Slashdot Mirror
How Long to Crack an 'Encrypted' HD?
brainburger asks: "In the UK, Tony Blair has recently lost a parliametary vote to allow the police to hold terrorist suspects for 90 days without trial. One of the justifications the police gave for the extension from 14 days to 90 days was that they need the extra 76 days to decrypt the computer hard-drives of suspects. This has been seen by some as the only compelling reason to allow 90 days. The time-limit has been extended to 28 days instead, but Tony Blair insists 90 days is required. Are there really any encryption systems that cannot be cracked in 28 days, but which can be cracked in 90? Aside from the not-much-discussed issue that the police can no longer interrogate a suspect after they are charged, I suspect the police meant unencrypted machines. What do you think?"
But remember the requirement - 90 days for the POLICE to crack the encryption- I don't know why they don't just make it 'indefinite detention'.
I have nothing to hide. So, why are you spying on me?
it's longer than the suspect's skull during interrogation
I'd love to see how Safehouse from www.pcdynamics.com will do. Encrypt file-based real drive volumes with AES, Twofish, Blowfish, 3DES, and DES.
Kris
Kriston
I'd better not use AES to encrypt my hard drive or I'd guess they can hold me without charge until the sun burns out.
is that if cracking encrypted hard disks is really that important, it would be better to simply give police enough computer power to crack the encryption in less time and avoid the civil liberties issues. Of course, giving the police that much computer power will eventually guarantee even more civil liberties issues.
The higher the technology, the sharper that two-edged sword.
this is no dupe?!?!!? what are u talking about. the last article stated that blair wanted 90 days.
this article states that he didnt get what he wanted.
quite different if u ask me...and somewhat interesting
I think that this was yet more control freakery from a government that feels free to execute (no pun intended) a shoot to kill policy against its citizens, lock them away for handing over encryption keys (and if the file is just noise rather than encrypted data, oh well) abolish trial by jury, remove double jeopardy and generally treat us like its property rather than its employers.
Just cracking it isn't enough. They have to then sift through gigs of data to look for evidence. And that's ignoring stegnography.
Agile Artisans
Aside from the not-much-discussed issue that the police can no longer interrogate a suspect after they are charged,
Is this true? WTF? Why shouldn't police be able to talk to a suspect after they're charged? Of course, the suspect should have access to legal counsel and have the right to remain silent.
1: Today's terrorism is different because attacks do not have political aims and are designed to cause mass casualties, with no warning, involving suicide bombers
Retired senior judge Gerald Butler states: "The mere fact a threat is "completely different" is, of itself, no justification for an extension in the detention laws. But it is true we face a new and terrifying threat in this country."
Not politically motivated?!
What on earth are these people talking about? Good gried, "GET OUT THE MIDDLE EAST, WEST!" sounds _very_ political to me! "STOP MESSING IN OUR AFFAIRS", sounds political to me!
These attacks are completely and totally politically motivated.
The militants in the Middle East, right or wrong, is ABSOLUTELY, COMPLETELY, and TOTALLY in the middle of a political struggle with the West.
I think it's a bullshit excuse, that's what I think. With encryption algorithms, we're talking orders of magnitude, and most algorithms that can't be bruteforced in 28 days will take longer than 90. This is just a shitty excuse to get joe public on Tony's side.
Dupe! Dupe, I say. Seriously, though. This was one of the more commented on stories of the past week. I and other slashdotters are sensing subterfuge.
Read the only personal Runyon page out there.
If you want an unreadable hard drive, you can forget about blowfish, twofish, MD5, SHA, and every other cryptographic solution. There is only one way to do it and one number to remember: 1.21 gigawatts.
but ALL my pr0n and warezors are just sitting in the root of my C drive... will i be released early for "good behavior" or "assisting the investigation" of myself?
Are there really any encryption systems that cannot be cracked in 28 days, but which can be cracked in 90?
Probably, but since encrypted hard drives usually involve a passphrase being converted into a key of suitable length by one-way hash algorithms, why not crack the passphrase instead of the actual key? Even with 256-bit AES (or something like it), a weak passphrase-based key is probably one of the easier ways to go after the data. Of course, if the suspect carries their completely random key around on a USB drive of some sort, that's a different matter.
how long will it take to crack an encrypted HD-DVD or Blu-Ray disc?
The higher the technology, the sharper that two-edged sword.
f439f4af0cd24d0d07144ec2f6853d2f
Comparing it to Windows will be a moot point, since El Dorado is going to have a 40% larger code base than XP.
How long does it take the police to figure out that my drive is not corrupted, it just isn't running Windows.
DYWYPI?
Come on, I've seen them decrypt files and hard drives in a matter of minutes on 24. What are the pommy police up to, maybe they need to start watching it for tips.
Yeah, I guess it takes time to fabricate all the evidence after they've unencrypted the hard drive, sifted through all the Porn, Illegal mp3's, etc.
hellboy1975 http://www.foutheye.net
For argument's sake, lets compare this 90 days in confinement to crack the HD to XX amount of time of extraordinary rendition (ie. government condoned torture).
Confinement:
* Lengthy process
* Hardware and Keeping-Up-With-the-Jones investments in (cryptology) technology
* Various specialists and bureaucrats
* Confinement costs
* Innovative technology shift could make policy failure-prone
Extraordinary Rendition:
* Quite probably illegal under international law (which undermines our credibility to enforce international law)
* Moderate costs (flight, personel, etc)
* Creates dependency on undemocratic regimes
* False-positives don't risk mission success
* Likelihood of faster than 90 day turn around much higher (perhaps reduced to hours or days)
* Possible torture of someone who truly doesn't know passphrase
Any other options besides these two?
Because it looks like status quo is the winning choice. That would be choosing both. You can even publically say you are for confinement only, and then secretly use extraordinary rendition when it suits your national-defense purposes. This also may avoid sticky international objections.
Wow. Why not just take out the hard disk, stick it in another computer, copy the disk to an image, put the suspect's hard drive back, and let him out as early as day 1, taking your sweet time to decrypt the hard drive?
Isn't this a lot safer than just turning on a computer that might be rigged to start shredding data after, say, 3 invalid password guesses?
> Are there really any encryption systems that cannot be cracked in
> 28 days, but which can be cracked in 90?
Doesn't matter. They are always going to come up with some reason why they need just a bit more time.
What hell business do they have arresting people to begin with if they don't have evidence? (Yes, that's a rhetorical question.)
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
Ive got a 300GB external hard drive encrypted with dm-crypt, using the serpent algorithm.
;)
Cracking that would take more time/resources than any prosecution against me would be worth.
On the other hand, my encryption is passphrase-based ATM, so they could run a dictionary/bruteforce attack on the passphrase.
But that will soon change.
My next step is to use an SD card for my crypto key. A key of, oh, 2-5MB should be sufficiently hard to bruteforce
Then I shall have teh uncrackable drive!! buahahah
The only downside to having an encrypted external drive - stupid family members. Im worried that someone will plug it into a windows box and go "hmmm..its not formatted. Id better format it."
I am sure this 90 days is only to figure out how to crack it from detainees. If its the police doing it all themselves, I am sure it will take forever -:)
Yo-soy
Tu-eres
El/Ella/Usted-es
Ustedes-son
Nosotros-SoMoS
Pwnt in Spanish.
The United Kingon approaches counter-terrorism as part of a criminal investigation and has to deal with due process of law. Hence the debate over extending detention from 14 days to 90 days.
The United States approaches counter-terrorism as military action and the President signs an executive order that allows for indefinite detainment of suspects.
Fascinating. The UK has much more experience dealing with domestic terrorism -- did they originally overreact as well or are the two circumstances different from the get-go?
Old policy: Arrest the suspect, interview, release if no evidence.
New policy: Arrest the suspect, interview, if no evidence, hope something turns up in the next 89/27 days to charge them with.
And the reason you know it's BS... the guy who fled abroad after being interviewed by police regarding 7/7 bombings -- he was held for 2 days (even though they could have held him for 14) before being released.
Also don't kid yourself about how the places people will be held are like... it was in the paper's yesterday, basically GITMO-lite, despite a massive investment in rebuilding the station for terrorist suspects. After 28 days in there, I suspect virtually anybody will confess to virtually anything.
Anybody remember the Guildford 4? Birmingham 6?
Is it takes about 90 days for a full-on facial beating and ass raping to heal up.
The danger is what happens if an innocent person is caught by accident. Say some business person is visiting the UK from abroad. All a competitor has to do is suggest that there is something dodgy on his laptop. Naturally, this "tip" will be kept confidential, but the person will be locked up for 90 days. In this amount of time, he may have lost his job and home.
Britain has already shot dead one innocent man, and arrested a peaceful protestor using anti-terrorism legislation.
Vintage computer adverts: http://www.vintageadbrowser.com/computers-and-software-ads
Possibly there are. Its pretty dubious to assume the police could start cracking any given computer the moment they get it. if they have a computer that is speed X and can crack a machine in 90 days from the moment they get it, it would (assuming the problem is roughly linear, which brute force it is) need one 3.21 x as fast to crack it in 28 days. There may be other legal issues I'm not aware of, not being British. I could well see that the police can confiscate your computer, but may have various proceedures they need to follow about investigating it. For example, if you arrest someone for murder, and confiscate their computer, then find they have been looking at illegal pornography, which does not appear to be related to murder, can you then use that information separately? Can you just look at any old thing on the computer? What about material which may be private, not pertinent, are you even allowed to look at it (say naked pictures of you and your wife), what happens if that gets disclosed to the public? There may not be anything illegal on the computer, but that doesn't mean you want its contents on the public record.
Lets say from the day it arrives it takes a week to get looked at, 3 more to 'crack' it somehow, after that they need to still analyse the data they have, which they may or may not need permission to look at etc... So I can see it taking more than 14 days certainly, and possibly more than 28 days, and even there up to 90 days. That does not however, mean I can see why you would need to keep a suspect in custody for that many days without charge. If the person is suspected of a computer crime, well, you have their computer (and perhaps I can see being allowed to keep the computer 90 days), if its something not specifically computer related, you should have some other evidence.
This is not a troll. Plain and Simple, if the decryption really is importantant, then throw some boxes at it. The decryption is done in parellel so it is quick. Rather than stealing a person's rights and having them in expensive prison, it is far cheaper to buy the computing power. Or they could do what we did : create the patriot act.
I prefer the "u" in honour as it seems to be missing these days.
These algorithms aren't supposed to be exported. It says so right on the strong encryption agreement info. "If you are darker than this flesh colored crayon, you may not download the software. You are not made of flesh and therfore surrender all rights to privacy." Aren't encryption algorithms exponentially harder to break once you add one letter, or even a new subset to the password brute-forcing system? Oh crap, they must've used capitals it's going to take longer than 30 days Mr. Prime Minister. There are OSS tools to cascade several algorithms making it huge number * huge number * huge number * X^infinity possibilities that you'll ever know what was planned 6,000,000,000 years ago by some dumbass...or his porn collection contents.
So they are attempting to crack encryption of a device that contain copyright'ed material (if this guy saved his email, then anything he wrote should be automatically copyrighted). Isn't this a violation of the DMCA?
I know I'm probably missing some technicality, but it's a fun thought argument.
Hell, with a good hammer it only takes one swing! ... What's everybody looking at me for?
Windows Machine - No Encryption .dll,.sdb,whatever and drop it deep down into the system possibly replacing a file that's never used.
What happens if I take a text file, rename it and change the extension to some
Would they actually find it? Assuming only basic precautions - turning of recent documents, etc.
Uhh.. off the top of my head, worst case would be
(A / B) x 86400 = C
where A is the keyspace, B is keys per second, and C is the answer in days. I'd assume the average time would be half that if the keys follow a normal distribution.
Of course B is dependant on the computer(s) used, and A is dependant on whomever encrypted the data. Since B is classified, and A is unknown, you can just pick an arbitrary value for C.
https://www.eff.org/https-everywhere
There is no way that some computer programmer is going to spend 90 days trying to crack each hard drive that comes through. That means each computer scientist could only look at 4 hard drives a year. That would cost a fortune!
I think they will detain somebody. Wait 89 days, send the hard drive to someone, and then look at the result.
I agree, for the most part.
Assuming there's no data leakage, and assuming the encryption is properly implemented, and assuming a good passphrase is used, I think it's extremely unlikely that anyone will be getting through modern strong encryption within 30 years, much less 3 months.
Of course, that's a fair number of "assumings". 3 months is about the time frame I'd expect it to take to do a full image of a hard drive using a technique like Magnetic Force Microscopy and analyze the results for leaked, overwritten information.
Kythe
Mmm...I suspect the issue isn't "cracking"; I think the story poster was hinting at this with the last sentence or two. Chances are "crack" is being used liberally to present it using "terms" something Joe Q Legislator and John Z Public can understand. I would bet it is mostly analysis (or as you put it, "sift through".) Chances are serious criminal investigation units already have custom (ie distributed to several systems, nicely wrapped with scripts and such, etc.) cracking solutions akin to L0phtcrack and John The Ripper, set up and ready to go, on some nice hardware- so that if they need to crack a password for someone's Windows account, they can do so, and quickly. Somehow I doubt that it takes them more than 30 days to do so. There is also a considerable amount they can access without any "cracking."
However, nothing trumps the human rights of the suspect. Here in the US, you have to be released within 24 hours of arrest if you are not charged (well, excepting Patriot Act crap.) Often times the police don't have the evidence yet to hold you on a crime. Unfortunately- that's just too bad! Case/workload isn't the burden of the suspect- it's YOUR burden. If YOU can't analyze the hard drive in the time period someone can be legally held...hire more people to do the analysis, or just suck it up.
In which case, maybe it is deliberately misleading. Ie, "We need 90 days to crack encryption" sounds a lot more unavoidable than "we have such a high workload we can't get through looking at the contents of the disk before 90 days." Not to mention, the latter can also imply quite a bit of incompetence (ie, management hasn't scaled hiring/budget to the problem, or management isn't being effective, or they're all taking 2 hour lunches to watch soccer, etc.)
Please help metamoderate.
United Klingon
Seriously, they have the guy for 90 days! It takes alot less to just beat his password out of him.
What's that I hear you say? You can't do that in a free country? Holding a person for 90 days without charging him with anything is a new and interesting definition of the word "free".
"Freedom. You keep using that word. I do not think it means what you think it means"
Ever wonder why Orwell set 1984 in GB? Now you know.
Considering encryption exists that cannot be broken during one's lifetime, it makes more sense to keep suspects detained indefinitely until they provide police the means to decrypt data required for an investigation.
That's assuming that there is enough evidence present to suggest that encrypted information exists on the media in question.... which you can't check until you decrypt it in the first place.
*sigh*
I mean, it would kind of suck if the police thought you had encrypted information on a hard disk - when in fact you just finished shredding the data with a DoD wipe and all they could see was random data... confusing it for encrypted information.
READY.
PRINT ""+-0
how are you gonna decrypt something you don't see :D
Hold on. Anyone remember the Regulation of Investigatory Powers 2000 Act? Isn't it an offence - punishable by a prison sentence - to not hand over encryption keys? If they need to crack it, they can just tell the suspect to hand over his key(s). If he/she doesn't, he goes down for more than 90 days anyway ...
IIRC it's a crime in Britain to refuse to hand over encryption keys when required by the police. So why don't they just seize the hard drives and ask for the key? If the suspect gives it up, all is well. If he refuses, then the police don't need to hold him without charge for even one day, much less 90, because they now have a charge to pin on him.
It's hard to be religious when certain people are never incinerated by bolts of lightning.
Why is it necessary to detain someone while their hardrive is being decrypted?
Somewhere along the line, the computer will develop sentience and decide, "screw this pc, I'm launching nukes".
Firstly you are likely to want to hang on to the drive as potential evidence.
Secondly taking an image of the disk will only copy the data that is supposed to be on there. It won't copy any residual data that you may be able to detect with a more thorough analysis.
Plus at the end of the day there's no real reason to keep the guy locked up just because you want more time with his hard disk. If you haven't found _something_ to charge him with after 30 days then letting him out doesn't seem unreasonable and you can always keep him under surveillance and keep hold of his hard disk.
Boffoonery - downloadable Comedy Benefit for Bletchley Park
http://www.truecrypt.org/ -- Best free one-the-fly virtual drive encrpytion with the option of encrpyting a volume with in one another that is impossiable to find. This allows the user plausable deniability, which is huge. They may crack the outer encrypted drive, but then they can never prove there is a secret inner drive! Good performance and benchmarking too...
Drink Jagermeister till ya die!
Police want the time to take some pressure off themselvs. If they can extend the deadline by 2 and a half months they have more time to get everything done. They don't "need it", but they want it because it's a damn sight easier for them.
Although I'm outright against this and any other attempt to make a police state. If you lock a guy up for 3 months you've pretty much taken his job away from him, maybe his house (if renting) and rumours spread fast, so good luck getting hired againa as a "possible terrorist". The reason the vote was against it is because it would ruin people's lives if this were to be brought upon them.
I like muppets.
Why don't they just turn on the computer with the hard drive in it instead of taking the hard drive out and looking at it later?
I have to think about this in terms of asymptotic complexity.
... 21 ... 196
The difference between 14 and 28 days in these terms, is pure BS, nobody would care, right? If n translated to a process that took 14 days, the next we'd care about is nlog(n), then n^2!
nlog(n) 14
n^2 14
Research that I've seen in NP complete and PSPACE complete problems, of course, suggest solving schemes whose times vary wildly, but no assurance could be made of cracking within any reasonable time interval. It would be akin to "any time between 10 seconds and the end of time."
So, the only thing remaining is empirical evidence, not based on any theoretical result, that says "well, normally we can do this in x days."
Now, if that's the case, and it's some sort of distributed process (lets assume it is), well, scalability concerns aside, they could scale up the system, and protect personal libterties a bit more.
If you need complete security from all government agencies (or other parties) you need to combine a strong encryption system like ROT13 with a text-based cyphering system like l33t sp34k. Continued study into lossy 1-bit compression, which effectively reduces and entire file to a single bit, could also be used to thwart the unauthorized individuals from gaining access to your data. Of course, you'd have to accept a little data loss if you chose to compress your encrypted files.
I am currently working on the next-gen encryption system that will handle binary files better than ROT13 (yes, I know it's hard to believe). This new system will use the same encryption concepts on the entire WORD. I call this system ROTl33tn00b, or R0t3n for short. When I have my code (pure VB6) finished I will release it to the community under GNU/GPL.
I may not know much about this subject, but weren't most of the terrorists hiding their information in hotmail in draft emails that never got sent, not on their harddrives? One person writes up the plans, saves the draft email, next person checks drafts, no emails get sent, nothing saved to harddrive. I understand that that probably no longer works, but I imagine a varient of it is much more likely in use than storing information on the harddrive in an Openly Encrypted manner. Hiding in plain site makes alot more sense to me. Encrypted files would just be a red flag.
Also, now, I understand there are a fair amount of tinfoil hat wearers (shiny side out) here, but how often do you keep encrypted data on your computer that is not job related? That you can't just tell the cops, yea thats for my job, here is the passphrase this is what I'm working on, now give me back my harddrive.
What would you keep on your harddrive that you would stay in jail, being interrogated, for 14 days over? Let alone 90 days?
Goddamn, I can't believe I understand the government for once, and to think I used to call myself an anarchist. I still don't agree with them, but I think I understand them.....and they're dumb.
Don't know something? Look it up. Still don't know? Then ask.
Not necessarily. If you REALLY wanted to hide something on your hard drive, it'd be cakewalk for anyone really determined. Just get a 256 bit encryption system put on there (nearly impossible to 'brute force' with simple computing power due to the sheer number of possibilities).
On top of that you can hide messages in thousands of different possible files on the computer. It could be anywhere; a driver, a PC save game file, the user name and password for someone MMO account spelt backwards, it could be in plain sight on the desktop except its a code-word phrase that only the (presumably) terrorist knows. And thats on top of the encryption so the code breaking geeks can't even being working on this until the computers are done. Hiding data on a computer these days is a joke for anyone willing to spend the time and effort.
"Brute forcing" encryptions is a thing of the past. Contrary to popular belief, hardware has not necessarily kept up with software, as many high-end computer graphics designers will attest to. (Imagine today's top of the line computers trying to real-time render the orc's attack on Helm's Deep with all the fancy graphics, special AI and fancy camera work all going on at the same time.)
Isn't not forking over your passwords for your equipment when the authorities act being in contempt of court? And when you are in contempt of court, you sit in the pokey until you either give the court what they are asking for, you die, or somebody else confesses and is found guilty for your crime.
Just "gittin-r-done," day after day.
Slashdot | How Long to Crack an 'Encrypted' HD?
OSTG
SourceForge
ThinkGeekd 102290bbd8d6c328d9352d">ITMJ
ref="http://slashdot.org/relocate.pl?id=12076d9d1
Linux.com
NewsForge
freshmeat
Newsletters
Jobs Broadband
Whitepapers
Xh reshold=-1&commentsort=0&tid=158&tid=93&tid=4&mode =thread&pid=14004578#14004712">Re:Decrypt ~and~ analyze by Phanatic1a (Score:2) Thursday November 10, @10:41PM
Parent
href="//ask.slashdot.org/comments.pl?sid=167966&t
Forget Decryption by Propaganda13 (Score:1) Thursday November 10, @10:52PM
Re:Decrypt ~and~ analyze by BiggerIsBetter (Score:2) Thursday November 10, @10:55PM
mostly analysis, I suspect by SuperBanana (Score:2) Thursday November 10, @10:57PM
I think that this was yet more control freakery from a government that feels free to execute (no pun intended) a shoot to kill policy against its citizens, lock them away for handing over encryption keys (and if the file is just noise rather than encrypted data, oh well) abolish trial by jury, remove double jeopardy and generally treat us like its property rather than its employers.href="//ask.slashdot.org/comments.pl?si(http://www.jaredrichardson.net/ | Last Journal: Saturday June 18, @08:11AM) href="//ask.slashdot.org/comments.pl?sid=167966&o
Quoting FTFA:So we're telling these suspects that their lives have to be put on hold for an extra 14 days because we can't double the resources on this issue?
This is a mockery. Trampling democratic rights makes for a poor defense of democracy.
Justice delayed and stale intelligence. Shouldn't we know ASAP what's on those hard drives?
Information: "I want to be anthropomorphized"
Just fishing for the amusing title, but in the (pretty large number of) posts I've looked at so far, no one has made the obvious observation that if the "terrorists" are actually concerned about being held some number of days, then they can just increase the level of encryption they use to make sure that it will take longer than that to decrypt their drives. There is no upper limit on the amount of encryption you use. For the police to claim that they need any fixed number of days is totally bogus, and the British police are just making excuses because they want to hold suspects for longer time periods. Heck, if having a HDD is the excuse for being held longer, then all the smart criminals will simply get rid of their computers. Of course that's on the theory that the amount of time the police are holding them has anything to do with whatever criminal action they might be planning.
In conclusion, I would guess that the stupid TV show called "24" must also be shown in Great Britain.
Real life is not like that. Before arresting someone, the police are supposed to already have some concrete and substantive basis for suspecting the person has committed a crime, or even stronger evidence that the person is really in the process of planning to commit a crime. The basis that "We think we'll find something AFTER we decrypt the HDD" is totally bogus. The reality here is they just want to quietly lean on the suspects for a longer time, and saying they need that much time because of HDD encryption is just a cheap--and stupid--excuse.
Having said that, I'm surprised the politicians weren't stupid enough to go along with the gag. That already puts them ahead of most American politicians. Can you try to imagine explaining HDD encryption to Dubya?
Freedom = (Meaningful - Coerced) Choice != (Speech | Beer^2), and sad sock puppets' bad mods avail them naught.
I thought i was going crazy and had mad psychic powers of precognition...
But really i had just read this last week.
I cant remember the specifics, but i'm sure a law long passed in the UK says that if you do not provide the police with your password / private key during an investigation you can be jailed for upto 2 years.
So why require 90 days? If you dont provide your password/private key then the police already have 2 years to crack it not 90 days!
On a serious note..... The UK has been bombed more times by the IRA than Al-Qaeda.
On a funny note.... If the Police are anything like the Inland Revenue (The UK version of the IRS) then the police need the 90 days just to lose the paper work, find it again, then miss file it, only to discover it was the wrong paperwork.
Any cipher that can be cracked given "enough computer power", for any practical value of "enough", is broken. Utterly broken, obsolete, not fit for use, an ex-cipher, singing in the choir unusable. DES, for example.
Guessing a passphrase is believable, though. That might take large-but-feasible computer resources. English text has only one point something bits of entropy per character on the usual estimate. Who has a sixty-character passphrase?
Alternative Browsers Impede Investigations9 58220&tid=95&tid=17
http://yro.slashdot.org/article.pl?sid=05/09/01/1
If you need time to crack the hard drive YOU FUCKING TAKE THE HARD DRIVE!. Why do you need to hold the person for 90 days when you can simply take his hard drive and hold it for as long as you want.
Because if he knows you'll find something on his hard drive once you decrypt it, he may decide to disappear during the 90 days it takes you to find it, whereas if you can keep in custody until you finish he wont have that opportunity?
In "Ninety days are needed." the subject is plural ("days").
If we reach out beyond the UK proper, and look at how the British dealt with insurgents in Kenya, Malaysia, and southern Yemen, they largely went the military route. Worked in the first two, not so much in Yemen.
Luke, help me take this mask off
and by old, I mean not that old. We had a 'criminal investigation' policy during the Clinton administration and during the Bush administration right up until 9/11. We caught the oklahoma bomber, the unibomber, and the WTC bombers, but none of their networks if any existed. We did not catch the Cole bombers, but they were dead from the bomb.
All of these do very little to discourage future bombings, if we maybe catch the culprit sometime after the fact. an organization bent on sending suicide bombers has nothing to fear from such a system and neither do the suicide bombers themselves. Which is why the policy took such a radical shift following 9/11 in the US. afaik, GB, spain, et. al have yet to have a single attack of similar scale as that one and therefore can still operate under the paradigm of small individual crimes.
Can you be Even More Awesome?!
OK, so, IF what Blair wants is true, then it should be proved the next time they encounter a suspected terrorists PC. Yeah, they'll let the person go, and they may or may not do the dastardly act they are suspected of plotting. But, keep cracking. Once they've completed the crack (and they cannot do anything different just because the person has been released, since that would not be in the interests of the country), they will know how long it can take. Then Blair can have hard evidence to bring to the debate, rather than a nice, even, out-of-thin-air 90 days.
So what happens if you're running Rubberhose?
Even if they break out the rubber hoses and you give up a passkey to an aspect they won't know how many or if there are any other aspects on the disk.
P.S. Official site has been gone for some time, but it's still on archive.org
Loop-AES has been around on Linux for years and provides a fairly nice transparent encrypted FS. I really can't imagine anyone cracking a HD seeded with garbage, an FS offset from the traditional drive start, and using loop-aes in _years_, much less days. Who knows, maybe MI5 has the black box from the movie Sneakers... the UK did produce Alan Turing and Stephen Hawking after all.
http://sourceforge.net/projects/loop-aes/
I've been wondering throughout this debate, and have never once heard it mentioned yet - since 2000 when the RIP Act was passed, it has been a criminal offense to not disclose your decryption keys. Failure to do so can land you in jail for, I believe, 2 years.
Why can't these people they need 90 days for simply be charged with breaking this particular crime, and in the mean time carry on cracking their systems in order to uncover more serious crimes?
USE DM-CRYPT, you MONSTER!
Sounds like something we'd want to generate rediculously large Rainbow Tables for.
[Fuck Beta]
o0t!
<Cartman>What the goddamn hell is that supposed to mean, you goddamn folksinging hippie?</Cartman>
Guaranteed! This comment 100% Anthrax free!
Didn't you see Operation Swordfish?
...
Gabriel:
I want something from you. D.O.D.
dBase, 128 bit R.S.A. encryption.
Whattaya think? Impossible
I've been told the best crackers
in the world could do this in
sixty minutes. Unfortunately,
I need someone who can do it in
sixty seconds.
If they could do stuff like that in the UK,
do you really think John Travolta would force
some guy who lives in a trailer to crack 128Bit
RSA D.O.D. dBase? With a gun to his head?
While getting a blowjob?
riiiiight
[Fuck Beta]
o0t!
If a criminal was real smart, they'd simple use a SD Card and a USB adaptor. They can then encrypt the SD card with TrueCrypt or similar. If shit hits the fan they can eat it, smash it, etc or just throw it somewhere.. chances are, it will never be found.
Of course you could always avoid spending 30-90 days in the pkey by simply telling the police how to unencrypt your hard drive.
It still seems wrong to let the time period go to 90 days, but you have to admit that if some guy is willing to spend thirty days in jail it looks a little odd. Even if they are just doiing it for the principal of the thing.
Also people are just saying "make a copy and then release them". Pretty stupid to release someone right away to warn others whose existance they are trying to find from the hard drive. That's really the whole point of holding them while they crack the drive.
I personally think the 28 days they have now sounds a little extreme but tolerable as long as there are stringent guidelines for when extended holds can be applied. 90 days seems unreasonable though.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Unfortunately, I lost the thumbdrive about a week ago on the way home from work.
Sorry.
"Avoid employing unlucky people - throw half of the pile of CVs in the bin without reading them." -- David Brent
I dunno - Sting might be really good at maths.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
I think the most obvious step is for your friendly neighborhood criminals & terrorists to start remotely accessing their systems. Dumb terminals basically. There is no reason the computer can't be in another room, building, etc. Shouldn't a VPN over an encrypted wifi link be secure enough? 54 Mbps might be "slow" compared to normal HD access speeds, but the security gain should outweigh any performance loss. The police can't seize anything that isn't in the dwelling without (generally speaking) seeking additional warrants. Your mileage may vary
[Fuck Beta]
o0t!
What I want an answer to is why there are ~1000 hits for a1d0c6e83f027327d8461063f4ac58a6 on Google...
The "rainbow" method is to have an absolutely gigantic dictionary of passwords people could use to protect their encryption keys, on the basis it'll be easier to break that than the key itself. Always go after the weakest link, not the strongest. Even then, the combined power of all three of Britain's regional computing centres PLUS Britain's national computing centre would be inadequate to break passwords of significant length and strength - assuming the password hash is trivial.
(If you're using a 512-bit hash to store the password, using 16-character passwords, only through an S/Key-type OTP interface, your rainbow dictionary cracker is well and truly buggered.)
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
Cracking passwords is a lot easier than cracking encryption. You can use side-channel attacks like listening to keyboard clicks or RF screen noise and interpreting the stuff with easy variations on OCR software. It seems easier to provide your 007 types with half a dozen URLs that link to innocuous jpeg's which you download, zip, and drop into a black box (such as Mersenne Twister) that spits out an AHP (not to be confused with an OTP.) That way, if you lose a 007 she can only divulge methods, not secrets, when the rubber hose comes out.
If you only have commodity hardware at your disposal, then there probably isn't any that can be cracked in 90 days which can't be in 28 days. On the other hand, if you were an entity such as the NSA, then chances are that you could crack just about anything in 90 days.
Back when tens of thousands of computers took nearly a year to crack one of the RSA algorithms, the NSA had a machine which would do it in less than five minutes. Just the coolant pipes for the machine were around 12" or 16" in diameter. It's entirely a different league than a bunch of white boxes sitting in rooms.
steve
Oh, you're not stuck, you're just unable to let go of the onion rings.
A few days ago when I was chatting with an Englishman he offered to trade me Tony Blair for President Bush. I was like, "well, he can't be any worse...." Now I wonder. Have I been suckered? Hmmmm.
I dream of a better world... one in which chickens can cross roads without their motives being questioned.
Tony Blair: Fezzik, tear his arms off.
lorcha: Oh, you mean this encryption key.
Awhile back, there was some software released that prevented against such an attack - because the guy beating you with the rubber hose could never tell if there was more information in the algorithm. It seemed pretty nifty (although I don't really feel like being beat with a rubber hose).
..don't panic
I think I read somewhere that if the UK police want to decrypt something of yours, you're legally obliged to comply and hand over the decryption key. Failing to comply would make you guilty of withholding information from the police and you could be thrown in jail for that. Am I completely off track here, or is my memory still non-broken on this matter?
________
Entranced by anime since late summer 2001 and loving it ^_^
a) I would rather be held for 90 days than 30 seconds.
:))
b) I went to the police station to pick up a laptop that had been stolen. The officer asked me whether I could get any of the others to "work". Most police cannot get past a password (or try admin, blank) on a windows laptop, in fact lots of them probably cannot turn one on. I would have the feeling that the 90 days to crack a disc would be more to do with the severe backlog, because of the the few people in the police force who can crack an encrypted disc.
(Unfortunately I also know nothing about encryption or password hacking
/. bug #926803 - Why I can post.
90 days in jail will ruin you financialy (can't go to work, so can't pay bills), so it's in your best interest to give them the passphrase and hire a lawyer while you still are solvent. Plus, they can tell the other inmates that they think you have kiddie porn on your computer and they'll let the inmates do the torturing.
90 days won't give them enough time to crack the key, but it will make you think really hard about giving them the passphrase so they let you go.
Say you had a cell of truly bad guys,professional and dedicated bad guys, and the cops nab one of them. The other guys in the cell are going to notice that one of their compatriots is now missing. They will assume he has been captured (they have no choice, they have to assume the worst because of the hard ball nature of the business they are in), and they will immediately move locale and switch to some plan B. There's nothing else they can really do. They aren't going to sit around for 90 days wondering and carry on badguy business as usual.
To be honest I doubt that this was a real reason, Tony had decided he wanted the law, once Tony has made up is mind that is it, he would say anything to get it passed. The same thing happened with the Iraq war, Tony failed to give a single justifiable reason for war. There may have been a good reason for the war, or for 90 day detentions, but he certainly hasn't told the public what they are.
It's amusing that he was saying anything less than 90 days was completely arbitrary, and therefore 90 days was non negotiable. The MET police commissioner said that 90 days was nice but more would be better, which says to me that 90 days is arbitrary, which means don't read anything into it.
Bitter and twisted, DON'T ever FORGET the TWISTED
7, 14, 28; all multipliers of seven. Is Mr Blair missing three fingers?
And if so, shouldn't it be 91 days?
- Peder
... that's why I wonder why nobody remembers to pay someone like Derren Brown to teach them "How to get the password". (I've seen it on telly, so it must be true :P)
Of course it shouldn't take too long for political parties in power to realise that the real enemy, who must never get access to this power themselves, is the opposing party. At this point the 90 days etc, can start looking like an effective political tool. Damn, if the country can work without an opposition for 90 days it can work without it for 90 years. It's so obvious.
Bitter and proud of it.
The claim that the Police need 90 days detention for hard disk cracking seems a bit feeble to me as I'm sure they can already exceed this using the Regulation of Investigatory Powers Act. The RIP which passed as law 3-5 years ago allows the police to seize computer equipment and arrest the owner(s). The suspect is then not allowed to contact anyone, and should encrypted data be found on their hard disk, they are obliged to disclose the encryption keys. Failure to do so can result in up two years detention without the need for a messy trial.
Once someone is caught up in an RIP style seizure it becomes illegal for them to actually tell anyone about the investigation under penalty of 5 years imprisonment.
Basically, the recovery of encrypted data may be the only half decent reason for the new anti terror laws but it's also the one power that the police already have under existing law begging the question, whats the real thing the government are after?
Hmmmmmm..... Deep fried and look like Squirrel.
Perhaps the 90 days isn't the time it takes to crack the encryption, but the length of time it takes to crack the subject into telling you the passphrase....
Cracking drive encryption can take billions of years, or even longer than the foreseeable lifetime of the universe. So, why don't they just give the police the right to retain people as long as they feel like it? If "time to decrypt HD" becomes the standard, they might as well.
If the only argument over the old 14 days (or the 7 prior to Blair) is HD cracking then I take it there's a provision written in that, unless an encrypted hard drive is found, it will default back to 7 (or 14) rather than even the new 28?
Were that genuinely the case, I'm guessing the following could have been passed through:
"Detention will remain at 14 days. If an encrypted hard drive is found, the suspect will be given the opportunity to provide keys to decrypt the data. Should they fail to do so, their detention may remain indefinite until fourteen days after all files on that drive are cracked. If they do give the keys, their detention may not extend beyond 14 days from that date."
That addresses any genuine concern with encrypted hard drives. It gives the police 14 days to investigate and charge or release once they have the drive cracked. Not only that but it gives you an incentive to hand over your keys if you know you're innocent as it gets you out faster - saving everyone time and money. It doesn't invade privacy anymore as, charged or released, they're not handing back the drive until they've cracked it and found the information anyway. The only people it could possibly effect are criminals or those so paranoid they'd rather rot until the same result is achieved anyway. Plus it allows longer if better encryption is used, etc. - making it a far better match to the problem.
That would have likely got passed. It's pretty hard to argue against it other than with a vague notion of not having to incriminate yourself (but handing keys to your files is no different to having to let the police execute a search warrant).
Except, something tells me, this isn't about an arbitrary 90 days being needed to crack hard drives. This is about how the state would, understandably, like as much freedom as possible to do their thing and thus the more they can put up a mock cause, and get a little more and a little more, the better.
It's like the patriot act. Even with arguments for a need for secrecy with fighting terrorism, even with arguments for a need for speed of action, warrants served by the FBI could still be reviewed in secret by judges after the event and those found to be without merrit publicised - to prevent any abuses. But the point isn't about preventing abuses, it's about using one hot topic justification to get away with all the other things they'd rather do but can't justify on their own merits.
I'm quite sure they've prevented quite a few armed robberies, murders, mob activities and all the rest of it with their new powers. I also know Karl Rove, scumbag that he is, has used it to populate the largest "political enemies list" in U.S. presidential history. And all this has to be secret to make it work against terrorism? Hmm. Don't think so. There're ways that'd stop terrorism just as effectively - as suggested above - but they don't let Karl do his little thing.
Here's my free advice how to end this charade: introduce a law that makes it obligatory to give up your passwords (should a judge say so); not complying (or giving false passwords) will result in detention of up to, say, two years?
Of course, you have to introduce some restrictions: the law should only apply under suspicion of fraud exceeding a certain amount, real threats of terrorism, etc.
Tony Blair can introduce this bill and save his face.
This 90 day clause is the only part any one is interested in! I too thought 90 days was a bit much until I heard that EVERY 7 days the suspect is brought before a magistrate and the case for detention is reviewed
It seems that this fine point has been ignored??
$EVILGUY operates a website with wallpapers/porn/other interesting stuff and uses steganography to hide data encrypted with a random key in every download...
Even after charging someone the person may not find themselves being tried as the charges can be dropped.
The govt. wanted to extend the period a person can be held without charge to 90 days.
This is a very different matter to being held without trial and fundementally it's far worse as, even loosing, the government got a doubling of the period so once it's in force a suspect against whom no evidence has been offered can be imprisoned for up to a month before they are properly informed of what they are accused of.
Many of those who were arrested here following the July 7th attack in London were subsequently released without charge. The police have a history of using a "wide net" policy to arrest people against whom no evidence at all exists and of abusing anti-terrorism legislation against peace demonstrators, hecklers at political conferences, etc.
--- I am known for the ones who want to find me on the net. Is that a privacy risk or a privilege? One might wonder..
Let's think about this, Blair comes in to power, and the detention time goes from 7 to 14 days, it now 28 days.
I'm really beginning to see a comparison here between the film 28 days later, and the way that Blair seems to want the UK to go. Replace the virus in 28 days later with Blair's power, and voila!
xyberpix
When there is nothing on the harddisk to crack, they'll presume some steganography somewhere. At what moment do they concluded that there simply is nothing there? They won't. So if you haven nothing to hide, you'll be sitting the full 90 days, because they will not crack anything, because there isn't anything.
Yes, I am the one with the legendary sig.
This is getting a little off topic, but I'll bite. You can't believe any of the allegations made by the islamo-fascist enemy incarcerated at gitmo or anywhere else for that matter. Copies of the al-qaeda (did I spell that right?) "field manual" have been confiscated that instruct those captured that it's not a sin and is in fact approved by Allah for them to make up stories of torture to tell the press, Red Cross, UN or anyone else who will listen. Or at least that's what was reported on the evening news right about the same time as the Koran flushing story was making the rounds.
"Just because you do not take an interest in politics doesn't mean politics won't take an interest in you." --Pericles
Check out this Labour Party survey about terrorism. The Labour Party are the ones pushing this draconian Terrorism Bill, for which they claim popular support. It is so biased that one of their ministers has actually apologised for it.
You're an immobile computer, remember?
What does 'encrypted' data look like? You have a file that seems to contain random digits. The better the encryption, the less structure your encrypted file will have. In the end, a securely encrypted file becomes indistinguishable from a file containing random data.
If the police - or whoever it is doing the searching, this isn't an anti-police thing as such - find some file containing ramdom data, and demand the key, you should be able to say "There is no key. That is random data". This might sound deeply suspicious if only one of us does it. If many of us keep a few files of random data on our hard disk as a mark of passive resistence, then it will become plausible. And the number of encrypted messages, if there are such things, may be outnumbered by the false random data files.
Have things really come to this? I don't honestly know. But I have just made a small, random file and stuck it on my hard drive. Now, we need lots of other people to do the same.
you mean 'jhead -purejpg'??
Sick of it. One set of rules for the government agencys police and the such like, and one set for the 'people' .
It is perfectly legal for there police 'people' some that are corrupt, to use sudo 'cracker' skills
that i could be locked up for even harbouring the thought of wanting to 'crack' something.
All Your Lives are Belong to Them.
Well, I am going to shout "racist" and "xenophobe", as well as "idiot". How utterly prejudiced to describe all muslims as freeloaders and complainers! You claim that "[t]he Muslims are demanding a political change in Europe from Western-style democracy to Sharia Law". There are certainly some muslims who want that, just as there are some Europeans who vote for Le Pen, but the idea that all do is ridiculous. (Here's the proof: attitudes toward sex, not democracy, divide the West and Islam. Incidentally the same article shows that, although muslims are on the whole less keen on sexual equality, 55% of them still support the idea. So much for your claim that islam promotes the beating and repression of women.)
Islam is not perfect - nor is Christianity, which has historically persecuted those opposed to it and continues to exhibit bigotry towards gays and lesbians. But this sort of over-generalized nonsense should stay where it belongs, on the BNP website. I find it depressing that you received "+5 insightful" for this ignorant crap. Let me display my own prejudices - are you an American, by any chance?
Behold France which is currently in upheaval because unsatisfied Muslims are striking out at the national culture which has been keeping them down, nevermind the fact that the Muslims themselves segregate themselves from the rest of society by refusing to conform to the culture into which they immigrated.
Actually, the riots in France are not motivated on religious grounds. The riots are as a result of huge economic disadvantage, exploitation and unemployment in those communities which are rioting. This has come about because of racism and bigotry in France, not because of religion. The majority of the rioters are not even religious.
The Muslims are not rioting. The poor are rioting. Quite a lot of people will try and distract you from this fact, especially in France, where the poor rioting has a long and well documented history of toppling governments.
May the Maths Be with you!
http://www.pbs.org/wgbh/nova/sciencenow/3214/02.ht ml The researchers at one of the Universities used rockets to cause lightning to strike an area repeatedly during cloudy weather.
IANAL but I believe we have law on the statute book in the UK anyway that means you can be charged for refusing to hand over your encryption key. At that point 90 days to crack your encryption becomes irelevant - you either dont have any, or you do and hand over the key, or you do and refuse to hand over the key in which case you could be charged and then they have you for as long as they want. The justification is not the amount of time it would take to decrypt your hard drive - its the amount of time it would take to sift a hard drive for useful information. The argument being that a 100Gb hard drive oculd hold a lot of documents, which all have to be read. There are also arguments in terms of non-IT issues. Say you arrest someone and need to search a premises, but its packed full of explosives. It took the bomb squad TWO WEEKS to make a bomb factory safe enough for forensics to get in to following July 7. Having said that - I think 28 days is plenty.
<fnord>OBEY</fnord>
USSR?
PRC?
GDR?
UK?
IANAL but write like a drunk one.
The reason they want 90 days is that currently the police have a 90-day backlog on computer hard-drive searching, due largely to the recent crackdown on 'internet paedophiles'.
That's right, Ladies and Gentlemen. They want to have the right to throw you into jail for three months without charge just because they've got a lot of work on at the moment.
Nice nazi thread you've started here, it'seems you've brought a few friend nazi moderators with you too. But I see allready some rebutals so I'll try to add some info so that people who might get swayed but your properly phrased stupidity will have something to balance your crap.
So you have bought in to the cultural/religious war theory. Wars are never about any of those - they are always about assets on a high level and fueld by manipulation and ignorance on a low level. To be able to aquire "good" soldiers they have to be ignorant, and being poor and uneducated is a good start. That is why cannon fodder in wars and rioter possies are always composed of poor population. They have nothing to lose but their already worthless lives.
Do you think christians for centuries have killed christians over religion? Have you heard the phrase "Kill them all. God will know his own" before? Do you think a muslim utterd it? What about the conquistadores 500 years ago, the serbs with Milosevic a dacade ago or Ireland today? "Oh, but those are not 'real' christians!" you say? So are there different kinds? Don't you fscking think there are different kinds of muslims? Ever been to a muslim country? (Yes, I've been to two, north and west Africa). Ever actually _met_ one? Gone to his home? I had a swedish girlfriend who was extremely xenophobic before we met, through me she met two muslim families and she told me that she had never seen anyone treat their wifes better that these two guys. All of her nazi friends "treated their cars better than their girlfriends" while talking shit of the muslim women oppressors. Btw, these families were well educate and prompted their sons and _daughters_ to get educated as well, so you can stick your "removing of educational opportunities" argument pretty high up too.
About France, you're so totaly wrong I don't know where to begin. What do you know of france? Except that thats where freedom fries, formerly known as french fries come from? (They're not even french). Do you know why there are som many north africans there? Well, it _might_ have to do with the french colonialism!? Ever heard of the harkis? They did a _lot_ for France, but the french government betrayed them when retiering from Algeria. The french officers had been given orders not let harkis retreat/immigrate to France although they before the Algerian independance had french sitizenship and they had fought against the independence movement. Thanks to some righteous french officers a great deal of them were able to flee to France. But there they were put in camps for _decades_ and treated like illegal imigrants. Early this year the french government finaly gave some recognition of what they did for france. If you have been treated like shit for decades, have low chances fo geting a decent job, the government has given up on you and your neighborhood and have nothing to lose - what do you do? What did the americans do in the independence war? Kill their own christian brothers of course! In the name of freedom!
You are concentrating on the images you see everyday on you brainwash box. Evil dark men all around you trying to kill you, take your belongings and you women. I am one of those, the other day a woman wouldn't let me into a clinique where I was going to do some support on a computer powered eye microscope. A longhaired latino? No fucking way! I told her I could call the people inside to come and get me she still wouldn't believe me. They happend to show up by chance and since they were swedes suddendly it was ok. She _almost_ apologised, but i had work to do so I left her there. Wtf can I do? I hope she learens from that experience, but chances are slim to none. Think of how big the muslim world is. Think of how big the christian world is. Media chooses to concentrate on the bad news and that is all you'll see. Or maybe you just have an agenda you want to push here? Go back to play Castle Wolfenstein and build WWII Luftwaffe models, I don't have more time for this..
$HOME is where the
-- silver_p
Not to sound paranoid, but...
I think the point is that they might very well be able to crack it in 90 days. We have no idea what kind of computer setups government intelligence agencies have. What we do know is that there are already computers out there publically that make a fast enterprise-class machine with many processors look puny, and that governments have big budgets, and quite a bit more interest in the hardware for this sort of thing. We also know that taxes keep rising here in the UK, while visible government services get worse.
Besides the immense CPU time governments may have, when you get to that kind of scale of computing power, the normal cracking rules and delays don't apply, because you have new techniques available, like using multi-terabyte pre-computed databases of passwords for a rainbow-style attack.
There is also the question of how many "gifted" individuals they have employed, who may not be functional enough to come up in normal academic circles, but could very well be catered for by government.
On a more everyday note, AES128 is great and all, but it won't make a damned bit of difference if there is a single hole in Apple's implementation, that lets someone bypass the encryption completely. Flaws in encryption systems come up all the time, even when the encryption algorithm itself isn't known to be flawed. And often, the algorithms are flawed.
Again, I don't want to sound paranoid here. BUT, the only way you can be sure you won't get in trouble is to not do anything you'll get in trouble for, or at least, not get caught. You can encrypt stuff, and even wipe your systems when you shut down etc. You can have smartcards with encryption keys that never leave your person. But at some point you have to log in. Will you get time to wipe that machine's memory and powerdown cleanly if a squad of policemen break the door down? I think not. And even if you do, they'll encourage you very strongly to give them access anyway, I'll bet.
Of course, the other alternative is to just actually be the government's enemy, and not care about your data being found out, because you're so pissed off with them. I think there'll never be a solution to someone who is determined to die for a cause, except to understand why they want to die for that cause, and to slowly help them to re-integrate into society on their terms as much as ours -- maybe more. Meanwhile, us average joes get to worry about our privacy when we really have nothing to feel guilty about.
Did we forget about this article featured on /. some time ago? (it even deals with data forensics in the UK) where they explain that the police have no clue how to get data from pc's or disks and less then 1% of them are trained to do this kind of work.
if you are in such a situation it is logical you need as much time as possible to recover encrypted data from suspects. mind you, this doesn't mean i agree with the 90 days proposal or anything, it is just one of the possible reasons.
On a long enough timeline, the survival rate for everyone drops to zero.
Hahaha. "[T]he west has liberal attitudes towards sex". Are you nuts? Or wait, you still think in the west we all have the same opinions. So since youre posing christians vs muslims - whose cristians views are we talking about, the pope? Get a clue...
Economical benefits of living in the west? Are you implying all imigrants are filthy rich? You couldn't be farther from the truth! People leave their countries mainly because of conflicts and poverty. Most of them live on carapppy jobs, but _live_ which is their main goal.
"[T]he culture that has produced these great standards of living." It has nothing to do with uclture, well paritally, if you consider brutal colonialism a culture. The classical colonialist past and the modern colonialism (with no "real" colonies) are strongest reason for the west thriving. There is always a balance, and although you may wish it, just good moral standards are not enough to produce averything we are consuming - we are getting it cheaply by using cheap sweatshops in other countries.
"[R]ather than picking and choosing which bits [you] like" now I comand you to start listening to Brittney, watch 2 hous of sports per day, preferably NasCar and boxing, eat freedom fires at McDonalds twice a day, go out gaybashing and stop reading books! OTOH, you proabably are allready doing all of that, nevermind.
Cheers...
$HOME is where the
-- silver_p
we're talking about terrorism here. according to the USA PATRIOT ACT, you can be detained secretly without any legal counsel or any other rights for an indefinite period at an undisclosed facility which may or may not be located in the U.S. where you may or may not be "coerced" into divulging information.
so, to answer your question about whether or not you can sue them if they keep you for more than 90 days on suspected terrorism charges, the answer is a big HELL NO.
This sounded like one of those "fishing" measures beloved of the UK police whereby they gain a power so vague they can use it to pursue just about anything. Granny not paid her TV licence? Ooh, there might be compromising evidence on a PC in her house.
The notion that terrorists stroll around with all their details encrypted on a laptop PC is completely false anyway. A good terrorist cell would have been trained ruthlessly to avoid such an obvious compromise and organized so that it had no information to retain or pass on anway. What they need to know would be a few fleeting instructions on a job by job basis. The most successful terrorist outfit of modern times, the Irish Republic Army, did not become viciously successful by using computers, FFS. Computers weren't even around for most of its active history. And such evidence as there is suggests that many terrorist operations have been coordinated on the basis of using throw-away mobile phones on a one-off basis.
Las qué passoun
tournoun pas maï
i would copy the harddisk for example with dd(1) and then i have all the time i need :)
Didn't think so.
In the UK we already have the RIPA act which makes it a criminal offense to not turn over your encryption keys if requested to do so by the police. The justification that the police need time to crack encryption is a crock of shit - they can already detain someone if they come across encrypted information that they are not given access to. Tony Blair actually got exactly what they were after - the "compromise" position where detention without trial was raised to 28 days. Basically we're happily following America's lead down the path to a police state. You can see how scared the authorities are about losing control of the population just by looking at the reaction to Hurricane Katrina. Who was the first on the scene and why?
They use the encryption argument to get the law passed, but is there any provision in the law that they have to let you go earlier if your hard drive is unencrypted? Once they're legally allowed to hold someone for 90 days, they will find many reasons to do it.
The article last week was indeed about the same thing. But if you care to actually read this article, it's different - it's a question, to ask.slashdot.org, asking slashdotters how credible they believe last week's story is. Granted, the last article had a fair few comments in the same thought-threads, but this is a follow-up to last week's article rather than a duplicate.
Browsing with +2 to insightful posts and a higher threshold makes the average post seen seem a lot more ingenious
What data? You aren't offering any data; you're just spewing xenophobic garbage. You say historically multicultural societies don't work - what is your definition of such societies? What is the United States? If it is being "invaded" by Mexicans and Hatians, who is being invaded? Native Americans? The descendants of French and British immigrants from the 1600s? The descendants of Irish and Eastern European immigrants of the 1900s? The descendants of "Californios" of the 1800s? The US has its problems no doubt, but I'll take the cultural diversity here over a chauvinistic monoculture any day of the week, even a snooty one with a rich artistic and literary tradition like France.
The other thing wrong with what you're saying is that there is no turning back -- for better or worse, the European countries are not monocultures any more, and they have not been for at least a half century now. Short of a full-scale Fascist revival, how do you expect these countries to return to monoculture? One of the inevitable consequences of increasing globalization of the economy is increased cultural interaction, both in the western countries and in the "third world." Folks need to stop fantasizing about purifying their cultures and deal with the realities. We need to find a way to live together, period.
Seriously folks. Anyone who thinks suicide bombers are motivated because they "hate freedom" is a moron. They don't particularly *like* freedom, at least freedom as it is understood in the West, but that is not the reason these people think they're at war with us. They fight us because they think we are fighting them, period. If the US worked to try to change that perception, we would see a lot of al Qaeda's supporters find other things to do. Don't get me wrong, there will always be hardcore jihadists who will have to be destroyed, but they will be an ostracized fringe minority at best.
Everyone seems to be accepting the government's explanation of the motives for wanting 90 days. Seems to me that encryption is simply a convenient cover story - technical enough that 99% of voters won't presume to question it (or even think about it).
My take is that breaking (brainwashing, if you will) someone is a lot easier in 90 days than in 14, especially if you want to avoid any techniques that look too much like torture. Some of us might be able to resist two weeks of all-night questioning, sleep deprivation, and general abuse - but not three months. By then you wouldn't remember who you were, or which way was up. You could even be temporarily exported to Algeria, Egypt, Syria, or some other country that specializes in robust interrogation, and brought back (what was left of you) in time to be charged.
I am sure that there are many other solipsists out there.
if i was an international terrorist I would make use of Sony's helpful rootkit. i just buy one of the decadent western cds from sony, play it on my machine then rename planToBlowUpBlair.doc to $sys$planToBlowUpBlair.doc...
From the crock of Sh*t department..... the definitive answer is .....
x*42
where x = How long is a piece of string?
I think I'm in the Matrix, I just had a Deja Vu. I first saw this story last week, and then this one just like it. Operator, I want new stories...
just rename them $sys$something.txt? Sony will do the rest. ;)
Strange women lying in ponds distributing swords is no basis for a system of government.
admin/admin
Correct me if i'm wrong, but, doesn't GCHQ work for Her Majesty's Government? As an organisation with access to tens of billions of dollars worth of the biggest iron, the most advanced research and development programs, as well as having some of the most gifted mathematicians and cryptographers on earth, as well as their partners in the National Security Agency in the US and the Defence Signals in Australia... I think they can do 90 days. I think they could probably do 5 days. Tops.
No, I think the 90 days is to follow up on human intel matters... that's what takes the time.
I think the discussion about and measures against terrorism are quite out of proportion. Of course we should protect ourselves against attacks, but we must find a middle ground and not go totally overboard.
According to National Statistics (the UK statistics bureau), the rate of road deaths in UK is 6.1 per 100,000 inhabitants (http://www.statistics.gov.uk/STATBASE/ssdataset.a sp?vlnk=7254), which is equivalent to more than 3,500 a year ... every year!
The equivalent rate for Sweden is ... 1.1 per 100,000 inhabitants! If UK, by working really hard on road safety, could achieve similar numbers, it would reduce the amount of road deaths to less than 700 a year. Or a reduction of almost 3,000 a year! How about that?
Add to that the number of homicides (more than 700 a year in the period from 1998 to 2000), and our fear of terrorism seems rather out of proportion, doesn't it?
Cripes! What would 'they' do if they came across a PGP encrypted drived (encrypted with a 4096 bit key)? I've looked at PGP encrypted stuff with a hexeditor and a spectral analysis tool - looks like noise!
God, she was a complete arse. We're better off without her.
See: http://www.truecrypt.org/hiddenvolume.php
You can have a hidden encrypted disk inside another one. If pressed for the password, you simply give the password to the first volume, in which you've placed personal, but innocuous files (your budget, your tax returns, etc).
The second, hidden volume contains whatever you really want to protect, but there is no way to know whether or not a hidden volume exists within an encrypted volume.
People need to stop letting the governments erode all of our personal freedoms in the name of security; most of these new laws do nothing for real security.
We are just going back home. If you thought your ancestors could steal half of our country without any long term historic repercussions then you are deluded.
IANAL but write like a drunk one.
Will you get time to wipe that machine's memory and powerdown cleanly if a squad of policemen break the door down?
Um... RAM is volitile. I think I can tap the powerbutton on the surgestrip with my foot, yes...
In short:
- people don't have to bee poor, and there is don't have to put up with being taken advantage off because "that's just the way it is". If you're from the US and not a native indian, your ancestors were immigrants fleeing from opression and poverty and brought their culture with them.
- the corrupted governments are mostly supported by different rich states for different reasosns. Think why US left Saddam in power last time - regional stability, Think overthrown socially aware govmnts in South America / Africa
- Kurds, I know a few thank you very much, and their history, still they've been culturaly opressed in the way you were proposing
- China is a communist country, - great example!
- If I invite poeple to my house I expect them to behave, and they expect me not to rape them.
- Stop clicking the Post Cowardly option...
$HOME is where the
-- silver_p
I don't know in which country (or planet) you live.
In the UK immigrants trying to integrate suffer pigeonholing, discrimination and intimidation.
I moved to a mostly White, middle class area, and are often intimidated by White youngsters for no motive. This is quite scary, when I walk in other parts of town where I belnd better (I could pass for Indian or Pakistani) I have no problem. If I was Asian I would know exactly where I would like to live.
Then if one non White person moves into a "white" area, state agents immediately consider that a minus point in regards to the value of the houses in the neghborhood, as a consequence White people stop buying in the area. Rinse and repeat until you only have immigrants.
Also it has been a policy of the goverment to provide housing to people around known "ethnic enclaves" thus perpetuating the problem.
So I would be more careful in claiming that Muslims don;t want to integrate, heck in Germany you could not be German, even if born there, until very recently due to th "blood" laws that determined nationality. The millions of Turkish people that moved to Germany as guest workers were never granted German nationality for that reason.
If you want to look at the reasons for immigrants disinfdrachsiment you have to make an introspective analysis, the problem is in big meausre created by the indigenous population and the local goverments.
IANAL but write like a drunk one.
No, you cannot decrypt a hard disk in 90 days (assuming the use of strong encryption). If you find you're using Rijndael or Serepent, you're good. However, in the period of 90 days, you're more likely to experience a psychological break due to duress (like torture). Most people could handle 14 days, but not 90. Once you break, you'll be more than happy to hand over your keys.
To clarify the difference of 14 and 90 days in detainment, consider the following. Those detaining have had a couple periods on which to deprive the detainee of food and water to the point of going critical without actually killing you. Once someone become dependent on their captors for essentials like food and water, they become loyal. They have also had the opportunity to deprive the person of sleep for a solid 12 or more days, which can drive most people close to the point of insanity. Also, the textbook technique for "breaking" someone where captors inflict physical pain then "rescue" the person from it requires several iterations. 14 days just simply is not enough to accomplish these things. 90 would suffice.
And let me also point out that this is how the United States government operates these days. It would be reasonable to assume some of our closest allies are engaged in similar activities with "terror suspects".
Join Tor today!
Create a small second partition on your hdd, say 30mb. write a script to generate interesting sounding documents "RT29831098.DOC" etc. populate the files with totally random data. write a small text file on your "main" partition "keygen.txt", fill it with sequential dates and random 20 digit strings. It will look like a one time cipher pad. hide your 2nd partition. Now you have something to giggle about while you spend 90 days in jail.
The only PT Boat Journal on the web: http://www.PT171.org
Even if you know the exact decrypted form of the data from sector 1 (which in a typical algorithm is the least secure block), you are still looking at more energy than is in this corner of the galaxy to get the key. Encryption is designed so that knowing the plain text and the encrypted text gives you know clue of the key.
That is why the RC5 challenges tell you right out the first part of each encrypted sequence is "The secret message is:" (Or some tiny variation of the above).
We here at Scotland Yard believe those extra-large JPEG pictures on your electronic device contains a large stegano-graphic'ly encrypted file, using a method we haven't run across before. We're going to hold you all until you give up the keys or we manage to decrypt it.
---
How ridiculous and utterly sad that 'democracy' has sunk to this level. Worse than 1950's McCarthyism even.
anyone with a bit of knowledge of cryptography knows that it would take until long after France becomes a world superpower to crack encryption with a decent key length using a properly secure algorithm.
And anyone with a bit of common sense knows that any self-respecting terrorist is going to do just that.
So why then tell us that 90 days is wanted to crack decryption? It plainly isn't, it's wanted for something else and if mr Bliar doesn't want to tell us what he really wants it for it's safe to assume that it's something that no sane person would want him to have.
There's a worrying trend of giving a totally phony reason to push something through, rather than a pathetic one.
Unfortunately, Mr Bliar knows that a large part of the populace watched '24' with their 'proprietary algorithm' which gets them through mathematically secure encryption in a matter of seconds and so will believe that nasty terrorists use bigger keys which mean that it could take DAYS to break the encryption - it makes you wonder if the "80% of the population support us" statistic that they were trotting out on the news yesterday might actually be right.
FGD 135
No, its a secret key...
Tony Blair: Fezzik, jog his memory.
Fezzik *bonk*
lorcha: *passes out*
Fezzik I think I jogged him a bit too hard.
I'm a good cook. I'm a fantastic eater. - Steven Brust
If you suspect them of being a terrorist, and they appear nervous (and especially if they are sweating), simply shoot them in the head quickly and often. no, wait... they already do that ;)
Oh, that's right. Maybe because it's not allowed to tear a suspect's arms off.
"Avoid employing unlucky people - throw half of the pile of CVs in the bin without reading them." -- David Brent
Is that 28 days later the entire UK will be engulfed in a "rage" virus, and zombies will roam the country freely. Meanwhile the terrorist detained in jail has no idea what is going on because of his detainment.
Hmm... I smell a sequel.
There's a better way to prevent brute force attacks, use something like SafeGuard Easy, a full disk encryption product (I use their product and do NOT work with the company, as an FYI), which has PBA (Pre-Boot Authentication) which can require either a smart card, a token, or a username/password immediately before the OS boots... throw AES-256 at it, and it'll be a long time (a very long time) before most could get at the data... of course, if the govt waits for you to boot up then hack at you from across the network, well, you'd better have some firewall & spyware & packet tracer software, and a good bit of time to watch the data streams ... but, as long as you don't power up, you are safe! Haha!
www.TakeArms.com
Not here, but a little "extraordinary rendition" later anyone accused of being a terrorist can be, and are, tortured to death with impunity. Like this.
Why has parent been modded a troll? Is there anything factually incorrect in it?
Sort of. Here in Australia, where the police system is generally similar to the UK's, confidence in the force is reasonably high, given the usual limitations.
What tends to escape notice, however, is that all the legal provisions enacted ostensibly against terrorist activities appear to have deleterious implications with regard to the rights of normal citizens.
The recent wave of (preemptive, i.e. no crime actually committed) arrests here may have inspired some to breathe a sigh of relief, but given how our present government (and particularly its leader, John Howard) dislikes dissent, it seems to me that it is a small matter to use the new legislation to round up a few prominently outspoken Muslims at the outset, then go on to use the same laws for their real purpose, which is to silence anyone who is critical of the government.
Maybe hand the hard drive to CSI Miami lab rats... (beep, click, flash) here you go Heratio we recovered the hard drive (cut to commerical break)
-- I Dont Deserve A Sig I Have Bad Karma
You are confusing the UK with the US. It's understandable because... well, really it's not understandable. You are simply wrong. Thanks for playing, though.
"Avoid employing unlucky people - throw half of the pile of CVs in the bin without reading them." -- David Brent
You might want to look up things like "State of Emergency" "Emergency Powers", and "Executive Order".
AFAIK, we've got over a dozen concurrent "State[s] of Emergency", going, in the USA, at this time -- some of them dating back to Roosevelt, back in the '30s.
My generation [and my mother's, and newer generations], in the US, have lived their entire lives in an officially declared "State of Emergency"... the US Constitution hasn't really been much more than a historical curiosity, during our lifetimes.
-disaffected_gen_X-er
They don't have to crack the hard drive in 90 days.
They just have to crack YOU in 90 days.
Can we get a "-1 Wrong" moderation option?
>They don't need to do that. Over here, refusing to reveal an encryption key when required by the Police is an offence in itself.
I doubt they try to open it the regular way. If you want to hide it from the man, wouldn't you make entering 123 in the passphrase a tiger that wipe all relevant data and put some predefined image with other content in it's place?
they *must* crack the data. it's not wise to run someone code on the data you're trying to put your hands on.
It's not at all the same as letting the police have open access toyour files all the time. It's not the same as mandated monitoring, even though you seek to make it seem so.
We are talking about someone being arrested by the police because they suspect them of something. There has to be some grounds at least for that. What I am saying is that person, if falsely accused, has a tool to help them get out quicker. Because it's not going to be used all the time it's far different than the police state you make it out to be.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
In the Netherlands the police arrested several people of the so-called Hofstad-group. Some of the data that they gathered from them is by looking through the emails they sent to each-other and other potential suspects. The police arrest the whole bunch and after 7, 8 weeks the question arises: where are the mentioned emails? Ooh, probably still on the server. Of Microsoft. Free Hotmail. Now, Microsoft erases all mails and locks your account after 1 month of not using it. They'll be released again shortly, I assume.
Another thing: turns out that all the suspects at one time in their life have been asked by the Dutch National Security Agency to work for them. Remember the Shoebomber? Released by a Dutch judge: possession of explosives does not imply detonating it in an airplane. Guess where he was caught, explosives and all...
No this is not funny.
All those moments will be lost in time, like tears in rain. Time to die.
People like you like to think that any poossible means for anyone in authority to look at anything mean we are living in a police state. Yet you denigrate those that have had to live in them.
Do you understand at all the difference between a government where a low-level employee of said State can do anything they like to you just because they are in the state, and one where suspected people might be approched to volunteer information because they are acting oddly? If you say the two are equal then you simply have no understanding of what real persecution is like.
Are you honestly saying that the police have no rights at all to do anything about someone that is acting oddly but has not provided difinitive proof something is wrong? I guess weaving drivers on the road should just be let alone unless they are actually chucking beer cans out the window!
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Well... yes, and no. 90 days gives sufficient time for an dedicated attack that should break anything that will be breakable: the human-factors attacks.
- There'll be multiple encrypted files, particularly if they are encrypting their communications (guilty or not guilty). Each one would need 90 days.
Very few of even the most paranoid cypherpunks I know use multiple keys; I don't know any who use more than five. If you crack one file, you've probably figured out the key the suspect uses for at least 20% of the data.
- They'll not know the encryption algorithm in all cases, so would need to try every one. Each one would need 90 days.
Not necessarily. There would be a few leading suspects; generally starting with any crypto software with signs of ever being installed on the hard drive, along with a couple really widely used ones. (GPG/PGP, OS X's FileVault, a couple others). Unless you're dealing with the hacker equivalent of the Unibomber-- a lone genius working in isolation-- you're probably dealing with a widely shared algorithm. Furthermore, while many of the messages can't be decrypted, many standard encryption methods put enough metadata in to allow identifying the algorithm.
- There are HUNDREDS of encryption algorithms that use such large keys that you can't realistically expect to crack the password in 90 years, let alone 90 days.
True. But most people don't use raw keys; memorizing a pair of 600 hexit prime numbers is a bit of a challenge. Most people use a password. Clever ones use a passphrase. And 90 days gives you time for a seriousdictionary attack. Of course, 90 days isn't enough time for breaking the password of a professional paranoid; but the cops are looking for something the suspect could have memorized... which may limit the scope. In 90 days, a high-end single-CPU ought to be able to crack any 8 character password. A phrase dictionary could tie up a few more machines trying for something longer. A search of every piece of paper in the suspects entire apartment might also be fruitful... but I don't think either US or UK powers allow that without SOME other evidence.
And it's still possible to take one and write your own with an even longer key. (The details of which would be secret so they couldn't crack it in the first place anyway).
Actually, this might be what the police are hoping for. Most crypto systems developed by amateurs are "easily" broken by professionals. Of course, by "easily', I mean "in a month or so".
Myself, when I'm feeling paranoid, I use GPG from a bootable CD on a non-networked PC, a 4096 bit keypair with the private key stored on a USB flash drive I carry (two backup copies exist, located... er, hither and yonder), with the passphrase to access the private key being a simple number.
Of course, by "simple", I mean "a prime number 25 base-sixteen hexits long". I estimate a dedicated planet-wide effort might crack it in 100 years... most of which time should be devoted to developing a quantum computer for a direct assault on the RSA algorithm.
//Information does not want to be free; it wants to breed.
You have to translate the contents which is embedded in images - yeah that will take like 90 months...
After this defeat, I predict that some time in the near future, as luck would have it someone will be found to have encrypted child pr0n that coincidentally would take up to 90 days to break.
They will try to push it through again then, and mysteriously it will get through.
Because that's where you keep all the digital photos you took of your wife naked as well as mpegs of your bedroom fun?
Because you have $1,000,000,000 worth of illegal MP3s on here, and it's cheaper to just spend the 90 days in jail then get caught by the RIAA.
Because you're a stubborn jackass and don't think you should need to give away your privacy.
True! One simple method is to use a randomly generated key file, store a few backups where no one will find them, and keep the original on you at all times. (mini-CD) If the cops are on your tail, just break the copy you have with you.
"That's so plausible, I can't believe it!" - Leela
No. Actually, the police do not need *any* reason to arrest you as being "suspect" of something.
Yet oddly we have few instances of police randomly arresting every third person on the street. In reality police do need some reason to arrest you; There are usualyl multiple police involved and you have to generally be pretty unreasonable in some fashion before they will go to the trouble.
You are saying that the only reason an arrested person would refuse to let the police know the encryption key is because he's got something criminal to hide.
Not even slightly. Not even close to what I am saying. There could very well be other reasons (including as I noted the principal of maintaining privacy) that someone would rather sit in jail than let the police see content on a computer. I am just saying for MOST people turning over the key to the police is a practical solution to getting out of jail and so the longer term would not really apply to everyone. I know if I were in jail and the only thing between me and release was unlocking my computer for authorities, I would have no trouble doing so, nor in fact would just about anyone that didn't have anything crimimal on the computer.
What are examples of a "lot of stuff you might want to keep hidden", as I am hard pressed to think of much beyond embarassing emails and/or pictures. If you have confidential material you could agree to unlock said material as long as people doing monitoring agreed to sign NDA's or the like. It's not a black and white area.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
it's ten days (or less) to take the passcodes from the owner via "rubber hose cryptanalysis", and 80 days to wait for the bruises to heal, and appropriate alibis for the officers in charge to be invented.
-END TINFOIL HAT MODE -
Still, you're acting as if you find it fully acceptable that a person sits for a longer time (here up to 90 days !) in jail *only* for the reason that they refuse to give up their privacy.
First of all, I said 28 - but if the police have some reason to hold you because they worry you might inform someone else, then I think that's OK. The police are NEVER holding you just because you refuse to give up your privacy, they are holding you for some other reason that (to them) seems reasonable. It may be wrong but never forget they are also doing a job to improve public saftey. You are still thinking about the whole thing backwards - relinquishing your privacy is only a technique those who are wrongly accused can use to get untangled from the system earlier. Them holding you is not about your privacy whatsoever, as they WILL eventually crack the hard drive and read all the contents if they wish. It's just a question of the timeframe they are holding you while they do so.
As to your friend - I feel sorry for him but I don't consider that at all unacceptable. I have to carry papers for my car. I know the issue is because he's being profiled unfairly, but to some extent it is out of the ordinary and if you are going to be doing unusual things around police why is it such a burden to carry some proof what you're doing is OK?
I myself have been in the wrong place at the wrong time in the past and had to face some questioning as a result. Nothing to the extent your friend has endured of course (at least not as numerous). But I do think there is some give and take in allowing the police force to do a reasonably good job and there's nothing really that wrong with the police being attentive to things that are strange and looking into them.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
It appears to me that you are missing the point of the reason for holding someone for 90 days. It is not that it necessarily takes 90 days to decrypt the information that might or might not be on a suspects harddrive, hell with one of any widely available encryption schemes it might take years, even decades. The point is that since the police does not know what incriminating evidence might be locked away in the belly of the beast they need more time to round up other suspects, check for leads, and do whatever it is that the police does when they have imperfect information on a possible crime. And when they can't extract a nicely formatted contact list they can call, and a calender they can check it takes them longer to do this. I'm not passing judgement on whether or not this is fair, just stating facts.
You think it's acceptable that someone is riding on something $5000, and happens to be Vietnamese, is getting pulled into the police station because of his race? You think it's REASONABLE for a cop to "pull him over" because of that?
Well actually it depends on the city and time and place, but I give that a qualified yes. As I said the police are there party to look for wierd things and nvestigae them. Anyone riding an expensive bike will be looked at more sharply - I agree they are probably targeting him a bit unfairly, but then I have no idea how he dresses.
If I was in a porshe dressed really poorly I'd expect to be pulled over as well. And indeed I have been pulled over in simialr situations.
Yes, you do, that's for if you break the law in some other way, such as not stopping at a red light. You don't get pulled over because you "look poor" and are "driving an expensive car". Plus, since when was it unusual or suspicious for a person to ride a bike around?
Excuse me but I have been pulled over for something just like that. It's not suspicious for someone to ride a bike around, but especially if the kid is very young you just don't see someon eon an expensive bike every day.
As far as "unusual" goes, I don't exactly want to carry around papers saying it's okay for me to do something, regardless of what it looks like.
So you don't carry around a drivers licence ever? That's basically a documetn saying it's OK to raom around freely in the US and do all sorts of things. I'm not saying you have to, I'm saying that if you are doing things that would appear suspicious to authorities then it's probably a good idea to have some paperwork. That's simply common sense, and in fact a kindness to help out security people.
You are obviously overly afraid of police. They are just humans like you and me who have a more unpleasant than average job. Cut them some slack and they will give you some back. That's how the world works anyway, why should it change for interactions with police.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Outside of the Empire/Commonwealth, there was the Suez Canal intervention with France.
Overall, while the UK may not be as trigger happy as the US, they're not a good counter example.
Luke, help me take this mask off
I've also heard that Jack the Ripper can cut through, but I haven't tried it.
In which case, maybe it is deliberately misleading. Ie, "We need 90 days to crack encryption" sounds a lot more unavoidable than "we have such a high workload we can't get through looking at the contents of the disk before 90 days." Not to mention, the latter can also imply quite a bit of incompetence (ie, management hasn't scaled hiring/budget to the problem, or management isn't being effective, or they're all taking 2 hour lunches to watch soccer, etc.)
Or maybe they want to be able to punish people who aren't doing anything wrong, and who just happen to have encrypted hard drives.
"I assumed blithely that there were no elves out there in the darkness"
There is a MAJOR difference between Arabs coming into the country, and Mexicans or Hatians coming into the country.
Mexicans and Hatians all originate from a Judeo-Christian culture which is founded on the same ideas. They believe in our type of democracy, same ideas of religion (close enough anyway), and very similar ideas of how society should function.
Arabs or Muslims do NOT share these same basic ideas and cultural values and norms. Thus they cannot really assimilate or even function very well in a Judeo-Christian based society. One classic example of this is government. We do not feel that the church and state should be the same; they do! Many Arabs believe that the leader of the church should be the leader of the state which goes against everything we believe in the Western Civ.
Libertas in infinitum
Yes OF COURSE you can wander around without a drivers licence. But it makes a lot of things easier, or even possible (like for example getting on a plane). It also is a tool to make things simpler. If you are stopped driving a car you do not really have to have one with you, but is it not so your chances of being taken in to custody are reduced if you have one?
Again, it is a tool just as allowing some selected set of people to see personal documents is a tool of release from untoward holding times. And you've still not answered what EXACTLY is a kind of document that you would not want selected police to see, even if it meant months less of prison time, that is not illegal.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
What you're referring to are called `travelling papers'. And they're not required in the US, at least not yet. An ID does not say it's `OK to roam freely'. It says `I am Doug, and I am licensed to drive'. (And the bill of sale to your bike is not a `license to roam freely' either, even if it can help.)
Didn't say they were required, just that they were useful (and they are).
I didn't realize I was required to.
You aren't required to, but it's a useful tool to help me think you aren't simply dense and going off point because you have no argument.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Well you express a lot of discontent but no answers as to what is really reasonable. There are indeed people it's good to hold for a while even if you have no proof. There are indeed people that are good to stop even if they just look suspicious. As I noted I've been one of these people, and I personally found it annoying but I understand that sometimes mistakes are made. I just prefer to err on the side of caution.
The timeframe for Crypto is not only brute force, it's looking around for evidence of keys or other things that can be used to break cryptograhpy. Really brute force is last resort unless someone was using something week. Basically, time to investigate.
Perhaps someday if you have a car or something else of value you will see the wisdom in being a little over cautious, even if it does mean sometimes really young kids with expensive toys get questioned more often than a 60 year old. Would you honestly say that something is wrong with questioning a 16-year old in a porchse over a 60 year old? Why is any hint of profiling suddenly met with crys of fear? I was a kid, I was profiled because I was poor and I say that was probably a good idea.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Yes, but there are also people who "look suspicious" yet are perfectly innocent. "stopping" one of those is very bad
Well there's the heart of the matter. I really don't see why it's at all bad. Are humans so fragile they cannot take a few questions? I wasn't. I lived and shrugged it off, and realized it was nothing like a police state. You as a European should be ashamed of yourself reducing occasional questioning to the equivilent of a "Police State" when the real deal goes so very far beyond that.
You think it's the end of civilization but you can afford to be lax - you're Norwegian in a very homogenous environment. You simply cannot understand how in one part of the country like the US something might look odd that in another part would not get even a second glance. I can assure you that people in LA are stopped all the time for things that police in a place like Wyoming or Iowa (large vast also homogenous spaces) would not even think twice about pulling someone over for, much less even paying attention to.
It's called understanding your environment. For a security profession to be more suspicious in a place where there is more crime - that in my mind is a pretty good idea. People that cannot take occasional questioning can just move to somewhere where the questioning is a lot more unlikely.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
You "really don't see" why it's all bad for an *innocent* person to be imprisoned for 28 days on the whim of any random police-officer ?
No. It sucks but it happens. If it happened because it was bd judgement there will be hell to pay for the people who did it, so it's not likley to be done often.
I should be "ashamed of myself" for defending essential freedoms ?
No, for you reading comprehension sklls and for prententing that an occasional act of detention my authorities with a great deal of oversight is equal to Eastern Germany at the height of communism! Good God man, are you really claiming they are equal? If not please define "Police State".
Those who would give up Essential Liberty to purchase a little Temporary Safety, deserve neither Liberty nor Safety.
That you would bring up thay quote is as obvious as the sun rising tomorrow. What you fail to see is that I am not giving up Essential Liberty but in the real world we live in you must sometimes detail people who are questionable. Of course living in isolated Norway you really can't understand why that should be so, but it is.
If a man tells you he is going to shoot someone tomorrow, would you say he should be held? Or is your view of "Essential Liberty" that he be "at liberty" to do so? You must seperate the true nature of "Essential Liberty" from your fixation of imaginary abuses by authority.
By the way, you are stupid to assume that anyone with a ".no" adress is a "Norwegian in a very homogenous environment", for all you know I could be living in the Bronx.
Gee, I'm sorry, you just said you were in Norway in a previous post. I'm sorry I didn't assume you were misleading me; I'll read your future comments with this possibility in mind.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Since you like JSM, you might enjoy these other quotes to help put the over-used and poorly understood Liberty quote in context:
Everyone who receives the protection of society owes a return for the benefit.
Such as the occasional aid to authorities, and
The only purpose for which power can be rightfully exercised over any member of a civilized community, against his will, is to prevent harm to others. His own good, either physical or moral, is not sufficient warrant.
Note that JSM does nto say there is NEVER a case where power can be rightfully excersized over another aagainst his will. There are times when, for the protection of others, it is reasonable to do so - as in the example I gave.
Lastly something for everyone to mull over in times where abondoning other nations in need is under consideration:
War is an ugly thing, but not the ugliest of things. The decayed and degraded state of moral and patriotic feeling which thinks that nothing is worth war is much worse. The person who has nothing for which he is willing to fight, nothing which is more important than his own personal safety, is a miserable creature and has no chance of being free unless made and kept so by the exertions of better men than himself.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Insightful (thanks for the reminder, temojen!)
Wikileaks, no DNS