know it won't get repeated to them?
          • by Rakarra ( 112805 )

            As the XKCD reference cannot be repeated to often, no harm done.

            I feel sorry for the second person who posted the xkcd comic. His score is still at 0, while the first and third posters were modded up to five. Some people have no luck!

    • Re: (Score:3, Insightful)

      "Someone has probably posted it while I typed this though..."

      That is because it was so obvious that it would have been best if nobody linked to it. Before I even clicked on the link to the article I knew some asshat was going to link to that xkcd comic.

      • by Rakarra ( 112805 )

        I didn't want to take the time to search for it. But now I have this handy link! Thanks, xkcd posters!

  • That sounds like a good time for a duress password.

    I always took the time to make two containers with one accessed through a duress password. I felt silly for doing it...less so now. It was something I did because I used to travel a lot internationally. That was before Customs started cloning people's device drives.

    • by gweihir ( 88907 )

      If they are professionally, they will clone, perhaps in a way that you cannot see and do something stupid. Bang! The first 10 years prison for "destruction of evidence" already in the bag. If they have no clue how to do this right, then you duress password may work, but they may also be unprofessional enough to just kill you on the spot "by accident". If they do not, see above under "destruction of evidence".

      The only sane thing is to not ever carry sensitive data when crossing borders or in similar situatio

      • If they are professionally, they will clone, perhaps in a way that you cannot see and do something stupid.

        Actually, there's many ways duress passwords can work. When I had one, it granted access as usual, but notified the security people that something was up.

        For a storage system, there's two options:
        1. The duress password directs you to a DIFFERENT image stored within the encrypted blob than the 'real' password. Though at this point it 'works best' if it's less a 'duress' password than a second password used for different stuff. For example, you put all your legitimate* stuff in using password 1. Then you

        • by gweihir ( 88907 )

          Alerting security is something that an work, but it requires that you actually have the upper hand, but that not all your forces are there at the time. That is usually called a "panic button" though. As to hidden partitions, that is all fantasy BS. Really. As to your magic chips, ever wondered why a proper HSM does _not_ have a duress password? Right, because the manufacturer does _not_ want to be responsible for getting you shot.

      • by AK Marc ( 707885 )
        They won't let you touch the device, so if you gave a duress password, it would be the police, not you, that would be destroying evidence. And if there was evidence they were so sure was there, they can subpoena the evidence against you that you hold. They don't have to open the safe if they can compel you to provide the contents.
  • by gweihir ( 88907 ) on Friday April 24, 2015 @06:45PM (#49548463)

    The idea is that if you beat somebody with a rubber hose, that does not leave any mark.

    Also, stop the nonsense about duress-passwords. They do not work. Really not and no, your smart idea for any movie-like device that makes them work is just that: Movie-like but not real. On the other hand, trying to be smart with a duress password procedure can easily get you killed or worse.

    • The idea is that if you beat somebody with a rubber hose, that does not leave any mark.

      Also, stop the nonsense about duress-passwords. They do not work. Really not and no, your smart idea for any movie-like device that makes them work is just that: Movie-like but not real. On the other hand, trying to be smart with a duress password procedure can easily get you killed or worse.

      That really depends on the circumstances. For someone with a PDA (remember them) or computer they are unlikely to be useful, especially if the person "persuading" you is convinced the device contains the information they want. OTOH, they can be useful in specific circumstances. We had a duress codeword to indicate forceable entry was being attempted. When the door was opened the bad guys would be treated by a bunch of pissed off guys with automatic weapons.

      • by gweihir ( 88907 )

        What you describe is not a duress password, it is a safety-destruct and the critical difference is that it is used before the bad guys have you in their power. Still a risk to your health, but less so as you did not disobey a direct order.

        • What you describe is not a duress password, it is a safety-destruct and the critical difference is that it is used before the bad guys have you in their power. Still a risk to your health, but less so as you did not disobey a direct order.

          well, if someone is holding a gun to your head and telling you to gain access to a location I'd say they have you in their power and the password you give is under duress; since you would not use it in any other situation.

          • by gweihir ( 88907 )

            Ah, yes. I misread your description. Sorry. This is the one situation where a duress password actually works, namely when you have superior force, you just need to alert it.

    • by Anonymous Coward on Friday April 24, 2015 @07:54PM (#49548771)

      Also, stop the nonsense about duress-passwords. They do not work. Really not and no, your smart idea for any movie-like device that makes them work is just that: Movie-like but not real. On the other hand, trying to be smart with a duress password procedure can easily get you killed or worse.

      Depends on the threat model.

      I always wondered why ATMs didn't have duress passwords. You get mugged, you tell the mugger the password is 1234 instead of 5678, and the ATM happily dispenses money and calls the police for you.

      I also don't see any reason why phones can't have duress passwords. You get pulled over by the cops, they try to illegally search your device incident to a traffic stop, you key in 1234 instead of 5678, and the phone starts silently recording and/or streaming live audio/video to the cloud.

      The duress password doesn't defend against charges of destruction of evidence. It can be quite useful for defense against power-tripping bullies, whether they're the sort without a badge at the ATM, or the sort with a badge at the side of the road. It only has to last the 5-10 minutes it takes to give the thug what he thinks he wants, and then the thug will let you go.

      Duress codes are to mobile devices what exploding dye packs are to banks. The goal is to let the thug get away with the money, but not get away with the crime.

      • by mark-t ( 151149 )

        ....then the thug will let you go.

        Why should I believe that? If a person is morally bankrupt enough that they are willing to threaten somebody's life, why on earth should I think they are not at least equally capable of lying?

    • Also, stop the nonsense about duress-passwords. They do not work.

      There is a reason why they call the drug courier a mule and it isn't because he is the brains of the outfit.

      The right question to ask --- the first question to ask ---- is not where and how to hide the insanely dangerous files you are carrying about on your person but why you are doing anything so stupid in the first place?

    • "Also, stop the nonsense about duress-passwords. They do not work."

      I was trying to figure out what you are talking about, then it occurred to me that you have no idea know what you are talking about.

    • Duress passwords are fine for stuff that the adversary doesn't know about. If three letter agents bust in on you and they have network logs or other surveillance showing what you've been up to then no, the duress password is not going to get you anywhere.

      On the other hand, if you had a laptop with some Tienanmen square videos on it that you wanted to bring to China, I think it's perfectly viable approach to simply load up the dummy container with videos of yourself doing a little soft S&M or something
  • by Opportunist ( 166417 ) on Friday April 24, 2015 @07:01PM (#49548529)

    At least none that can be seen. You cannot demand keys for something you don't know of. If there's a container with a "please enter pass phrase" lock on top of it, it begs for a key.

    Unused space on your hard drive that looks like it contains old data from before you last partitioned, though...

    • It is quite possible to demand keys that someone *thinks* might be there. More is the pity if there never was any encrypted data on the device to begin with.

      A lot of misbehavior from law enforcement seems to stem from them being "sure" of what is going on, despite a lack of evidence to support the surety.

      • They can demand all they want, I can only hand over what I have. I can't give you what doesn't exist. Which, of course, doesn't guarantee that it will end well for me. Just look at Saddam and him being asked to hand over his nonexistent WMDs.

        But it still increases my chances.

    • by AmiMoJo ( 196126 )

      TrueCrypt hidden containers get around that problem by hiding the real secret data inside a dummy encrypted container that you can hand over the password to. Any unused space will be filled with random bytes, as is the norm for a TrueCrypt container, so isn't suspicious.

  • by jtownatpunk.net ( 245670 ) on Friday April 24, 2015 @07:02PM (#49548541)

    something about a $5 wrench?

  • by PPH ( 736903 )

    I'd cave in after a while.

    "The drugs are right there, officer. In the cabinet underneath the video camera streaming this whole scene out to YouTube."

    • So basically you'd be streaming your criminal activity on YouTube all the time? Because that would be stupid.

      Or you'd bust our your super ninja skills and enable the streaming as the police were knocking on your door with a carefully placed deadman switch? Why not just go all Bruce Lee on them and beat them up and take their guns?

      Because, honestly, when I hear Slashdot people saying all of the tough shit they'd be doing in that situation I just really have to laugh -- seriously, stop fronting ... nobody b

      • by dbIII ( 701233 )

        So basically you'd be streaming your criminal activity on YouTube all the time? Because that would be stupid.

        Sometimes deliberate jokes are deliberately stupid.

  • I let him go. - John Matrix

  • Infiltration worked so well. Cooperation, leniency for working with the gov. Years of free charming, charismatic chatroom leaders and their accomplishments, forums and gov funded onion networks.
    Once a person and all their data is lost the only hope is a "security check" word, phrase. Something that can be added or left out that shows duress or coercion.
    That was the past.
    Now with OS, hardware and telco collaboration expect every consumer device to have a backdoor or trap door as sold.
    The backdoor o
  • by Rakarra ( 112805 )

    Was the undercover cop Suge Knight?

  • by Razed By TV ( 730353 ) on Friday April 24, 2015 @09:39PM (#49549183)
    I think the more interesting story is undercover drug unit goes and terrorizes numerous drug dealers for illegal profit. But I guess that story is already months old. http://articles.philly.com/201... [philly.com]
  • by TheDarkener ( 198348 ) on Friday April 24, 2015 @10:29PM (#49549325) Homepage

    Funny, the most interesting part of this story was the mention of his Palm Pilot. /me wonders what model it was.

    And to answer your question, yes I still use a Palm Pilot [thedarkener.info].

    • by fygment ( 444210 )

      Yeah ... especially after watching a friend using his stylus on his Galaxy phone and thinking 'plus ca change' ...

  • We are seeing the effect of electronics on the exposure of bad cops. It certainly looks like a sizable chunk of our cops belong in prisons. I wonder if society will try to bury the ability to detect bad cops.

Avoid strange women and temporary variables.

Working...