back to article US government: We can jail you indefinitely for not decrypting your data

The US government is fighting to keep a former police officer in prison because he claims not to be able to remember the code to decrypt two hard drives under investigation. Francis Rawls, a former sergeant in the Philadelphia police department, has spent nearly two years in prison for contempt of court after refusing to …

  1. Anonymous Coward
    Anonymous Coward

    How can they know the hash value of a file unless they have access to it's decrypted content?

    1. T. F. M. Reader

      How can they know the hash value of a file unless they have access to it's decrypted content?

      Maybe they did decrypt the drives and do have the unencrypted files, but

      a) do not want to admit it (because top secret);

      b) are afraid that without disclosure of the exact (top secret) procedure defence will accuse them of fabricating the data ("Your Honor, the prosecution claim these are the drives' contents, but they have not shown how exactly they arrived at this conclusion...");

      c) think 'the old razzle dazzle' should be enough (because think of the children) to avoid disclosure of capabilities;

      d) hope that 'the hashes match' will become a useful precedent on record - better than 'here are the decrypted files - look at this filth'.

    2. This post has been deleted by its author

    3. John Sturdy

      Perhaps by "hash" they mean file size? Which, after all, is a hash, albeit not a very useful one for most purposes. For the government's purpose, in this case, they might find it rather useful: "The sizes of the encrypted files are the same as the sizes of some encrypted porn images. Therefore the files are encrypted porn images, because hash collisions are so rare."

      1. Jaybus

        "Therefore the files are encrypted porn images, because hash collisions are so rare."

        It definitely does not prove that the images are porn. It is, however, plenty enough to justify a search warrant and the judge's order to comply. The judge, wisely, does not want to set a precedent that allows future child pornographers to conveniently forget their encryption keys.

    4. monty75

      According to the previous Reg article the cops decrypted the main drive in his computer and were able to access his web history. Presumably they crawled all the links therein and hashed whatever files were downloaded. That would only prove whatever files were available at those URLs now so they need to be able to prove they match what's stored on his drives.

    5. bombastic bob Silver badge
      Devil

      "How can they know the hash value of a file unless they have access to it's decrypted content?"

      they're probably looking for files WITH that hash value, which is probably known because the file downloads were being monitored [or something like that]. They have to prove THAT GUY has THAT FILE and then they have that part of their case evidence nailed up. The judge has apparently determined that the cops have cause for a warrant, and ordered the defendant to provide the information according to the discovery request, and he refused, and the judge probably issued a SPECIFIC order regarding the decryption of the data, and he didn't and now is sitting in jail.

      My guess based on what I read in the article. It's probably close to what happened.

      1. Anonymous Coward
        Anonymous Coward

        Err no. They are claiming that the drives contain files with matching hashes but have very little proof of this.

        "they had been used in a computer that had visited child abuse sites and claimed they contained files with the same hash values as known child pornography files"

        I am doubtful if they can prove the computer was used to download the files or whether it was the only one in a house whose IP address matched one that accessed the site(s) at some point in time. Think about it, how do you know that computer had visited the sites? The only way to *know* that it had is if there is evidence on the device in which case you don't even need his keepsakes. Otherwise all you must have is an IP address hit and you're just fishing for the rest and hoping to set an extremely dangerous precedent.

        Don't fall for allowing the nature of the alleged crime to influence your opinion on whether what they are trying here is right. If this precedent is set then it will apply to everyone irrespective of the charge. Have you not noticed how the federal agencies have been trying over recent years to establish some very dangerous precedents by cherry-picking terrorism and kiddy-fiddling cases?

    6. Anonymous Coward
      Anonymous Coward

      Because he was arrested in a sting operation where they were the source of some of the files he was downloading. They also had a RAT on his system and were able to identify the directories he was downloading to. Both of these were done illegally, but it brought them to identify him. They also suspect he has material that will aid in the arrest of a group generating the material. The arrested person knows that he will be killed if they get arrested. So he has chosen to stay safe in jail.

      They cannot admit to being the source without being arrested themselves, or at least creating a scandal, so they don't mention it.

      This will go no place, and he will spend a long time in jail.

  2. usbac

    Does the govnernment even read their own briefs?

    It points out that in other cases, people have been held for contempt of court for nearly seven years, and cites the appeals court verdict that "no temporal limitation on the amount of time that a contemnor can be confined for civil contempt when it is undisputed that the contemnor has the ability to comply with the underlying order."

    How is it "undisputed" if he says he can't remember the password? How can the authorities prove that he could remember the password if he wanted to, and thus claim that his ability is "undisputed"?

    Also, how can they have hashes for encrypted files? If the files are encrypted, the hashes would also be garbage. This sounds like law enforcement using buzzwords to bullshit a judge. Somehow I don't think the supreme court justices are going to fall for that.

    This case could set some very dangerous precedents. This is getting into the though crimes idea.

    1. Anonymous Coward
      Anonymous Coward

      Re: Does the govnernment even read their own briefs?

      "How can the authorities prove that he could remember the password if he wanted to, and thus claim that his ability is "undisputed"?"

      They cannot. They are presumptively declaring the defendant a liar, without having to make that case. Guilt or innocence here is beside the point. If the government can declare citizens to be liars, there is no defense possible when the government comes after you.

      1. This post has been deleted by its author

    2. streaky

      Re: Does the govnernment even read their own briefs?

      Yup, it's pretty clearly not undisputed.

    3. Nick Kew
      Joke

      Re: Does the govnernment even read their own briefs?

      Liar, Liar, briefs on fire.

    4. Jaybus

      Re: Does the govnernment even read their own briefs?

      "This case could set some very dangerous precedents. This is getting into the though crimes idea."

      Certainly. But it would also be a dangerous precedent for the court to establish forgetting one's password as the "go to" defense. I suspect that this could lead to laws similar to the DUI laws that establish guilt for refusing a blood alcohol test, an even more dangerous outcome. Better that the judge hold him for contempt.

      1. Anonymous Coward
        Anonymous Coward

        Re: Does the govnernment even read their own briefs?

        They are not the same. In a DUI, a test can be done without the suspect needing to remember anything, just comply passively. Not so with a password. Sure, the "I forgot" defense is lame, but that doesn't give the authorities the moral right to set it aside. It could be true, and the defendant could be innocent.

        And unlike with crimes that are accepted to exist, this 'crime' exists only in potential, once the files are unlocked.

        Technology has given the human race the ability to have unreadable secrets. The authorities are saying we must outlaw that ability for the good of all, and punish those who fail to comply, or appear unwilling to comply even if unable.

        Is that really the best way? I don't know.

  3. Brian Miller

    I also would be in trouble...

    My passwords are written down. If I lose the paper, I would have to do a recovery. But what would I tell the judge? "It was written down on one of the stickies. Didn't you pick it up?" They wouldn't believe me, would they?

    1. John Smith 19 Gold badge
      Big Brother

      "They wouldn't believe me, would they?"

      That depends on

      a) How nice you were to them

      b) Wheather they like you

      c)Whether you made a sufficiently large contribution to the politicians who run the operation.

      You will note that your guilt (or innocence) is not a factor.

      1. Evil Auditor Silver badge

        Re: "They wouldn't believe me, would they?"

        d) whether they decided that you are guilty.

        "We don't have any evidence of the crime because the defendant was so ingeniously sneaky. Which just proves that the defendant is guilty."

  4. Mephistro
    Unhappy

    The USA:

    From "Land of the Free" to "1984" in a few decades.

    It's really sad to see American judges and legislators wiping their arses with the American Constitution and ignoring basic safeguards embedded in most democratic countries' laws.

    "Corruptio optimi pessima"

    1. Anonymous Coward
      Anonymous Coward

      Re: so Desperation

      Isn't violating an oath to the Constitution considered to be treason? Isn't that punishable by life in prison or death in times of war? We've been at war continuously for over 100 years, haven't we?

    2. mako23

      Re: The USA:

      As vile as child abuse is and it's about the most vile crime in existence. We should not throw out due process in court, this includes the right to be silent. Shall we start torturing people for passwords. Also what happens if you really gave forgotten your password. I have forgotten passwords...who hasn't

      1. DontFeedTheTrolls
        Boffin

        Re: The USA:

        Show me a website that doesn't have a "Forgotten password" option at the logon. That's how widespread the forgetting of passwords is :)

      2. Cynic_999

        Re: The USA:

        "

        As vile as child abuse is and it's about the most vile crime in existence.

        "

        But is looking at sexually explicit photographs of children child abuse? If you believe that it is, then do you also believe that looking at news footage of children in a war zone being maimed by bombs to also be child abuse? And does looking at images of a person being assassinated make you a murderer?

        Although the law now says that if you read an article that is sympathetic to ISIS you are a terrorist.

        1. bombastic bob Silver badge
          Stop

          Re: The USA:

          "But is looking at sexually explicit photographs of children child abuse?"

          it is, not because of the content of the photograph (which coincides with your other arguments, actually), but because a child had to have been ABUSED to take the photograph.

          I have known kids (friends of mine, when I was a kid) who were subjected to that kind of photographic abuse.

          When I was a kid, I lived in a 'trailor trash' neighborhood for a while. One guy, a single guy who had lots of bicycle repair parts and a really cool boat, was a friend to all of the kids. He would ask the PARENTS if he could take them on weekend outings to a lake, etc.. My mother was rightfully suspicious, and the guy WAS a little creepy. One day she saw him at the local bar where she was moonlighting as a cocktail waitress. She saw him with naked photos of some of my friends, as I understand it (he was letting people look at them, trying to sell them apparently), and so she got the cops involved. The guy soon disappeared, and we never saw him again. His boat was towed away some time after that, and his mobile home also. I think he was arrested and caught with the photos in his possession. The bank probably repo'd the rest.

          So yeah, the exploiting neighbor down the street, taking kids on weekend outings so he can photograph them, allegedly in compromising nude positions (because I never saw them so I can't say for sure), and then sell them to people in a local bar.

          And that's why it's illegal just to HAVE these kinds of things, because an actual child was exploited to make that photo.

          It would be a lot different if you're photographing disasters, wars, assassinations, etc..

          1. Kiwi
            Holmes

            Re: The USA:

            And that's why it's illegal just to HAVE these kinds of things, because an actual child was exploited to make that photo.

            Question though..

            Is there a difference between those pics being of them in forced sexual positions, and of them just skinny dipping? One is quite bad, the other often quite enjoyable for most boys around 8-12 from what I recall, esp if it was something "a little naughty". I do have issues with him selling said pics at a bar (and wonder why no one else saw fit to speak up at the time?) but there's a world of difference between being photographed while being raped and being photographed while having fun.

            I don't wish to detract from anyone's pain, but not all "child abuse" experiences are the same.

          2. Anonymous Coward
            Anonymous Coward

            Re: The USA:

            @bb: Much though I abhor the crime I cannot agree that looking at the photos is abuse in itself. It is the depraved act of someone likely to commit abuse themselves but it is not abuse in and of itself. You are certainly correct that someone needed to be abused in order for the photo to exist and that without the demand there would be little need for the supply, but that still does not make the downloader/viewer guilty of abuse. If I watch a video of someone happy-slapping, or seriously assaulting you, does that make me guilty of abuse or assault? No it certainly does not.

            You are guilty of allowing the abhorrent nature of the crime colour your judgement as to what crime has been committed and by which party. It is this behaviour that federal agencies and politicians seek to exploit to remove ever more freedom from the public.

            1. RobHib

              @ A.C. - Re: The USA – OK, and there's another point.

              The unforeseen issues that have arisen from the act of one just looking/possession only are both very vexing and troublesome as there's great potential for genuinely innocent people to be hurt and or have their reputations irrevocably tarnished.

              As the law stands such images are 'dynamite' in their own right; irrespective of reason anyone in possession of them is in serious trouble. Say Bob has a falling-out with Alice and seeks revenge by planting some on her PC; although eventually proved innocent she will have had a lot of explaining to do–not to mention her great angst, and the stench of the incident will never fully leave her reputation.

              Obviously we have a duty of care to kids and we must protect them in every way we can, nevertheless as it now stands the law appears an overly blunt instrument–it somehow seems to be incomplete.

              I certainly don't have an answer to the problem but it seems to me that 'weaponizing' an image in law is both unsophisticated and potentially dangerous.

          3. Cynic_999

            Re: The USA:

            "

            it is, not because of the content of the photograph (which coincides with your other arguments, actually), but because a child had to have been ABUSED to take the photograph.

            "

            But we are not talking about the person who took the photograph, but the person who merely looked at the photograph.

            Also, what you say about a child having to have been abused is completely incorrect. "Child abuse images" includes cartoon drawings, images of naked children at a beach etc., and photos that were taken by the child him/herself. In the latter case that would make the child both the abused and the abuser.

        2. ChasTheOne

          Re: The USA:

          My concern is that one could easily visit a site with an image to one of these child porn sites, and it would be recorded as having visited and downloaded an image, *before* you could even know it had occurred. Just like the links to facebook and twitter download icons from them and record your browsing habits. The only way to prevent such is to know in advance what sites to block, which is incredibly difficult knowing how many sites that exist on the internet, which nobody really knows with any certainty, anyway.

    3. Mark 65

      Re: The USA:

      It's really sad to see American judges and legislators wiping their arses with the American Constitution

      Watched a doco about the DPR / Ross Ulbricht case the other night. There was some shady shit going on in that courthouse that's for sure.

  5. Anonymous Coward
    Anonymous Coward

    All Writs Act

    It points out that Rawls isn't being held under 28 USC § 1826, but rather the All Writs Act ...

    And if the All Writs Act ever gets striken down, may I suggest an even older law, recognized universally throughout the world: The Genghis Khan Act. It is very simple and unambigious:

    Give me what I want if you wish to get out of here alive.

    1. naive

      Re: All Writs Act

      It is not so hard, a bit of googling into "Spanish inquisition" generates quite a list of creative ways to obtain information from alleged suspects.

      It can be verified on spot :)

      1. Updraft102

        Re: All Writs Act

        I didn't expect the Spanish Inquisition.

        1. Bluto Nash

          Re: All Writs Act

          That's OK, nobody does.

  6. James 51
    Big Brother

    In the UK the password law allows for rinse and repeat indefinte jailing if senior officer believes you know the password. They don't have to prove you know it. Wont be long before the police wont be planting drugs on 'suspects', it will be data sticks.

    1. Voland's right hand Silver badge

      It is not indefinite - RIPA act is quite specific. 5 years per offense if memory serves me right.

      1. James 51

        And in five years when you are asked again? If you still can't remember or refuse again, it's back inside as a repeat offender.

        1. Anonymous Coward
          Anonymous Coward

          And in five years when you are asked again? If you still can't remember or refuse again, it's back inside as a repeat offender.

          Although the double jeopardy principle was banned as of April 4th 2005 I think this would be questionable as you already served time. At least I'd hope so..

          1. James 51

            The CPS would probably chance their arm as a fresh offense. If you break a window five years ago and go to jail and you break a window after you get out that is a fresh offense. The same logic will be applied. Asked five years ago and refused, being asked yesterday and not handing it over is a new instance of the same offense. You only have to look at how the police in northern ireland use to use seven day detention for questioning to see how it can be abused. After seven days they'd let the poor bugger get to the street outside then lift him again for another seven days until they got bored or they got what they wanted.

            1. Voland's right hand Silver badge

              After seven days they'd let the poor bugger get to the street outside

              The minor difference here is that the encrypted materials are still in their possession. If they have returned them to you, then they can run that gamut. If you have declined accepting the return they will have difficulty proving a new offense.

              1. James 51

                Possession is not the issue. The crime is committed when they ask you for the password and you won't or can't tell them and you are guilty of a new offense every time you are asked for the password and won't/can't hand it over. I have said many times it is a law that is ripe for abuse.

                1. Anonymous Coward
                  Anonymous Coward

                  partially correct...

                  You are committing a crime if you don't hand over the password, with reasonably belief that you know the password. However if you were to design a system where you never know the password and the decryption key is destroyed the second the drive is tampered with then they technically cannot hold you for this. Especially if you prove to a court room that you never knew the password to begin with.

                  Yes it is a shit law (guilty until proven innocent) but still an escapable law on paper.

                  1. James 51

                    Re: partially correct...

                    http://www.bbc.co.uk/news/av/world-us-canada-40661680/did-baltimore-police-officer-plant-drugs

                    Replace drugs with data stick with a password protected file on it. Best part is the stick isn't illegal so if someone sees you an officer has one in their pocket it doesn't look suspicious.

                  2. Ken Hagan Gold badge

                    Re: partially correct...

                    "You are committing a crime if you don't hand over the password, with reasonably belief that you know the password."

                    IT angle: if the legal system were an IT system, this would be recognised almost immediately as a privilege escalation bug of truly Microsoftian proportions. The standard of proof for knowing the password should be "beyond resonable doubt" because it is being used to access the scale of punishments for criminal offences.

                    Proposed constitutional amendment: Anyone demonstrating a logical inconsistency between one part of the law and another should be able to choose which part applies to them.

                2. ChasTheOne

                  That's not ripe for abuse, it's obviously rotten.

          2. Snorlax Silver badge

            @Anonymous Coward:"Although the double jeopardy principle was banned as of April 4th 2005 I think this would be questionable as you already served time. At least I'd hope so.."

            "New" offence every time, so double jeopardy is not an issue

        2. Voland's right hand Silver badge

          And in five years when you are asked again?

          For the time being an attempt to ask again gives you all you need to bring the case to ECHR. In addition to the current double jeopardy precedent base.

          1. James 51

            Why do you think May is so desperate to get out of the ECJ and then the ECHR?

          2. Doctor Syntax Silver badge

            "For the time being an attempt to ask again gives you all you need to bring the case to ECHR."

            Which is why our Home Sec in charge (and probably her side-kick, the Home Sec in office) would like to get out of the ECHR as well as the ECJ.

      2. hplasm
        Big Brother

        And yet...

        "It is not indefinite - RIPA act is quite specific. 5 years per offense if memory serves me right."

        Look up 'The naked rambler' case. (UK)

        After 5 yrs in clink, they just arrest you again on the doorstep as you come out.

        Sounds indefinite to me.

        1. EddieD

          Re: And yet...

          Not quite, the naked rambler was always arrested on a new charge of public indecency/breach of the peace after he'd served the time for his last charge of public indecency. Sometimes they vary the charges by finding him guilty of contempt of court when he turns up naked to defend himself in court.

          An example "In July 2009, Gough, once again standing in the dock naked, was jailed at Perth for a further 12 months for breach of the peace. Sheriff MacFarlane was told that the bill for dealing with Gough had cost the public an estimated several hundred thousand pounds. The court heard how Gough had finished a previous jail term at Perth Prison and was released to enjoy freedom for the first time in several months. His freedom lasted less than 30 seconds after he walked naked from the prison door to Edinburgh Road. Gough was also sentenced to four months for refusing to dress before the trial"

          From wikipedia...https://en.wikipedia.org/wiki/Stephen_Gough

          1. BinkyTheMagicPaperclip Silver badge

            Re: And yet...

            The naked rambler is not in any way similar. The police have gone out of their way in some cases to try and stop him being re-arrested (i.e. driving him over the border/home/some distance away), but when there's a very clear law, he visibly keeps breaking it, and could easily not - what do you expect?

            I'm sure he'd argue that forcing him to wear clothes is not entirely dis-similar to forcing the decryption of data, but when the only downside of him being clothed is him being unhappy, and there could be any number of implications of revealed data, I have limited sympathy, even if personally I don't really care if he rambles naked.

            It'd probably be cheaper to buy him a house on an isolated island, but I presume he enjoys living in his home (for a limited period).

            1. Complicated Disaster

              Re: And yet...

              Except of course, the law as regards the naked rambler is far from clear. In fact, if you read the CPS guidance, you might wonder why he is being prosecuted at all....

              http://www.cps.gov.uk/legal/l_to_o/nudity_in_public/

              1. BinkyTheMagicPaperclip Silver badge

                Re: And yet...

                I did a bit more reading after posting that. He's recently been prosecuted due to a bespoke ASBO, and ASBOs have very little legal challenge possible. You're not wrong that public nudity is not a straightforward matter.

                However, the point is moot, because the latest newspaper article says he's wearing clothes to go walking because his mother is sadly unwell, and he doesn't want to be arrested and therefore not be available to help her.

    2. Aqua Marina

      At the risk of being downvoted a million times again, I'll point out that Section 53 of RIPA puts the onus on the prosecution to demonstrate that the accused has or knows passwords to hand over. There is a myth on The Register comments that prosecutors can repeat the request over and over, each time sending the guilty party to prison for 2 years at a time. This simply isn't true, and to date has never happened or even been attempted. It's very possible that the prosecution could not prove their claim beyond a reasonable doubt. Anyhow, here is the exact wording of the law below.

      Section 53 Failure to comply with a notice.

      3 For the purposes of this section a person shall be taken to have shown that he was not in possession of a key to protected information at a particular time if—

      ....

      (b)the contrary is not proved beyond a reasonable doubt.

      1. Anonymous Coward
        Anonymous Coward

        not really that much of a myth

        it is however not that much of a myth. During training for cyber security stuff we heard from plenty of forensic investigators / intelligence spooks & senior police officers that they do indeed intend to do exactly as is mentioned by many elreg commentators & some of these were leaders in their fields / senior officers

        They will just be wating for you outside the prison, ask you the password again & when you say no re-arrest you for failing to comply

        They may not have done it yet, but that is because they have either decrypted the contents without help through a coding/crypto vulnerability or user implementation mistake or the poor 'suspect' or a known associate has provided them with either the password or intelligence they can use to guess the password.

        Howeve be very sure, if they cant decrypt it & they want to, they will rinse & repeat and apparently have had assurances from people in the home office / npcc etc that it is perfectly legal for them to act like that

  7. herman Silver badge

    Good quality encryption results in random data, which can be decrypted to anything.

    Give me the HDD, show me which incriminating picture you want and I can make you a key that will produce it.

    1. James 51
      Childcatcher

      Bonjour Cardinal. I almost didn't recognise you without your hat.

    2. Anonymous Coward
      Anonymous Coward

      That's concerning. So, logically there's also no way to prove that a particular encryption key wasn't actually the one used, despite it "working". I suppose the fact that the rest of the data would still be garbage might but...

      1. Anonymous Coward
        Anonymous Coward

        That's concerning. So, logically there's also no way to prove that a particular encryption key wasn't actually the one used, despite it "working". I suppose the fact that the rest of the data would still be garbage might but...

        It's not that easy to create a construct that will combine random data into something sensible although I must admit it's an interesting idea.

        If you want plausible deniability you best use the "hidden volume" approach such as found in Truecrypt/Veracrypt where you create a crypto archive inside a crypto archive. You can give the key to the outer archive in which case you have effectively complied with the order (best if you include some stuff in there that is mildly controversial/salacious) - it would be up to the government to prove that more data existed inside that archive, which is where you end up with plausible deniability as it's hard to prove the existence of another archive (ergo it's hard to prove any further non-compliance).

        The problem is that the bad guys know this too, and have more incentive to educate themselves than the average curious tech who's just experimenting. I understand that it's frustrating not to have the easy backdoor they so desire, but I'm getting a tad tired of the eternal assumption that the really bad guys are stupid because they're not.

        1. Sir Runcible Spoon

          Who said anything about using a valid key (or algorithm?)

          Take input data.

          Determine what you want as output data.

          Create a 'decryption' process that will simply convert the first into the latter. If they don't have to reveal the code that does this it doesn't even need to be an algorithm, just a straight switch.

          Wouldn't work on a whole disk obviously, but for a single file I can see that fooling a lot of non-technical people.

          1. Jaybus

            "If they don't have to reveal the code that does this it doesn't even need to be an algorithm, just a straight switch."

            Ah, but they do. That evidence, the crafted key or decryption method, would be discoverable. The defense would show that the method decrypts one file out of an obviously much larger set of files and claim that the prosecution made it up, (which of course they did). So what would the jury think? Would the judge even allow the "evidence"? I very much doubt it.

    3. Graham Cobb Silver badge

      Good quality encryption results in random data, which can be decrypted to anything.

      Citationn, please. The first part is true, the second does not follow. I am not an expert, but as the key length is shorter than the file, there are far, far fewer possible decryptions than there are possible data files of the right length.

      1. Cynic_999

        "

        'Good quality encryption results in random data, which can be decrypted to anything.'

        Citationn, please. The first part is true, the second does not follow.

        "

        Easily proven. Take any plaintext data you like (images, documents etc.). XOR it with any encrypted data. Call the result the "decryption key".

        Of course, it means that the decryption key will be the same size as the data, and you will need to present the encryption method as being OTP encryption, but that does not make it invalid.

        1. Ken Hagan Gold badge

          XOR isn't good quality encryption, so I'm not sure your proof stands.

    4. Voland's right hand Silver badge

      Good quality encryption results in random data, which can be decrypted to anything.

      Sort-a. The probability for a key which will decrypt a full-disk-encrypted drive to a valid filesystem state which is different from the "real" key is infinitesimally small.

    5. Doctor Syntax Silver badge

      "Good quality encryption results in random data, which can be decrypted to anything."

      Following up that thought in a slightly different way:

      Here's the key.

      >Clickety<

      This is garbage.

      No, it's random numbers. It's an encrypted disk of random numbers. What were you expecting?

      1. Zakhar

        That won't hold since you probably won't be able to reconstruct a valid filesystem.

        Nevertheless, following your idea, you could be more precise and say: this is an encrypted swap partition, which is precisely a partition with no structure and just random data in it.

        Of course, having a swap partition of 1TB would be quite suspicious, so you'd rather keep it small!

      2. emullinsabq
        Facepalm

        Kobayashi Maru

        "Here's the key.

        >Clickety<

        This is garbage."

        If you securely erase hard drives with the last pass being random, apparently you get to sit in the clink for decades if someone claims that drive is encrypted.

        Or alternatively, you purposely filled a drive with random garbage as a form of pollution. [at least this method you can probably send them the algorithm used] But ofc, the point is to let them deal with pollution, not you sitting in a cell somewhere. Oh well.

        The ideal scenario being when some expert claims to have decrypted your garbage and found tons of incriminating stuff, and you submit to the judge a 4 line program that produces the file. This is what I pictured when devising the garbage production, but sadly it seems if you are apparently guilty without evidence, that this awesome scenario that exposes deep corruption, isn't likely to occur.

    6. Anonymous Coward
      Anonymous Coward

      Provably wrong

      "Good quality encryption results in random data, which can be decrypted to anything."

      This is clearly hokum. Good encryption should result in something indistinguishable from random data, correct. Let us make some (reasonable) assumptions. Let's say your (symmetric) key is 256 bits long and your image is 10MB. The image has 80000000 bits in it. This means the number of transformations required to be able to turn that image into anything is 2^(80000000). Whereas the number of possible transformations is actually 2^(256). The latter is significantly lower than the former, therefore you cannot create anything by giving a different key. Furthermore, in reality, the probability of any incorrect decryption of the original message being anything other than complete noise is provably vanishingly small using the same logic.

      Now, there is the possibility of encryption algorithms using 2 keys and 2 sources that allow you to decrypt to one source using one key and the other using another. But since the algorithm would be known at the point of decryption by the authorities, they are just going to say "ha ha, now use the other key". The only feasible thing I can think of off the top of my head is to hide the original source with steganography, then encrypt the resulting image. But steganography is much easier to break than real encryption.

  8. John Smith 19 Gold badge
    WTF?

    What an interesting idea. A key that will turn the encrypted file into a of anything

    as long as it's the same size.

    Sounds like an intriguing research project, but I sense the phrase "combinatoric explosion" looms large.

    So not only "Give me six lines from an honest man, and I can find something with which to hang him" but now

    "Give my a picture of your pet kitten and I can turn it into something much nastier"

    1. Norman Nescio

      Re: What an interesting idea. A key that will turn the encrypted file into a of anything

      What an interesting idea. A key that will turn the encrypted file into a of anything

      as long as it's the same size.

      Sounds like an intriguing research project, but I sense the phrase "combinatoric explosion" looms large.

      So not only "Give me six lines from an honest man, and I can find something with which to hang him" but now

      "Give my a picture of your pet kitten and I can turn it into something much nastier"

      As there appears to be no restriction on the size of the key, a template that is the same size as the file and simply XORed with the file to give the different image required will give you what you need.

      If you want to get a teensy bit more sophisticated, compress the 'key' with a decent compressor, possibly LZW, LZMA, or one of the BWT variants, and if you want to get over the top in academic point-scoring, determine by algorithmic means* the Kolmogorov complexity of the 'key template' and use that as the key.

      AES, as an encryption method, is specifically designed to make it difficult to determine the key, even if you have both the plaintext and the encrypted text (look for 'Known-plaintext attack'), which is why, as you say, generating a target transformed image from a base image using AES would be computationally difficult.

      *this is a joke.

      1. Anonymous Coward
        Anonymous Coward

        Re: What an interesting idea. A key that will turn the encrypted file into a of anything

        A key which is the same size as the file is a one-time pad, and this is one of the problems with them.

        1. naive

          Re: What an interesting idea. A key that will turn the encrypted file into a of anything

          Maybe a new feature in true crypt 2.0:

          1. Key1: Decrypts the data (normal operation).

          2. Key2: Silently destroys the data, or replaces it with some innocent fake information which was already present on the decrypted partition, this key will only be given when coerced.

          3. Both methods should work equally fast, so that for instance intensive disk I/O does not reveal the self destruction process.

          Disadvantage is that issuing key2 is dangerous, since there can be no "Are you sure ?" popup.

          Also the key2 itself should not give away any clues that is might be the key used for self destruction.

          1. Cynic_999

            Re: What an interesting idea. A key that will turn the encrypted file into a of anything

            "

            2. Key2: Silently destroys the data, or replaces it ...

            "

            Won't work. The first step in computer forensics is to make an exact raw sector image (clone) of the suspect's HDD using an imaging system that will not allow any write operation to the evidential drive. Then the original HDD is sealed in an evidence bag and not touched again (unless the evidence is disputed by the defence). That clone is designated the "master clone" and is never worked upon. The forensics guys get clones of that clone to work on. Any process that changes the data on the drive will be instantly spotted by comparing to the master clone, and of course the original data trivially recovered by cloning it again.

  9. mark l 2 Silver badge

    Truecrypt used to offer a 2 tier password system for such cases, one to access the real data and one to access bogus data which would be 'safe' to show. I believe Truecrypt is no longer under active development now though so don't know if there are any replacements.

    This act of wills law sounds like a case of an archaic law being used in the modern world for things that the original writers of the law had never envisioned or intended to get around the defendants statutory right not to incriminate himself.

  10. Anonymous Blowhard

    Use hidden partitions

    Truecrypt had an answer to this, Hidden Partitions. It allows you to have two passwords, one for the real data and another to a dummy partition.

    1. handleoclast
      Unhappy

      Re: Use hidden partitions

      Noooooooooooooooooooooooooooooo!

      Do not use Truecrypt. Probably don't use its replacement Veracrypt (I've not checked if it has the same flaw).

      I'll go through this carefully... For brevity, when I say that it's illegal to forget your password I'm assuming the situation where the police demand your password and you cannot give it or refuse to give it.

      1) Forget your password and earn a lifetime in prison. That's how it is. In the US it's contempt of court, in the UK we originally used contempt of court, now we've made it illegal to forget your password. This is fact. Forget double jeopardy. Each time you finish your sentence, they ask you for your password again and you commit a new offence if you refuse to give it. The offence isn't having encrypted material (double jeopardy might apply to that) but not giving your password when requested. New offence every time.

      2) Hidden partitions have the big problem that few people need them so few people use them. You're not a terrarist paedophile, you're just complying with your statutory duty under the DPA to keep personal info about your employees/customers private (or hiding infidelities from the spouse). So you don't bother with a hidden partition. Then plod (or HMRC, or MI5, or whatever) happen to take a look at your computer. Ask for your password, which you give them. Then ask for the password to the hidden partition, which you don't have because you didn't create a hidden partition. You are fucked. They can't prove you're using a hidden partition but you cannot prove that you are not. You are fucked. So if you use an encryption system that permits hidden partitions, you must use them to avoid a lifetime in prison.

      3) Truecrypt (and quite probably Veracrypt) had a third-party patch that was linked to on the Truecrypt site itself, that allowed nested hidden partitions to any depth (limited only by running out of disk space to hold all the info defining those partitions). So you give them the password. Then you give them the password to the hidden partition. Then you can't give them the password to the hidden partition within the hidden partition because you never applied that patch, so never created the nested hidden partition. Plod responds that you probably kept the patched executable on a memory stick that you've concealed somewhere, so hand over the password. You are fucked.

      So be very careful with hidden partition encryption. Always use the hidden partition. If there's support or a third-party patch for nested hidden partitions to any depth then avoid it like the plague. And don't forget your password. Ever.

      What's that? You don't do anything naughty so you'll never be asked? Welcome to seven degrees of "you're fucked." You occasionally phone the local curry house with an order that they deliver. One of the guys working at the curry house occasionally phones his uncle in another town. That uncle goes to a mosque with a dodgy Imam. So you're under investigation. Oh, you have encrypted material on your computer... Or you took photos of your spouse on the beach and there are kids in the background, so somebody gets suspicious. Or HMRC get it into their heads that your figures look a little iffy so they insist on doing an audit. Or...

      1. Mark 65

        Re: Use hidden partitions

        Point 2 is clearly incorrect.

        They can't prove you're using a hidden partition but you cannot prove that you are not. You are fucked.

        Thus no crime can be proven. The law states clearly the password to decrypt data. You have clearly complied. You cannot then take the leap of faith that a file system exists in the "free data" of a file system when you cannot prove this to be the case.

        1. This post has been deleted by its author

        2. handleoclast

          Re: Use hidden partitions

          @Mark 65

          Truecrypt and other hidden partition encryption systems initialize the entire allocated storage with random data. That's so the opposition don't know if you're using a hidden partition or not, or even the high-watermark of your data usage. It all looks like random data. Clearly it isn't all random data because you've handed over your password to the normal partition. How do you prove there's no hidden partition?

          You chose to use software that implements hidden partitions. Why use it if you didn't need a hidden partition? You have a reason? Yeah, that's what all the paedo-terrorists say. If Gary Glitter had been smart enough to encrypt his kiddy porn, he'd have claimed to have forgotten the password. If he'd been even smarter and used a hidden partition, he'd have claimed he wasn't. And don't forget terrorism. The gloves come off for terrorism.

          Basically, you have a touching faith in the law and those tasked with implementing it. Maybe you're right. I don't feel like taking that gamble. I suspect many others, were they aware of the risks, would not wish to take it either.

          1. Mark 65

            Re: Use hidden partitions

            No, you chose to use a form of encryption that works cross-platform on a container or whole of disk basis. That it also has the ability to create hidden volumes is incidental. If a prosecutor makes an accusation that it was deliberately chosen for this (hidden partition) reason then they would actually have to back that assertion up. That is totally separate from encryption keys and the like and is a basic point of law. They need to convince a magistrate or jury of that, they cannot just talk shit without convincing the relevant party - not that it is always difficult with the declining levels of education in society.

            As for "Basically, you have a touching faith in the law and those tasked with implementing it. Maybe you're right. I don't feel like taking that gamble.", whilst I admire your honesty that attitude is how tyranny takes hold and I, for one, do not wish to be ruled over by a "think they're high and mighty" arsehole class of contemptible pricks.

            1. MK_E

              Re: Use hidden partitions

              In any event, proving that a hidden partition exists for them to charge you with a crime for possessing, as opposed to you having to prove the partition doesn't exist, is pretty much the IT equivalent of Habeas Corpus.

              Can you prove you HAVEN'T buried a body in the woods somewhere? If not, you're on the hook for murder because we're just going to assume there is because you live near some woods that you could possibly bury a body in.

  11. alain williams Silver badge

    There is an easy way out ...

    He needs to get a diagnosis for Alzheimer's disease -- hard for the prosecutors to then show that he can remember any passwords. Once he is released he just needs a quick visit to Ernest Saunders' physician and can resume his life.

    1. Anonymous Coward
      Anonymous Coward

      Re: There is an easy way out ...

      He needs to get a diagnosis for Alzheimer's disease -- hard for the prosecutors to then show that he can remember any passwords

      Actually, I have something like that, but it's not as aggressively degenerate. I acquired it after a rock wall refused to give way during a downhill ski exercise, and since then my short term memory is about as reliable as a politician's promise (actually, it's a better as it will at least SOMEtimes retain data, but reliably memorising passwords takes a lot of effort) - and I have doctor's report of this, copy of which is stored with my lawyer. It is actually a good thing because I can legitimately claim not to remember any client data, and it is then plod versus highly qualified medical professional to prove otherwise.

      However, I would not recommend attempting to acquire the same as I know exactly how Richard Hammond felt for the first few weeks, and it sucks. I'm lucky to be in a profession where confidentiality matters more :).

  12. Kjeld Flarup

    stupid penalty

    Lesson learned, ALWAYS deny officials acces to Your private data.

  13. Potemkine! Silver badge

    Why aren't these disks decrypted by the NSA and al. ? If a house has to be searched and the owner says he has lost the keys, I guess that the Police can use other means to open the door, the logic should be the same for virtual storage.

    Also, many here accuses the Government, but it is not the Government who decides if that guy should stay in jail, right?

    1. Prst. V.Jeltz Silver badge

      well because like , encryption is pretty strong , man , yknow?

      If the FBI wanted to search that Moon landing module , the one they left there , and NASA said no . Theres little other means they could use. Bit of a strained analogy i know :p

      1. Potemkine! Silver badge

        "well because like , encryption is pretty strong , man , yknow?"

        So you think NSA isn't able to decrypt a Filevault storage? If so, I've got an Eiffel Tower to sell you ^^

  14. Anonymous Coward
    Anonymous Coward

    US versus UK

    UK law has this provision already.

    Interestingly there have been cases where after a long investigation the files turned out to be innocent, MSM does not even give this a mention and its mostly Aspies, paranoids and "freedom fighters" that are often detained in this way until they either get fed up and hand over the key(s) or the files get decoded through other means.

    So does the term "prisoner of conscience" apply in such cases?

    This is *exactly* why I no longer encrypt my data, and resort to physical security for stuff that should not be on the Internet (cough inventions /cough)

    1. Prst. V.Jeltz Silver badge

      Re: US versus UK

      "This is *exactly* why I no longer encrypt my data"

      I dont see the diference. If the authorities barge into your house saying "we think you're a terrorist -open that safe labelled inventions", you're in exactly the same predicament arnt you?

  15. Version 1.0 Silver badge
    Coat

    A great advert for Apple

    I wonder if we're going to see an uptick in Apple sales in some areas ... I'll just get my flasher coat and go out and buy one...

    1. Anonymous Coward
      Anonymous Coward

      Re: A great advert for Apple

      I'll just get my flasher coat and go out and buy one...

      Hah, I saw the light a few years ago. On flasher coats, I mean.

      :)

      "It was so cold in New York, flashers were only describing themselves” - Johnny Carson (1925-2005)

  16. adam payne

    "Both have turned him down, in the latter case because an examination of the drives showed that they had been used in a computer that had visited child abuse sites and claimed they contained files with the same hash values as known child pornography files."

    The drives are supposed to be encrypted. Are they or aren't they? Secret backdoor in encryption?

  17. EnviableOne

    A=XB if A and B are know trnsform X is easy to derive.

    for a given crypt-text(B) any plain-text(A) of the same size can be created, but generating the correct transform(X),

    its not a case of cracking the encryption, its a case of fixing the facts.

    Here is the HDD, if i do this to this file, it becomes this file.

    1. Ken Hagan Gold badge

      "any plain-text(A) of the same size"

      If X only admits N possible values, only N plain-texts can be created. Typically X is millions of times smaller than A or B, so the possibility of producing an alternative A that is syntactically valid is, er, remote.

  18. Anonymous Coward
    Anonymous Coward

    They can't prove that he remembers the password. This guy's lawyers aren't very good, are they? Child Abuse is very bad, but there should still due process. I've used that Apple Encryption process and forgotten the password. You forget the password, you're not getting into that hard drive. Simple as that. He could attempt to type in the password, in order to be "cooperative", but if he types in the wrong password, he's not getting in, and there's no way anyone can prove that he really DOES remember the password, or not.

    1. Suricou Raven

      They have strong evidence that he collects child abuse images. Even without proof, they could probably charge him with sinking the Titanic and still get a conviction. Do not underestimate the sheer hate that is directed towards this particular class of criminal. The inability to actually prove guilt is widely regarded as letting them get away on a technically.

      1. Anonymous Coward
        Anonymous Coward

        They have strong evidence that he collects child abuse images. Even without proof, they could probably charge him with sinking the Titanic and still get a conviction.

        They either have some form of evidence (even circumstantial like browser history, cache data or URLs gathered by the ISP via the usual inline proxies) or they have nothing at which point they won't be able to progress.

        Do not underestimate the sheer hate that is directed towards this particular class of criminal. The inability to actually prove guilt is widely regarded as letting them get away on a technically.

        Although I am personally of the opinion that people engaging in child porn and certainly those engaging in abuse should be strung up by specific body parts to the point of them separating, I still prefer to see due process - that's the law. As a matter of fact, I would actually prefer everything was done absolutely right so someone who would be convicted based on evidence would not stand a chance on appeal, also because it lessens the possibility of entrapment (CP laws are notoriously weak on prevention of their abuse, to the point of it being suspicious).

  19. patrickstar

    Every techie I know has atleast one crypto disk with the password forgotten, typically old backups and such. And typically kept around in case they remember it in the future. That could end badly it seems...

    '

    1. Version 1.0 Silver badge

      I have a shelf full of old disks that I've saved just in case I need to boot something that doesn't recognize one of these new-fangled giga-byte drives. No idea what's on them and don't particularly care. If I need one I'll reformat it and load the OS but until then they are going to sit there.

      Where does this stop, "Sir, I see you have a stack of tapes ... we need to verify that they don't have kiddy fiddler images on them ..." Good Luck with that.

  20. scrubber

    Facts

    I wish people here wouldn't go on about child abuse. The crime he is suspected of is having files on his computer which are images the government has decided are illegal. The files may be of children, they may even be of children being abused, but they could equally be photoshopped pictures, innocent pictures of children or none of the above. Whatever, there is nothing to suggest this guy is in any way involved in the abuse of children.

    In the UK the 'illegal' pictures could be of cartoon children, or adults who look as if they may be under 18!

    Of course the real crime is not doing exactly what authorities want you to do.

    1. Anonymous Coward
      Anonymous Coward

      Re: Facts

      The argument is that by downloading child pornography he is involved in so much as creating demand for the stuff as it perpetuates the cycle of more children being harmed.

    2. handleoclast

      Re: Facts

      @scrubber

      The UK used to allow cartoons or adults who looked younger. Then somebody pointed out that those images could be used to normalize such activities: "Look at these pictures, these young girls/boys enjoy doing this. It's normal." That was also one of the reasons they banned the redistribution of existing photos: not just copyright, not just that the victim might suffer mental harm knowing the images were being used, but that they could be used to normalize those activities.

      On the one hand, having the images (real, posed adults or cartoon) may prevent harm to children because the possessor will use them for a hand shandy. On the other hand, having the images may facilitate harm to children because the possessor will use them to normalize that behaviour. Parliament decided the harm outweighed the good. Whether they were actually right or wrong I don't know, but that's what they decided.

      1. scrubber

        Re: Facts

        "Then somebody pointed out..."

        With absolutely no empirical evidence. We (UK) make public policy based on feelings or some concept of 'common sense'. Policy-based evidence is not what I'm interested in.

      2. Suricou Raven

        Re: Facts

        I doubt the evaluation was that deeply rooted in analysis.

        A more likely cause of reasoning is "These images make me feel disgusted, so they must be banned."

  21. Herby

    Can you keep a secret??

    Well, so can I.

    A secret is only a secret if ONE person knows it. I guess the same goes for encryption. Of course, we forget ALL the time.

    I've always wondered what would happen if I had files of landscapes labeled as "suzie.jpg". Somehow I really don't want to find out.

    Now where is the "Forgot password" for the encrypted file......

  22. Cynic_999

    RIPA

    To be convicted of failing to decrypt data, the prosecution must prove that (a) the data in question is in fact encrypted data and that (b) the defendant has the means to decrypt it. IIUC both must be proven to criminal standards (i.e. beyond reasonable doubt).

    Also it is not the case that a police officer simply has to ask you for the password and you can then be charged under RIPA if you do not give it. The police have to apply for permission to use RIPA, and the request must be given to you in writing, stating exactly what data is being referred to, and giving a reasonable time for you to provide the means to make the data intelligible.

    It routinely takes 6 months or more for a seized PC to be forensically examined, and you would not get a RIPA request until that has been done. ISTM that forgetting a password that you cannot possibly have used for the past 6 months is not only something that is perfectly reasonable to believe, but is in fact quite likely.

  23. darkmage0707077
    Devil

    1984? 984, more like...

    What next, we put him up on the rack for a few sessions with the torturer? Hang him by his ankles over a slow fire? Throw him in the oubliette* forever? This kind of thing coming out of my country is disgusting - I would expect it to be done by North Korea or some other tinpot dictatorship, not the United States of America.

    *Oh, wait, we do use those: they're called "solitary confinement" to be more PC now...

    1. Anonymous Coward
      Anonymous Coward

      Re: 1984? 984, more like...

      What next, we put him up on the rack for a few sessions with the torturer? Hang him by his ankles over a slow fire? Throw him in the oubliette* forever?

      Sssssh! Now he expects it!

  24. ecofeco Silver badge

    Police state? What police state?

    The United Police State of American. Home of the slave, land of the knave.

  25. zb

    Ridiculous, has anyone here ever heard of someone forgetting a password?

    Which reminds me, I recently came across some old text files encrypted in vim. Can anyone tell me how to read them before the feds knock down the door.

    1. Kiwi
      Joke

      I'd reccomend a two pass process.

      First, pass the files through rm -rf to clear out any odd bits of data that may confuse the process.

      Second is the data protecton pass. This protects your data - encrypted, unencrypted, random and what-have-you by passing the disk through a disk-shredder. That way no one can tell that you had data there in the first place.

      A more entertaining variant on the second pass would be passing a batch of thermite through the disk, however you may find yourself accused of bomb-making or global warming if you use this approach.

      As the data is now irrevocably gone, you can stop worrying about it. Problem solved.

  26. Kiwi

    double standards...

    Locked up indefinitely fir failure to decrypt? Quick, some judge demand chump decrypt his 3am twittytwats! Lets be rid of him.

    All joking aside... Interesting double standards over there. Some rich or connected person claims (honestly or not) "I can't remember" and it's "oh dear, you sure? That's our investigation over then, sorry to waste your time" and they can end up ru(i)nning the country. KP or otherwise.

    But anyone not so connected can face endless prison time regardles of the seriousness (or not1) of their crime.

    1If the porn he downloaded (assuming guilt) is copies of kids "sexting" pics from a free server or nude family shots from flickr/farcebork/spewtube (what kind of parent would put those there?), where he hasn't funded or taken part in any abuse then I doubt his 'crime' can truly be classed as serious, especially if he used to images to help prevent any direct abuse on his part. Of course, if he did abuse or cause abuse......

  27. Old one

    Could have all been stopped

    AT the very beginning IF he had stuck to the 5th and shut up there would be no issue. We can be our own worst enemy by trying to mitigate any situation. It is legal for cops to lie to you but not for you to lie to them. VERY first thing in any questioning is "I want to speak to a lawyer." Know when you MUST identify yourself and the extent of id needed. But other than that STFU & wait until a lawyer is present. If the lawyer tells you to respond to anything and it later backfires you can then claim you acted upon bad legal advice and are are not responsible.

  28. Winkypop Silver badge

    The dog ate my passwords?

    No?

    It didn't work for my homework in Ms Johnston's grade 5 class either.

  29. Anonymous Coward
    Anonymous Coward

    Re: Use hidden partitions "Noooo"

    Rubberhose filing system? Wasnt that written by an autralian programmer who decided he'd had quite enough? I forget his name, but I'm sure it's out there on the wikipedia!

    Genie a "top secret" network exploitation - Oh you mean the Apple Mac "Dashboard" the fact it spies on you for apple which never really escaped the attention of any of it's programmers, nor does it escape there notice that apple has removed access to Darwin source code after version 9. So if apple is messing about with the patented untrusted Microsoft TPM then thats there own little love affair that will end in tears. OpenBSD is version 6.1 according to the OpenBSD website, but thats not technically accurate, in fact it's OpenBSD 6.2 and has been on "Macintosh" PPC for quite a while! They all go waffling on about better access to government across all departments - did they spare so much as five minutes to look into distributed secure file systems? Just go install OpenAFS on your precious little "Macbook" now once it's installed with the "ENCRYPTED" Security that it requires to authenticate you to the world and it's dog, you can access pretty much every part of US government from your "Macintosh" net folder, in fact you'll have a broad range of spectrum to choose from. Including CERN research! Enjoy!

  30. Anonymous Coward
    Anonymous Coward

    Re The dog ate my passwords?

    These guys are Jokers, they're far too busy plotting ways around there own security mechanisms to see the real threat and I am of course talking about the threat from people at "Yandex.ru" (Russians) busy submitting patches to the BSD and Linux kernel that bypass there security mechanisms altogether and they're even trying to disable the security aspects of MIT Kerberos and have it removed from Open Source altogether.

    Then to make matters worse you've got the virtual pariah "Microsoft" trying to assist them with garbage like "Trusted Platform Module" & "System-D" which impacts everybody using Open Source.

    Get your head out of the cloud and stop kissing "Donald Trumps" ass, especially when we all know he's been caught red handed "money laundering" and your too chicken shit to do anything about it. Instead worry about the security of your own systems before "Russia" makes you look like the complete novices & idiots that you genuinly are for a second time.

  31. Anonymous Coward
    Anonymous Coward

    A lot of assumptions here.

    Still it's an Apple system, so 'cain & able' which I'm told is popular with plod for inserting data, with selected write to disk dates as required, onto windoze drives, won't have been able to have been used to write incriminating files 'in the clear' to secure a persecution. And you thought only the NSA had backdoors..

  32. ChasTheOne

    How in the world can they claim a file hashes to the same as known kiddy porn, when it's an encrypted drive, not just an encrypted file? They would have to be able to determine what sectors were to what file, which shouldn't be possible if the filesystem itself is encrypted.

  33. Updraft102

    The Bill of Rights*, a foundation of liberty and freedom in America for over 200 years.

    * Void where prohibited by law. Or by the court, as it were.

  34. Anonymous Coward
    Anonymous Coward

    A few problems with this case. First being that if they lack evidence to convict without his cooperation they haven't proven anything. Remember, child porn has nothing to do with nudity, but context. It's actually possible to convict for fully clothed child pictures if it is sexually suggestive, and likewise having a picture of a child in her underwear might not be child pornography if the context isn't sexual. The prosecution likely knows this and that's why they haven't used it against him in a trial, but rather are trying to use it to side step his rights. Holding someone indefinitely in jail without an actual conviction is most certainly unconstitutional. Similarly, if the testimony of the sister is not enough in and of itself to convict him of any crime (who knows? It might be) they cannot at the same time that it is sufficient evidence to force him to testify against himself.

    Secondly, a hash check is very limited. For example, here's the has check for a simple text-based program I wrote:

    https://www.virustotal.com/#/file/d64d074a2f098d8842e7b06ad021d02054c0f39571e4034ce9148f8a265ec53b/detection

    Nearly all of the virus detection engines have concluded that the file is safe, but many believe that it contains malware based purely on the hash value. This is, of course, an extremely common problem for small developers. I was able to improve things significantly, but at least one always things it's a virus.

    If it is not possible to prove by hash values alone that a file is malicious, how can someone assert with any confidence that a hash value proves that a file is illegal? Clearly it isn't possible. If it was, they wouldn't need his password to convict because the hash values would be sufficient evidence.

    Thirdly, network traffic is not proof either. Multiple cases has to be thrown out (after a man's life was ruined) because it was later revealed that either a 3rd party used the connection, or malware was proven to be responsible, or even that his computer wasn't even involved. Again, if this was sufficient proof he'd already be convicted, but clearly it isn't.

    So far, all of the reasons they have for asserting that he has no rights is already faulty, and they know it. If they had enough evidence to convict they would have done so already.

    Lastly, how can anyone prove or disprove the contents of your mind? He claims to not be able to remember, but they claim he remembers. Shouldn't they have to prove that he has the ability to decrypt the drives? It's entirely possible that he did remember at one point, but with nearly 2 years in prison he could have forgotten. I've been permanently locked out of encrypted drives because I forgot the password used so it's not that surprising.

    At this point I am less concerned by the possibility that he is guilty or innocent of what he is charged with, and more concerned by the fact that anyone can be held forever for not remembering a password.

  35. KingChris

    I can bet top dollar. The U.S Government or Department of Justice has already since decrypted or crackedt the encryption on the hard drive. In doing so they were unable to find what they were searching for. However, DOJ is convinced a crime did take place. The federal government is now playing a cat and mouse game in hoping Francis Rawls and his Attorneys cave in and accept a plea deal or provide the encryption password (Which the DOJ has already cracked) to cave into a plea deal because the DOJ knows they do not have a strong case.

    The United States Government with Billions of dollars pumped into the FBI cannot crack a simple hard drive!? Nonsense!

  36. KingChris

    I can bet top dollar that the U.S Department of Justice has already decrypted the Hard drive. What the DOJ was looking for has not been found. However, strong evidence is there that a crime did take place. The DOJ is looking for Francis Rawls and his attorneys to cave in and present a plea deal as they know their case against him is not strong. They will continue to fight and try to convince a Judge to place Mr Rawls in contempt of a court order. Despite the possibility Mr Rawls may be incapable (forgot password) complying with court order.

    This is a alarming and disturbing precedent the Judicial system in the United States have created. People can now face life in detainment for failure to comply when they are unable to legally comply with court orders.

    A very similar situation occured with US goverment and Apple Corporation after the San Bernadino Massacre. The big difference is Apple has the billions dollars and army of lawyers to fight the U.S Goverment. The Judges in that case got it right back then. Most U.S citizens do not have that kind of legal power.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon