Slashdot Mirror
The Failing Right of Laptop Privacy
davidwr writes "Wired has an interesting editorial on laptop searches and seizures. It raises some interesting issues, including employee rights against police searches in the workplace, routine vs. non-routine searches at ports of entry, and police use of unrelated data found in a database search. The article ends saying: 'Of course, there's a chance that the courts will not recognize the different scope of privacy interests at stake in computer searches, or will not be adept at crafting a rule that gives enough leeway and guidance to law enforcement, while also protecting privacy. At that point, the Constitution may fail us, and we will have to turn to Congress to create rules that are better adapted for the information age.'"
Many countries, such as Britain, criminalize witholding encryption keys from law enforcement to the extent that unless you are actually a terrorist with detailed and executable plans of action labeled 'evil plot' stupidly stored on your laptop, you are probably better off (in the criminal liability sense) just giving it to them. Sadly, I don't think that the US is far behind on this one, either.
All the techniques ever used to make men moral have been themselves thoroughly immoral... (Nietzsche)
Uh, but it does, and plainly so. Not only is a laptop part of a person's "effects" as protected explicitly in the fourth amendment, but the contents of a laptop are ones papers. The search of papers inside of a laptop is thus the same as the search of papers inside of an envelope. The transmission of a paper via email is no different than the transmission of a paper via postal mail. The constitution plainly and clearly provides protection for this, and it is simply a question of whether the courts will acknowledge this now, or come to their senses later. It is not exactly a matter of interpretation when the language is that clear.
He references a Court Decision in regards to an employee's expectation of privacy on the employers computer in which the court determined that the hardware was owned by the employer and provided for the employees use to the employers benefit. That's right the company owned the computer and the employee used it to fulfill their day2day job duties. During an internal investigation of either a harasment or other issue, they discovered the emoployee had downloaded and saved porn on their computer and fired them.
Idiot sued (damn lawyers) and the courts ruled that the employee had no expectation of privacy on the computer becuase it was provided by the company for the companies benefit, not theirs.
Now where the article is flat wrong is the statement that the police could then just walk in and begin searching a companies computers without a warrant. BUZZ Flat wrong as the computers belong to the company and it has just as much protection under the search&seizure rules as you and me. Simply put, for the police to search a companies computers, they damn well better have a warrant or you'll have every corporation telling the Cheif and Judge you idiots, you're out of office because we can't trust you to protect us as you're supposed to. That's right the political fallout would kill any officers carreer and a judge that allowed any of that information to be admitted into a courtroom would be out the door and disbarred for the same reason.
1) password strength is important (and used only 1 thing)
2) If they can HEAR you type it, they can guess it
3) They can install a keyloggers of many kinds
4) ENCRYPT YOUR SWAP FILE-- don't assume that memory is locked
5) Encrypted swap implementation has to properly handle the keys
6) You must be in control of the information, 3rd parties can give into probable cause
7) Using a rare filesystem has gotten people off in some cases
8) Beware of wireless keyboards
9) Some forms of security without government back doors may become a crime in the future. (I watched CSPAN in the late 90s it came up more than you think.)
10) Obstruction charges for not unlocking it for them will become common.
11) Flash RAM can't be securely wiped from what I've read
12) RAM leaves traces. The longer data stays the more "burned" in the traces are for that data.
13) Nobody is thinking about planting "evidence." Fine encrypt your drive, I can plant jpegs on a different mount point, browser cache, the company servers.
14) Nobody things about identity security when they are reasonably anonymous. User cje posted a bunch of "evidence" online from the library trying to hide his tracks...
15) IT guy can use access to do just about anything. Its probably been done but nobody caught them so it didn't make the news.
Feeling any safer?
Democracy Now! - uncensored, anti-establishment news
TrueCrypt allows for hidden volumes (i.e. encrypted areas within encrypted areas) and it's a windows program. They claim it's not possible to detect the hidden volumes, but I have to take their word for it.
The article's author's presumptions are flawed, and the posters here (at least so far) are absolutely correct. There has never been a presumption of privacy in the workplace, and there has always been an exception for warrantless search and siezure at borders. That's been well known and upheld in the courts for years. So you decided to put your personal data on a company asset for which you know that no presumption of privacy exists, and that's the courts fault? Eh? How does that work, Jennifer? I find this article whiney and annoying.
Here's another question: We can assume that you feel your employer is OK with your personal data being stored on their laptop. How sure are you about that? So sure that if, say, one day you are accused (OK let's say wrongly) of theft from your company, they won't seize your laptop instantly? Sure, it'll never happen to you.
But for everyone else who works for a less perfect employer: BEWARE! Your employer can someday take their laptop back from you, without your permission, and keep all of your data (without even giving you access to it). You will lose all your data.
-- "In order to have power, I must be taken seriously." -Mojo Jojo
If you are referring to this, he hasn't been sentenced yet:
I don't care why you're posting AC
Why is José Padilla been in jail for 4 years being tortured, when his case is still pre-trail? ..because the 6th (and 8th) Amendment, are meaningless.
He's admitted to blowing up a civilian airplane and is a fugitive from Venezuela.
That's not Jose Padilla, Padilla was the so called dirty bommber arrested at Chicago's OHara airport. The one you're think of that blew up that airplane, Cubana Flight 455 is Luis Posada Carriles, a Cuban living in Miami as a free man. Venezuela has repeatedly asked the US for his extradiction but the US refuses to hand him over.
FalconShould there be a Law?
Barring some unforseen weakness in AES, this is now data that nobody but me will ever see (unless I do something silly like forget to unmount it).
At home, the alarm drops power to the UPS which initiates a shutdown. Unexpected visitors while I am away auto lock sensitive data if I forget.
The truth shall set you free!