"The Electronic Frontier Doundation"
what some people will call their groups in order to get an acronym that they like ...
strangely its not in: http://acronyms.thefreedictionary.com/EFD
Investigators have cracked the encryption key for a laptop drive owned by a Colorado woman accused of real-estate fraud - rendering a judge's controversial order to make her hand over the passphrase or stand in contempt of court irrelevant. The government seized the Toshiba laptop from Ramona Fricosu back in 2010 and …
Just use a password that has a suitably long length. Likelihood in this case was she used a poor (short) password. TrueCrypt can offer great security, but it can't save you from yourself when your password is less than 10 characters or you don't use keyfiles.
"Sorry Your Honor, my hard drive was encrypted with multiple keyfiles but I can't remember which ones they were as I had only just set it up the night before my house was raided..."
"can be compelled to turn over a key to a safe possibly containing incriminating evidence, but is not obliged to supply the combination of a safe"
Why do law makers have such an ability to create stupid inconsistencies - either they should both be in, or both out. While I dont expect politicians to be up to speed, their advisors should be and these stupid inconsistencies only cost everyone (time, money, stress, ...)
I am by no means an expert or a lawyer, but I think it probably has something to do with a key being a physical property which can be seized as evidence; whereas a combination is an intangible property, unable to be seized and instead must be volunteered by the mind possessing it.
As such, only the accused has knowledge of whether or not they have knowledge of the combination. If the accused does not have knowledge of the combination and yet are prosecuted, well it's a bit like saying:
"You are lying and therefore you'll give up the combination to save yourself from contempt of court".
You can see examples of that logic in American history:
"You're a witch and therefore you'll save yourself from drowning".
> You can see examples of that logic in American history:
> "You're a witch and therefore you'll save yourself from drowning".
I think you will find that we, in the UK, were drowning, burning, stoning and generally not being very nice to witches for a couple of centuries before we even knew there was an America. They simply copied our logic.
For "enough time", substitute, "a significant proportion of the age of the universe", assuming the protocol is implemented correctly and the password wasn't something like, "letmein1".
However, "Attempted denial of justice" sounds very much like thought crime. It is the job of the state to prove guilt beyond reasonable doubt. The defendant is not obligated to help them in any way, and is in fact protected from doing so in many cases.
You, sir, sound like a bit of a tool...
This post has been deleted by its author
It's absolutely ludicrous that a defense of self-incrimination could be used in this situation. Keeping her records on her laptop is only a format difference from keeping those same records on paper in a filing cabinet, which law enforcement has always been able to access. Opening that filing cabinet doesn't become self-incrimination just because she put a padlock on it.
It's not a format difference. There's nothing stopping law enforcement from reading the hard-drive. It's a translation. After they've read the drive, they still need the contents of your brain to figure out what they mean. Apparently the Supreme Court has decided that the inside of your head is protected by the US constitution.
Perhaps *that* is ludicrous, on the grounds that those who wrote the prohibition on self-incrimination were considering that the incriminating material might be inside your head and not just a key to incriminating material. (The combination, or password, is not in itself incriminating.) Perhaps, but since the Supreme Court have taken the opposite view, I think it is not ludicrous to expect that lesser authorities should be bound by the restriction.
Ken, I get where you're coming from on this, but the entire situation still seems a bit weird.
It appears that what is happening, is we (in America) say that crime is okay as long as you're clever enough to cover your tracks in such a way that nobody else can speak against you.
"It appears that what is happening, is we (in America) say that crime is okay as long as you're clever enough to cover your tracks in such a way that nobody else can speak against you."
No, what you in America do is put in safeguards to protect the innocent from prosecution. That means that some who are guilty are also spared. I and most prefer that to the opposite, where all guilty people are punished, but some of the innocent are as well.
The fact that some innocent people are still being prosecuted, is actually an argument for more protections rather than less....
> The fact that some innocent people are still being prosecuted, is actually an argument for more protections rather than less....
Not necessarily. In any imperfect system a balance has to be struck and in the case of the legal system the balance should minimise the number of victims. Victims not only means those punished for crimes they did not commit, it also means those who become victims due to the guilty not being punished.
"No, what you in America do is put in safeguards to protect the innocent from prosecution."
Well, it is a little more complicated than that. The guys arguing for the Bill of Rights (Us, not Willie the Dutchie) protections we see in the 4-8th Amendments were guilty little criminals, specifically smugglers (gotta love New England scalawaggery). They were responding to stuff the Brits had been using to crack down on smuggling pre-AmRev. It wasn't to protect the innocent, but to protect the oh-so-guilty. Now, it has the delightful side-effect of protecting the innocent, but the reason was to force the new American government to have to work for that conviction, as opposed to the pre-AmRev Brits getting to solve the Gordian Knot the Alexander Way. The innocent get out of trouble because if you can't get the bad guys unless they have their metaphorical tits hanging out, the innocent definitely don't get punished (assuming law-abiding prosecutors, which - admittedly - is like assuming pigs fly)
"crime is okay as long as you're clever enough to cover your tracks in such a way that nobody else can speak against you."
So what you're saying is it's okay to be a criminal so long as there's no evidence against you? And that, by the fact you're complaining about that, is that you want the government to be able to lock people up for unspecified 'criminality' with no evidence?
Yeah, that's a good idea. *slow clap*.
It's because of the next step.
Providing a combination is obviously the same as a safe key.
A passkey isn't much different
But beyond then when do you stop having to provide a key?
A text message saying "see you tomorrow" - does that decode to "we are going to rob the bank" ?
If there was a bank robbery do you have to provide that 'decryption' and so admit guilt?
How do you prove that "see you tomorrow" doesn't mean anything?
In the article they alluded that the password was probably not cracked.
"It seems more than likely that the authorities had come across the right passphrase without Fricosu's forced assistance.
"They must have used or found successful one of the passwords the co-defendant provided them," Dubois told Wired."
Failure to provide a password to the police when requested is a criminal offence. 2 years.
It hasn't been greatly tested in court yet, and I don't remember ever hearing "I've forgotten it" being tested.
Slightly alarming as I'm sure we all have several files which we have no key too, usually parts of software installs which will look like total gibberish to the cops and could easily invite a "what's the password?" when it might not even be an encrypted file, just a binary with an odd file extension.
Ever notice most of the people for the state being able to compel you to give passwords through up to and including water boarding if you bust out the terrorist word, are those that think everyone ever charged with anything is guilty and that the state never makes mistakes (or at least when it does it almost always against poor people). Bless the right.
The difference between cops getting a key to a safe versus the combination from you is a simple one.
The police are allowed to retrieve pretty much any evidence they can. However they cannot compel you to help them. In other words they can go digging around and find a body in your backyard; but they can't force you to tell them where the body is buried.
The primary difference is that when the police find a body in your backyard, they still have to prove that you did it. However, if you say "it's over by the shed.". Then the very fact that you know where it is adds weight that you were involved.
For this case, the cops still need to prove it was her laptop. They will also need to prove the files are hers or that she had knowledge of the contents. This latter part is a sticking point. If she provides a decryption key then it will be very hard for her to defense attorney to argue that didn't know anything about it.
Now, let's look at this from a different perspective. If the decryption key came from her husband, then it stands to reason that the device may have been his in the first place. It could also be argued that she was an innocent bystander. Which may or may not be the case; I don't know anything about this beyond this article.
Another crinkle, is if the password was actually cracked by the FBI then she can still feign ignorance on the contents. So the prosecutor still has to establish that it is hers and the files are hers as well and that it wasn't tampered with without her knowledge.... By the husband.
His providing the password to her doesn't prove his ownership. She could have bought it and asked him to set it up, if he is the IT person in their marriage/franchise.
Even if he bought it as a gift/efficiency tool outside of their franchise (bed or business), a preponderance of her own files, with dense, chronological timestamps of creations and edits, on it makes her the regular user -- especially if the machine is devoid of apparent activity by him.
But, since it appears they both are being charged with RE fraud, it is possible or plausible that they both had access to the machine -- unless they intentionally mentally firewalled themselves in the event of investigation or arrest. (WOW! Only 1 part this post....)
But, as for the password... I bet those who willingly, consciously, deliberately purchase laptops with the intent to willfully commit crime will avoid buying those having fingerprint/biometrics access. The cops could just restrain the suspected or known owner to a chair, numb their arm (but not blood flow) to minimize resistance, then press the thumb.
Now, for those with finger/thumb readers AND cameras that look for facial recognition, they better hope that it is possible to enter the password by eyelid flapping/blinking, or by eyelid reversal, display of a specific tooth, pressing the thumb, pursing the lips, two forced farts (of a certain duration, pitch, and quality/ripeness), a belch, and a specific exhalation or grunt/groan. Under duress, or even normal circumstances, syncopating that to gain access would be pretty tough to perform.
(Yeh, i know, don't give ideas... well, I'm being an "equal opportunity idea giver" both have something to gain and lose, hehehehe) (WoW, only 1 part this post...)
This post has been deleted by its author
"Count on it."
Or not, in the case of the guy facing the same issue in Florida. The courts are conflicted on this issue. But of course you, with your arm chair law degree, know better? Please.....
The only place your 'Count on it works', is the UK, where the innocent do not have as many rights.
A case where the judge ruled that you cannot force a defendant to hand over the password, for the simple reason that the password might be incrmination within itself.
Main point being.
The police are convinced a man accused of torturing, raping then murdering a woman has evidence of his crime in an encrypted file on his hard disk. When forced to hand over his password, it turns out that his password is "I hate you you bitch, you are going to die begging me to stop".
At this point, irrespective of if any evidence is found, the man would be assumed guilty because of his password, and could not receive a fair trial or a thorough investigation, i.e. his password would be used as evidence of guilt.
I just wish I could remember where I've read this ruling before, because it's quite relevant.
I don't have a problem with the police trying to prove mortgage fraud against these two small fish, but could we go after some of the people that stole billions from the American people?
Eric Holder? Barack (I don't think they did anything illegal) Obama?
If the American sheeple don't wake up, there won't be a Bill of Rights anymore. GW Bush started using it to wipe his @ss after they passed the "Patriot Act", possibly the most ironically named bill ever.
I strongly disagree with the judge's decision to demand the encryption key. If it goes to the US Supreme Court I am pretty confident that it would be reversed, but that won't prevent you from rotting in jail and spending all your money on lawyers for the years that it will take.
Forcing the defendent to disclose her PC password is not a violation of her civil rights. This will get confirmed by a contitutional decision.
As far as Bama and the Wall Street criminals, they should all be convicted and sent to prison like any other criminal. They should be cellmates with Mr. Bill, Assange, Anon members and all the rest.
"This will get confirmed by a contitutional decision."
If being forced to hand over a combination to a lock / safe has already been ruled out by the Supremes, it's anyone's guess how they will rule on this scenario. Certainly not the forgone conclusion you think it is....
It would appear that denial isn't working any better for this woman than it did The Pirate Bay Boys, Assange, Mr. Dotcom and the numerous Anon members who have been arrested.
You are entitled to be in denial just as you are entitled to three hots and a cot in a prison cell.
It don't work that way. The Supremes pick and choose what cases they want to hear. Just because they didn't hear the case in the past doesn't mean they will refuse to hear it in the future. They will be forced to hear it from public outcry and the criminals won't be happy with the decisions.
Seems a bit strange to compare the two to begin with, we are all aware that safe's can be cracked\broken and also that encryption can be broken..... It seems this is more down to the amount of time it would take and resources required to do so. With a safe its a case of hand it over or we will crack it within a few hours where as the encryption is hand it over or we might break it in a day or a 100years.