Slashdot Mirror
First Use of RIPA to Demand Encryption Keys
kylehase writes "The Regulation of Investigatory Powers Act (RIPA) is being used for the first time to force an animal activist to reveal encryption keys for encrypted files she claims to have no knowledge of. According to the article, she could face up to two years if she doesn't comply."
The Regulation of Investigatory Powers Act (RIPA) is being used for the first time to force an animal activist to reveal encryption keys for encrypted files she claims to have no knowledge of.
That's why you use an encrypted file system with a duress key. In the event of coercion, you give them a key that *oops* results in the destruction of the data.
The theory of relativity doesn't work right in Arkansas.
so is this a new era for 'i want your key because [its got your data behind it] i believe you have stolen my data' lawsuits?
Local music(to upstate NY). http://gnarfel.com/ radio.
Acquire virus.
Virus encrypts hard drive with unknown key.
Virus forwards CP to authorities.
Authorities bust you for having CP, for not revealing those encrypted files, AND for probably having more CP. Most likely will be averaged..say..15k is a picture..you have 200GB. The media will say that you were arrested with 100k+ pieces of child pornography.
Five years later, turns out that it really was a virus. Sorry about that..here's your freedom again.
Job? I don't have time to get a job! Who will sit around and bitch about being broke and unemployed then?
The biggest problem I see with these kinds of "give it up or else" laws is how do you account for the situations when someone genuinely doesn't know the information you are seeking? Should someones ignorance be a jailable offense?
Are you telling me, that I could output /dev/random to a file, place it on my friends hard drive, say it contains valuable information pertaining to a case and he could go to jail or be fined for not revealing the password/key?
This gives me an idea!
Either way, if you need to you can get around this with TrueCrypt by taking some precautions such as:
1) Not naming it with the default extension (.tc)
2) Put it somewhere inconspicuous and name it appropriately
3) Making sure that it's a hidden encrypted volume
4) Open it through TrueCrypt and don't save the history, or passwords, or as automount, or similar
Shit, that was a typo, I meant to type FIRST POST!!!
This is my footer. There are many like it, but this one is mine.
how can you be put in jail for not knowing something?
Put her in a lead vest and throw her into the sea. If she drowns, it means she didn't have the keys, but if she swims, she's a wicked witch and deserves to be punished.
Do it yourself, because no one else will do it yourself. [beta blockade 10-17 Feb]
That's what TrueCrypt is great for - plausible deniability.
http://www.truecrypt.org/docs/?s=plausible-deniability
How many times have I created an account so I could download something or other. Can I remember what my user name for those accounts is? Can I remember what my password is? No bleeping way.
...
If there's some password for some WordPerfect file I created in 1997, I'm sorry but I couldn't remember it if I tried really hard. I guess that in GB, that would send me to jail for a couple of years.
My gut reaction to this law is really really rude and I won't slime you with it. If I call the authorities facist pigs, you can fill in the blanks.
My ancestors gave their lives to protect me from what my political masters are doing to me now. Let's just say that I deeply resent it.
I often find that the captcha is strangely appropriate for my posts. In this case it is 'queasy'
Man will never be free until the last king is strangled with the entrails of the last priest. --Denis Diderot
1) Generate a file with whatever you like in it (anything believable and non-incriminating). Make sure the file's lenght matches the encrypted file.
2) Reverse-engineer a one-time pad using this file and the encrypted file.
3) Supply the one-time pad to authorities with instructions on how to use it.
Ta dah!
Detective: I just found the key on her hard drive!
Sherrif: Excellent work Smith, send it over to me so I can unlock this file.
opening...mysecretkey.pem
Contents:
------BEGIN PRIVATE KEY------
HAHA! Tricked you, you fat donut stuffing pig.
You actually think you're getting my data if I don't fucking want you to?!
------END PRIVATE KEY------
Detective: Um...sir, I think I may have accidentally deleted the key.
1) IANAL.
2) I am not familiar with the details of this case.
That said, I believe that there *is* a time and place where this sort of activity counts as reasonable search & seizure. Say the cops get a warrant to search your house, and you have a safe, and you say, "gee, officer, I have *no* idea how that safe got mounted behind that picture," nobody will believe you and you'll get subpoena'd for the combo. Encryption keys shouldn't be treated any differently from a combination to a safe. If there's a reasonable suspicion for evidence to be hidden somewhere, the cops have a duty to search it.
Can't a court order someone to provide a physical key as part of a subpoena or a warrant? Why does law treat encryption keys differently?
A Better solution is plausible deniability.
One password gives your uber-secret-plans-for-world-conquest, the other password gives a few hundred meg of soft porn (or whatever).
That way, you appear to not be resisting their demands.
There are shills on slashdot. Apparently, I'm one of them.
This is double-plus good!
Why don't they just sign the "We'll Do Whatever The Fuck We Want Anytime We Want Act" and just get it over with already?
~S
Seriously, does any one in the United Kingdom want to have a law on the books which would have a European Country admit that its citizens do not have the same basic freedoms as George Bush's United States of America.
In the United States, you could never be compelled to turn over an encryption key as that is a violation of the 5th amendment, and probably the 4th, for that matter.
I think she should apply for asylum in the USA?
This is my sig.
So a law intended for terrorists is being used against animal rights activists, wow.
It is like a modern day version of
http://www.youtube.com/watch?v=_bs515rZOdk
Selling software wont make you money, selling a service will.
He points out that this isn't in the USA but in the UK.
Quick Mod him down as a troll before someone figures out this isn't the work of The Jew Puppet George Bu$Hitler Chimpy McHaliburtin.
But I bet his poodle bitch passed this at The Jew Puppet George Bu$Hitler Chimpy McHaliburtin's orders.
What if you were legally responsible for making sure the data you encrypted is not made avaliable to anyone for any reason?
All encryption systems should have duress features which make it impossible for someone to know if the real password was handed over. There would always be a 2x storage overhead to prevent to prevent file size from giving away the existance of a duress segment.
If such a law were enacted in the US, we would be protected, ostensibly, by the 5th amendment to the Constitution. I say ostensibly because apparently the Constitution is "just a piece of paper" now, and we (some of us) have forgotten about the rule of law.
So, this could happen here. Easily. We need to find some way to restore the rule of law here lest we become like that other large country just across the Bering Strait from us.
Hmmm...
Those who don't learn from history are doomed to repeat it.
Those who would give up Essential Liberty to purchase a little Temporary Safety, deserve neither Liberty nor Safety. http://en.wikiquote.org/wiki/Benjamin_Franklin
The constitution made America great. It didn't spring from nothing. It was a reaction to tyranny. By gutting the constitution, we are making way for another tyranny.
Can't you just plead the 5th when they ask for the key? you do have the right to remain silent. how is asking you for a key and demanding an answer different from asking for where you hid the body and demanding the same?
The difference is that with a physical object, all these things are pretty clear-cut: either there is a safe or there isn't, either it contains drugs or counterfeit money or it doesn't. And if you insist that you forgot the combo to the safe, no big deal, they will simply force it open, and that will settle the matter.
With encryption, you can't even tell whether there is a safe there. I might well keep big files of random numbers on my machine, and just because a UK cop with a two digit IQ is incapable of figuring out why and suspects some nefarious purpose, that shouldn't be illegal. Furthermore, with encryption, the government simply cannot force the issue: in general, they just can't decrypt the data.
If the police have to get a warrant, I don't see what's wrong with this. If the police search your house (with a warrant of course) they can search the contents of a safe in your house too (maybe they need an extra warrant for that - IANAL - but the point is, locking something up doesn't make it illegal to search it). If you had a safe that, while theoretically could be broken into, in practice could only be broken into after months or years of effort, shouldn't the police be able to force you to open it up? Again, this is assuming they have a real reason to do so, and a court agrees.
Now, maybe this law doesn't require any warrants. But the woman in the article apparently had her computer seized in May. The police certainly can't do that without a warrant. She describes it as thugs stealing from her. My guess is they had a warrant, or else her lawyers would make dog food of the prosecution. Using hysterical language certainly doesn't her case though.
In the United States, you could never be compelled to turn over an encryption key as that is a violation of the 5th amendment
I wouldn't be so sure. The 5th amendment only protects against self-incrimination, but the search may be for evidence against a third party, in which case you may be compelled to comply.
It's also not clear that giving up your encryption keys would be considered "testimonial", so it might not be protected under the 5th amendment according to US courts. See here (somewhat outdated in other aspects, but an accurate reflection of US policy on the legal hair splitting):
http://www.cybercrime.gov/cryptfaq.htm
TrueCrypt allows hidden volumes, indistinguishable from one volume. The file size is constant.
TrueCrypt works very, very well. I use it with just one volume to protect passwords and other files.
When you don't want to encrypt a volume, but just a file, Gnu Privacy Guard is best.
This is an outrage. Here, we have a case where a person claims she does not know something, but the government is demanding of her to comply. But let's suppose, for a moment, that she is telling the truth and she has no knowledge of these encryption keys. How could she prove it? There is no way to prove a negative. It is impossible to prove that you DON'T have something; you can prove that you DO have it by producing it. There, you see, I have it. But if you don't have it, there's no way to prove it. They should let her go.
If people don't openly resist then things will only get worse. What needs to happen is for people to openly protest and for people to openly support the protesters. Never give up the key and be totally open that there is a key and that you're not going to give it up. Involve the press and make a big stink about the issue.
At what price learning? At what cost wisdom? The price is a man's peace of mind, and the cost is his life.
These protections were brought to the American shores by Puritans, and were later incorporated into the United States Constitution through its Bill of Rights.
Thomas Jefferson was not a Puritian.
People throughout history have realized that torture is like a mirror. Under duress, people will say whatever the person in control wants to hear. Tacitus wrote as much in the second century AD. Only the ignorant, thoughtless or cruel believe torture is useful for investigation. People who practice tortue know the results better than anyone else but they too are pawns. Those who advocate torture do not seek information, they seek control through terror. Nothing is more terrifying than a crowd of cruel halfwits who are so self righteous they demand torture. Their hatefilled faces are echoed by the agony of their victims, but all of it is a reflection of their leader's twisted souls.
It is a tool of tyrants, religious fanatics and other evil people who think of themselves as better than you. It is always a crime.
Friends don't help friends install M$ junk.
Except they're like muggles trying to deal with keys from Harry Potter; Normal keys don't self-destruct if the wrong person tries to use them, show you what their owner wants you to see, or magically stop working at a set date. Plus, we can destroy encryption keys with thought alone ("I forgetted! Durr!"), and you won't even know the room/keyhole is there unless we show you.
Who are the morons who tagged this "republicans" and "bush"?
Viper is the preferred editor of the Emacs operating system.
If they have a warrant, and I refuse the combination, they can drill open the safe, or use other forcible means to open it. I don't go to jail for two years for not giving them the combination.
Let the fuckers drill open my hard disk when I refuse to give the encryption keys.
Here's a snapshot of the tags at the time of this comment:
encryption, thoughtpolice, bush, republicans, !democracy
Ahhh, brilliant Slashdot. Simply brilliant. This article takes place in the UK. But no worries, continue on your path of merry stupidity under cover of fighting the man. It amuses me so.
Slashdot - where whining about luck is the new way to make the world you want.
I forgot to say that TrueCrypt is open source and free, and, in my experience, perfectly reliable. There are Windows and Linux versions, and a Mac OS X version is planned.
Don't forget to donate if you use TrueCrypt extensively.
The present government corruption in both the U.S. and U.K. started when secret violence was authorized as a way of protecting oil investments of British and U.S. investors. Tending toward outlawing privacy is a way of continuing that corruption. Any government that can act in secret cannot be a democracy, because citizens cannot participate in things that are unknown to them.
This is a good site to read about the corruption, and to contribute links: U.S. Government corruption TimeLines. Example: Complete 911 Timeline, 3895 events.
Encrypting your data and not hiding it is the same as getting a $100k super secure safe, locking your stuff in it, but leaving it in the middle of the living room. Any { law enforcement agency / criminal gang / anyone with more resources and more muscles that you } will just force you to give them the key. In other words, they see the super secure safe and automatically assume there must be at least $1M in there and then they force you to give them the key. The govt will cite all kinds of stupid idiotic laws, the criminals will start cutting of the fingers (yours or your loved ones').
The solution is to use something like steganography and hide the data such that nobody even will suspect anything. The best secrets are the ones that are not even known to exist.
If the adversary is convinced that you do have the data and knows the data type, then create a similar but fake data set to be substituted for the real one.
It is all well and good to discuss technical ways to escape such requests. But we need to move _towards_ not needing to encrypt your important data and not towards better ways to do the encryption. Ie. I prefer not to have to encrypt that perfect encryption.
"Thanks for all the money you paid to us. We've used it to buy off ISO among other things" -Microsoft
ccalam - acoustic versions of new songs.
If the threat of 2 years jail time is being bandied about to backstop an illegal request, then it is being *used*. Just not officially, or ethically.
Bad legislation like this gets used like that all the time. It doesn't have to be an "official" filing to make someone scared.
HAHA Geek pwned!!1! seriously tho. one of my favorite /. 'you got served' moments is when someone is having a Comic Book Guy Moment and someone just kinda calmly steps in and and points out the obvious.
Because *real* geeks do serious work on data w/out backups. ...*Really*?
The law already makes it very illegal to impede the execution of a search warrant and to otherwise obstruct justice. If the police come with a search warrant, you must allow them to enter the premises. RIPA logically extends the law into the "digital age".
I dare all of you condemning this recently-passed British law to post a coherent criticism of it...
In Soviet Washington the swamp drains you.
one
two
three
four
five
The fact that she is being threatened with jail time suggests that her chosen encryption method is of high quality and she is also smart enough not to leave any obvious clues as to the keys on her PC or surroundings.
Irrespective of what you think about her political views I think the geeks here should acknowledge the skills she has shown in the use of 'real world' encryption.
Then again, perhaps all those '.tc' files really are just random noise after all...
Your attitude is infectious...
I am now convinced it's time to leave the country.
The fact that this law was essentially used 14 days (iirc) of it becoming a law proves beyond reasonable doubt that it's not a law to protect the people, but to protect the government and their commercial interests.
Animal activism, while often extreme is nowhere near the same scale as terrorism, and never has been. While I have no support for activists who go out of their way to try to force their targets to stop doing what they're doing - they certainly should not face time at her majesties' leisure for merely having an encrypted file on their PC. CCTV in the UK has always rendered public privacy moot, but now an individual's privacy is a decision between surrendering your rights, or jail for refusing to do so.
Does anyone know if Japan accepts political refugees? (yes, the state's probably just as onerous in some way or another, but it's always been a far more welcoming place to me than the land of my birth, now becoming an Orwellian nightmare state made real)
Baka Drew
Giving up keys would be spitting on the graves of our boys who died on the beaches of Normandy. Simple as that.
What are you doing on slashdot spouting facts and reason? This is a write-up by slashdot, bastion of editorial excellence, from a story by theregister.co.uk a source of journalism the guardian could take lessons from, based on commonts by an Anonymous poster (who claims to be the women in question) about an unproven incident.
Unless I missed something, there is no actuall link anywhere in that story that confirms that this woman even exists and that she has been arrested. If she has been arrested and does exist we only got the word of the anonymous poster that the poster is the woman and that the events happened as claimed.
I have had several experiences in the past with learning things from rumor that I obviously had missed with my own eyes. People who call the other side 'thugs' are automatically to be distrusted, objective reporting should be objective. At a minimum you should provide ample evidence if you are slinging accusations. What was so thuggish about the police behaviour?
We got a lot of claims, a security expert who politly tells us that it is likely untrue (the police in question can't serve such an order) and slashdot all hot and botherd.
Tell me something, do you think the directors of Enron should be made to hand over the numbers of their private swiss bank accounts to pay for the damages they done? Should banksaves be opened on police request? Why, yes, they should. That is the law.
There is a feeling that somehow we have a right to privacy. WRONG we don't. Not once there is a warrant for that information. The encrypted file is not that information, the contents are, just like a safe does not satisfy a warrant, the contents of the safe do.
It is how our legal system works. Change this and you change the way the law can do what we expect it to do. It would be trivial for everyone to encode their data. Do we really want a world in which the likes of Enron can just encrypt everything and go unpunished because the police can't get at the evidence?
With encryption we have created a problem for ourselves because previously if you refused to open your house for a search warrant the police could just break the door down. This is not possible with encryption, should a person escape the law just because they made an unbreakable door?
Fine, by all means, form a party and try to get elected on that. Don't fancy your chances much. Because you would be running on an agenda for anarchy.
Ah, but this is used as a means of a going after an animal rights activist, an assault of free speech. Yes, but that is an unrelated matter.First off, we don't know what kind of activist she is, some make terrorists look harmless, second, if you think her actions should not be prosecuted, change the laws regarding that.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
It should be noticed that the particular groups of people who campaign against Huntingdon Life Sciences are terrorists:
They use threats of force to induce fear in people at HLS;
They have used actual violent force, at the work and at the homes, of people who work at HLS;
They threaten anyone involved with HLS, their suppliers, etc, with the same degree of violence;
They have placed bombs, which exploded, under the cars of people who work at HLS or are involvd with HLS;
They claim their actions are justifiable, that they are engaged in a violent struggle, that their violence is justified because they must achieve their aims by any means possible.
These are not nice people we are talking about. They are not the innocent defenders of the fluffy bunnies. They are aggressive, violent people and they are familiar with the tools and techniques of covert violence. Curiously they fail to mention their devotion to violence in their own article about this case.
RIPA, like any other "anti-terrorism law", will one day be used against people who have nothing to do with terrorism.
Today is not that day.
"For a successful technology, reality must take precedence over public relations, for Nature cannot be fooled"
From the article
'The woman, who claims to have not used encryption, relates her experiences in an anonymous posting on Indymedia.'
So an unnamed woman, makes an anonymous post, to make an unsubstantiated charge.
And all you suckers have your panties in a bunch over what could be a work of fiction.
Does anyone know if this charge is corroborated somewhere else?
Maybe the problem is that Alzheimer's is catching in Washington DC! Perhaps the problem is too much lead in the water supply! I seem to recall (With my still functioning... brain,) that the Romans had that problem as well. Lead lined pipes and drinking utensils make for insane emperors and easily overthrown senates! Perhaps plausible deniability will absolve you of all crimes... if you are a member of the ruling elite and already above the law! Perhaps the USA and Russia are not so far apart after all! One will throw you in jail for piracy, one will throw you in jail for not revealing your encryption keys. And who's to say what's encrypted data, after all? They could argue, in front of a jury of your "peers", that the unpartitioned space on your hard disk is encrypted data, and you think you could refute it to the point where they'd believe you? After all, law enforcement are a bunch of computer whizzes, they see it every week on "CSI." And I will bet you that 9 out of 10 jurors believe that everything they see on "CSI" is real.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
According to Wikipedia, Japan accepted 10 refugees in 2003. So the technical answer is yes, Japan does accept refugees, but your chances of acceptance are very, very remote.
Second, the Brazilian was shot by the Metropolitan Police. Thank God, most of the police forces in England are nothing like the Met. Very few police officers in the Met would qualify to join, say, the NYPD.
Finally, animal rights activists in the UK are not warm and fuzzy people. They bomb babies, desecrate graves, issue death threats, and one of their members has been locked up for a bombing campaign. There are plenty of legit animal rights bodies they could join which have real political influence - but they don't.
Two years for the sentence or two years waiting in jail to think about getting the two year sentence. Mitnick was in this bind pretty much and the wait in jail during trial was quite the toll.
members are seeing something, your seeing an ad
They have the right to do anything that we are unable to prevent them from doing.
Excuse me, but please get off my Pennisetum Clandestinum, eh!
Thing is, I feel we are only this far away from having to go to jail if you even have encryption tools on your machines. What would be your intentions with it besides encryptinc terrorist activities anyway ? Bleh.
...
[Section 3 of the RIPA]Intended primarily to deal with terror suspects
The problem is with the "primarily" part. Since when is an animal rights activist count as a terrorist ?
[woman says]The police are my enemy
I am putting myself to the fullest possible use, which is all I can think that any conscious entity can ever hope to do.
Comstock and decrypts the output of a Riemann-Zeta function
As much as you like to bash the U.S If you had even glanced at TFA, you'd seen it was on the other side of the pond, the U.K.
.. but I had the advantage of seeing it happen from the inside (and powerless to stop it, there are some seriously heavy interests associated with this).
Just in case you're wondering, I no longer live in the UK and no, I intensely dislike the terrorist branch of animal rights activists as well - I just happen to remember that this stuff is always sold on "terrorists" and "greater good", followed by a deja-vu of abuse.
If there ever was a government that stated in cleartext "do not trust us" it has been Labour. They make even the Tories look good. Ugh. Now they've got the very man in charge who turned a nation's budget surplus into a *large* deficit (obviously picked that up from the Bush camp oversees) and who has been responsible for nuking most people's pension by taxing the one thing that should be left alone - pension funds. But I digress.
In summary, anyone who still buys the media line that there is as much as a *shred* of democracy left in the UK needs his/her head examined. It's a flock of badly fed sheep being milked until they die, at which point they simply switch to feeding of the carcasses until there is absolutely nothing left. A sort of carnivorous locust swarm..
Yeah, yeah, I'll go and take my medicine now. I just get angry when I see a nation that was once leading the world in engineering and intelligent thinking go to the dogs, whilst still pretending they're still great instead of acknowledging the problem. I've met some incredible people there and I feel sorry for them that they ended up with such a government.
No, I don't think they voted for them. Don't forget that voting is based on volume. Keep the volume of uncriticals high (by, for instance, scrweing around with education) and you simple remote control them via the media. And if that doesn't work there's always Diebold.
Britain, alas, already tried the "WDWTFWWAWWA".
http://www.saveparliament.org.uk/problem.php
A bill that would basically allow any minister to change any law without parliamentary debate or oversight. This was allegedly intended to "allow the cutting of red tape". Alas, regardless of how well-intentioned it was, it doesn't protect the UK against misuse by present or future administrations.
Happily, the British are a little more politically aware than their transatlantic cousins, and managed to kick up a stink about it. Our second house of parliament also thoughtfully shot most of the provisions down, although they can be overruled by the first house.
The current North American administration would probably try it too, but I think it might be a bit much even for their main voting body (the media barons, obviously) to swallow. They pretty much have the equivalent already, as long as they don't draw too much attention to it - they can just filibuster anything they want into law. e.g. "The provide lots of money for orphans and nuke undesirable ethnic groupings bill"
No idea how much is this story true, but it's disturbing...
What if the police (or someone within) just adds a random file on your PC and then asks you to provide a password?
This is manipulating evidence, but wouldn't that be FAR too easy to convict someone for any reason?
How could you ever demonstrate that your hdd has been manipulated?
What if the encryption key is self-incriminating apart from its function as a key? For example, what if you used the text of a poem that describes a crime you are guilty of--forcing you to give up the key would be forcing you to directly confess to a crime!
Furthermore, isn't the mere *possibility* that you used a key of this kind, sufficient grounds for a bulletproof legal defense? (If the courts cared about the Bill of Rights, that is.)
I have a friend who works for the bacon as a "data engineer" or whatever they are called. Amongst other things we spoke about was the weak link in the chain, AKA human stupidity.
Most of the time the keys are second guessable because they use words/phrases that are around them" So the police conduct a review of the person, in minute detail and come up with a list of potential keys that they can run against the encryption.
This girl must have done it right!
http://www.writeitfor.us - Writing IT for the IT generation.
Alternatively, just use the encryption facilities built into the platform. Both Linux-based systems and BSD have facilities for setting up an encrypted partition. On Linux you'd use losetup and on, say, OpenBSD you'd use vnconfig. You could do something like:
/dev/svnd0c cryptfile /dev/svnd0c /mnt/secrets
/mnt/secrets and when done,
/mnt/secrets /dev/svnd0c
$ dd if=/dev/zero of=cryptfile bs=1024 count=1048576
$ sudo vnconfig -k
<enter password>
$ sudo mount
Then use
$ sudo umount
$ sudo vnconfig -u
Done. Password protected blowfish encrypted data.
Moron, this is the UK. Maybe if you read the article, you'd know.
In the mean time, Europe is copying the US policies and in some cases even worse:
Anger as EU plans to store airline passengers' personal details for 13 years
The European Union's top justice official is due to unveil controversial plans that will allow the EU to store personal details of airline passengers for 13 years.
Airport security checks to extend across EU
Passenger checks which have brought chaos to Britain's airports will be extended across the EU, it has emerged.
EU green tax could add £100 to air ticket prices
Air passengers are to be hit with a 'green' tax as part of controversial EU plans to force airlines to pay for the cost of their pollution.
Terror crackdown: Passengers forced to answer 53 questions BEFORE they travel
For every journey, security officials will want credit card details, holiday contact numbers, travel plans, email addresses, car numbers and even any previous missed flights.
Just recent cases, I'm sure you could find even more with google.
I think I found the source of this claim in a recent blog that referenced the 1998 DOJ Encryption Policy FAQ. But that is not the DOJ position at all. What the DOJ claims was claiming to not be self-incrimination was if users of encryption products were required to store their keys with third-party escrows, in advance of using the product; so that those records could be obtained by court order in the event of a criminal trial.
They are arguably right about that, however, if such a system were mandatory, it would at best be walking an extremely fine line around the 1st, 4th, and 5th amendments. Besides which, it would be utterly unenforcible, as anyone with a copy of Applied Cryptography can write their own strong encryption program that doesn't escrow their key; and such rogue programs would spread too easily over the Internet, which is probably why the government for the most part gave up on their efforts to regulate encryption in the few years after that paper.
Correction. Insert the following line after sudo vnconfig -k ...
/dev/svnd0c
$ newfs
Sorry about that.
By the same principle, all you have to do to avoid being a terrorist target as a US citizen is leave the country, renounce your belief in a free democratic non-religious government (whatever the truth of the matter may be under GWB), and become a devout Muslim. Easy isn't it ? (/sarcasm)
"Choice" is an interesting word. People are trained to do jobs and sometimes take years to learn the skills to do that specific job. Choosing to leave that job for another one probably would involve severe loss of income.
In short, HLS is performing a legitimate activity and therefore should be protected. It is also legitimate to campaign for banning of experiments on animals; but such campaigning should not involve violence and intimidation.
Donte Alistair Anderson Roberts - hi son!
Karma: Chameleon
Not only are they generally nasty people acting to protect (yeah right) the rights of teh balls of fur, but they also:
- Firebomb offices and labs
- Set car bombs
- Send death threats to lab administrators, employees and their families
And let's not forget that exceptional piece of horrible work:
- They dug up the body of the dead mother of a cat breeding farm owner and then ransomed it, only returning it contingent on the farm shutting down (this is after the bombs and death threats and "Nice kids... shame if something happened to them!" didn't work).
Chances that the encrypted file belongs to the suspect? High. Chances it contains juice info that the police could use to stop more evil, sadistic criminals? High.
Is it too late for me to whore some Karma by singing the praises of truecrypt?
If so i'll just have to wait for the next encryption related post.
- Firebomb offices and labs
So do them for bombing. There isn't a bomb in an encrypted file.
- Set car bombs
So do them for bombing. There isn't a bomb in an encrypted file.
- Send death threats to lab administrators, employees and their families
So do them for threats. If the receiver got just the encrypted file, how will they know it's a death threat?
Let's say that this woman did any of the above things. Let's say there's nothing encrypted. Didn't the police find evidence of bomb making? Didn't they find evidence on the bomb? Didn't they find evidence on the letter? If they didn't they would have nothing. So how did this law help?
If they already had the information, they don't need access to the hard drive. The law still didn't help.
And since the only thing that could be found in an encrypted file is the death threat letter, that isn't stopping a evil midnight bomber what bombs at midnight.
If the file contains names of people they know, this could be found out by following them (a court order required) or by phone tap (court order again). If they didn't have enough information to have her followed, why do they have enough information to demand access to pictures of her with her boyfriend? Because the boyfriend might also be a "terrorist"? But if that's your only evidence, you've no case, so the law hasn't helped again.
I suppose if I put files on my computer with purely random sequences of bits in them, they might claim those are "encrypted" and try to force the "keys" out of me! Of course, any encryption scheme worth its weight in salt will be largely indistinguishable from a random sequence.
Also, I suppose Britain does not have the self-incrimination laws we have here. There you can be forced or coerced to witness against yourself.
Ruby Neural Evolution of Augmenting Topologies
Not anything about self-incrimination.
Linux-based imaging is good only if you are interested in recovery. On the legal side of things, it will not do:
- Please explain to the court how you made a copy of this piece of evidence...
- I connected the drive to our forensic machine and...
- You mean, you connected this hard disk... to your machine?
- Yes of course, then I...
- Did you use a hardware write block?
- Er... I used Linux and mounted the...
- Please, just answer the question. Did you or did you not use a hardware write blocker device to connect the disk to your machine?
- I did not, but...
- Thank you, no further question. I now call for the evidence to be declared tainted and inadmissible in court, since the forensic team failed to use the proper hardware to ensure that no changes would be made to the disk.
There is a whole range of forensic-specific hardware available: write blockers, hardware disk imagers... Use them, or loose your case.
I code, therefore I am.
You are wrong about the method Truecrypt uses to hide a volume. It is not detectable. The way they do it is by encrypting an entire partition; one volume starts at the beginning, one volume starts at the end. If Truecrypt tries a key at the beginning of the partition and fails, it then goes on to try at the end of the partition.
There are a couple of drawbacks to this method, one being that you can have two encrypted volumes start to corrupt each other if you fill the entire partition. If you plan ahead for this scenario you can avoid it, though. The other drawback is that you have to encrypt an entire partition to use it.
Even inserting a few lines in the Trucrypt code to tell you which end of the partition it is using can be combated by simply using the end of the partition as your hidden volume and the beginning as your RIPA/rubberhose volume. That way if you give them the rubberhose key the program acts exactly as it does for a partition with only one key.
It has plausible deniability, and makes it impossible to distinguish between a wiped partition, a single key partition, and a dual/"hidden" key partition.
None of this, however, helps in hiding the existence of a PGP key. If your opponent has access to your email servers and can see you sending messages encrypted by PGP you're gonna have some explaining to do when it comes to investigation time. I don't know of any steganographic programs with plausible deniability that are out at this time. If anyone's heard of any please let us know.
"He's more machine now than man, twisted and evil."
You know, there is a difference between trolling and pointing out the flaws in your reasoning. Just saying.
I've been playing around with PGP as far back as when Zimm was collection donations for his defense. I know I've got 3.5 diskettes collecting dust in my collection that have encrypted files for which I have no clue what the pass phrase would be. I wouldn't be able to give up the keys if I wanted too.
I know what I'd do as a juror if asked to judge someone on this law. Nullification. But I can't count my chances as good I get someone like me when my time comes. It's time I pick a weekend and do some house keeping and clean-up just in case.
-[d]-
Them: Give us the key or else!
You: Else what?
Them: Else its 2 years in the pen.
You: Eeek! Alright, but it is a very complicated key...
Them: Give us the key!
You: Alright alright, let me at my PC and I will open it.
Them: This is a copy and we are watching.
You: OK, first I need an internet connection.
Them: OK, but don't try anything funny.
You: OK, now I have to play BF2 for two weeks solid, then I got to level a Priest in WoW to 59 and as close to 60 as I can get, lets hope I don't go too far by accident, oh and I will be needing a copy of UT3 as soon as it comes out, and a copy of Crysis I need to work on both those too. But first I need to be in the right frame of mind, so a case of red bull, cheetos, and pizza from flown in hot from Chicago. Oh, and if Ms Sexy-with-a-badge over there isn't doing anything important I could use some *personal* help if you get my meaning. Now lets talk...er...decrypting video cards, I hear the new NVidia one is out and....
Slashdot, where armchair scientists get shouted down and armchair theologians get modded up.
Just split up your encrypted files into 4mb chunks, give them names like Britney.aac and say you can't provide a key to these files on your own computer because doing so would be in violation of the DMCA...
Not really trying to be funny here, who really "owns" a file if it is on your hard drive?
Is there Truecrypt or something alike for OpenBSD?
45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B2
Create a an Encrypted Volume w/ True Crypt. Passphrase - anything you like
Create a Hidden Encrypted Volume w/ True Crypt. Passphrase - "There is no hidden volume."
Police: Give us the key to your encrypted volume!
You: It's (your key here).
Police: Give us the key to your Hidden Encrypted Volume.
You: There is no hidden volume.
Police: Don't give us that shit, we know you've got a hidden volume!
You: I already told you, there is no hidden volume.
You've complied and possibly kept your data safe.....that is, if they're not reading this post!
You don't have to prove you're innocent, they have to prove you are guilty.
That doesn't apply in all countries, nor does it apply to all crimes.
When our name is on the back of your car, we're behind you all the way!
she should take the fifth and claim she can't remember the keys as she was smoking a lot of dope at the time ...
davecb5620@gmail.com
http://www.erikyyy.de/multikey/
This program creates given X files from one file, and you need Y of them (Y=X) to re-create the original.
Each of the files is way less than complete data. It's much more of a key than the cryptogram. There is NO cryptogram as such, only keys. Say, they found two out of 12 (and they need 10 to re-create the original). Can they request me to provide another 8 keys, when they have 20% of the cryptogram? Especially if it's extremely unlikely that what they have does actually contain anything incriminating (the data is not only random, it's way incomplete!) and providing them with the rest of the data WILL mean providing them with incriminating material (other files contain more of the data and combined may produce something actually incriminating).
To imagine thing easier: there's 500MB of incriminating material and 500MB of total randomness. Guy 0 XORs them then saves the result of the XOR result and the 10kb or random noise to separate CDs, erases the original, shuffles the CDs and hands them to Guy 1 and Guy 2. It's impossible to tell which of the CDs is the cryptogram and which is random noise. They are worthless without each other. XORed together they create the compromising material.
Now the Police bursts through the doors and windows of Guy 1 and demands the key to the CD. He says this is the key and the Guy 2 has the cryptogram. So they get the CD from Guy 2 but he says it was his CD that was the key... The data obviously IS incomplete in both cases (you must provide exactly as many bits of data to have it recreated from the noise as the data contains originally - you could just as well provide the data itself and discard the noise, or make up virtually any kind of data by XORing the right input with one of the results.)
So...?
Take a gun apart, into 15 pieces. Hand each of the pieces to one of your friends. None of them is carrying a weapon, or even "incomplete weapon". Then they meet and put the gun together. Unless there are laws that specifically prohibit carrying weapon parts, they can bring the gun anywhere they want.
45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B2
"The tool called "dd" included in every Linux distribution may not seem very powerful, but it fulfils all of the requirements listed above. In the US government's Computer Forensic Tool Testing Program [1], dd was the only imaging tool that passed all of the tests with flying colours. Even such well known commercial products as Encase and SafeBack had a few shortcomings in these tests."
"The US Defense Department's Computer Forensic Lab has developed an expanded version of dd called dcfldd, which calculates the md5 hash. "
http://www.heise-security.co.uk/articles/74855/1
These kind of prosecutions are a pretext for the police apparatus being used to shut down dissent, we've had a number of cases here where people were locked up merely for maintaining pro-Islamic web sites. It begs the question, can one oppose US/Israeli policy in the mid east and still not be a terr'rist.
..
I have a sneeking suspicion that the push for such legislation is coming from the other side of the Atlantic, the home of 'democracy'. Makes you wonder how you can defend 'freedom' by converting the place into a police state. People wonder why we need machine-gun-armed-police on the streets of London. Maybe it's to do with us bombing the heck out of johnny-A-rab.
What were the circumstances that led police to seize her computer in May 2007. Has this individual, engaged in or threatened violence against anyone, if not then this whole case is revealed as bogus. Insert suitable quote from George Orwell here
davecb5620@gmail.com
RIPA, is another example of a fundamental change in the ideal of western law enforcement. Being American, I'll refrain from talking about British matters, but in America, there has been a drastic shift over the last century.
Originally anyone was "Innocent until proven guilty in a court of law" Now it seems like society lays the burden of proof more on the accused than the accuser. This is off-topic, but the accuser should be a victim who was actually harmed by the actions and not "the state", but I digress. I'm not trying to demonize the media, because they just do what's best for their bottom line, but every day you see Child Predator this and murderer that on the local news and each and every one is presented as though they've already been convicted, with a quick "suspected" appended to the account of the story.
So the real problem with RIPA as I see it, from an American perspective, is that any equivalent American law is presuming that you're guilty until you furnish them with some evidence to the contrary. It's not that you're "giving up something personal" or even obstructing justice.
More rational heads would say, that if you've nothing to hide, cough up the key, but I dislike this logic as it tends to give the state more and more power to pry into personal affairs since it doesn't matter to the people who have nothing to hide. But the Constitution says "secure in their property and liberty" and I feel like this attitude spits on the Bill of Rights.
'nuff ranting.
The British have an inquisitional judicial system not an advisarial one. Better? Eh. Worse? Eh. Different? definitely. Among the biggest differences are that you don't have a right to remain silent or one against self incrimination. If you're asked a question you have to answer it.
dcfldd is included in Helix forensics LiveCD (based on Knoppix), along with several other quite useful programs.
Have a look at http://www.e-fense.com/helix/
Hail Eris, full of mischief...
E pluribus sanguinem
I originally posted this on The Register's comment field, but I'll repost here: There really are a plethora of issues here. I'll address them in ascending order of relative importance: 1). So she's an animal rights activist. So what? What does that have to do with the application of a dodgy and imho illegal act? Sod all. 2). Not all animal rights activists (ARA from here on out 'cause I'm lazy) burn kiddies for breakfast, exhume grannies for lunch and tar/feather yuppies for dinner. How do you know what she's doe. Not even the filth know that yet. Hence this 'polite invitation'. 3). In my humble opinion, all life is sacred. No creatures should suffer unnecessarily. Food animals are understandably bred and slaughtered to keep people alive (although vegetation is more energy efficient). Standing by and watching whilst a company gets paid to torture defenceless animals is immoral. Doesn't matter if it's for food (foi gras), medical research, "fun" (aka hunting with dogs), because some yoofs get bored and fancy kicking a puppy to death. Doesn't matter. It's immoral. Claiming "oh, but it's all for the greater good" is the same kind of empty arguments the Nazi's used in WW2 to kill jews (They're not really human, and society is better without them), Stalin used to get rid of opponents (Society will be destroyed by these political anarchists) and the USA is currently using to kidnap, torture and murder various muslims (we need to protect america against terrorism; torture's ok as long as we do it overseas). These arguments are easily seen as what they are; a pathetic excuse to quell the apathetic masses from rebelling against the barbaric and evil crimes of the powerful. 4) The real meat of my post. That act. It too, is immoral. Really immoral. Hate to Godwin again here, but it's verging on the jews-aren't-really-people argument immoral. I think it's so immoral I sent a strongly worded letter to my MP, the venerable David Cairns MP (who as I have previously stated is honestly not a slick-as-oil shitebag who would lie about the colour of the sky) with regards the RIPA and stating my belief that the then-PM Tony Blair was as much a threat to the freedom of the british people as Adolf & Co were in the 1940's. Needless to say, Mr Cairns MP (Lab) replied saying that such a comparison was wholly unfair and that the RIPA was a valuable tool for the Police in their War on Terror(TM), and it along with the ID Cards would be fine and dandy, nothing to worry about. I didn't believe him then. I still don't believe him now. This sort of act is exactly like the martial-law declarations and 'enabling acts' made in countless previously-democratic countries when their governments forget that they serve the people not vice-versa. It is sad to see yet another government making this mistake. Although this is but the beginning of the more draconian legislation, for it is the nature of such acts to breed ones more repressive, nonetheless, when in years to come people ask "Where Did It All Go Wrong", this my dear friends, this was when it All Went Wrong. Democracy in this country did not die in a battle, nor in a riot or a revolution. It died with a group of balding middle-aged men drinking brandy in the Commons bar, laughing amongst themselves. It died when the apathetic masses forgot to care about what laws get passed without their consent or approval. It died when the wishes of extremists and power-mad politicians were given more thought than the rights of the people. In years to come, when the same apathetic masses remember to care, and decide to remind the government why they serve and the masses sufferance, when there are tanks driving down the Mall firing at unarmed civilians, when the skyline of cities from Aberdeen to London are lit-up by the fires of freedom and revolution; maybe then you will look back and wish that this law had not passed, that the police did not have the right to see this hippies personal porn stash.
The truth shall always be free: Boris Floricic is Tron.
Use them, or loose your case.
And it runs around free! Wreaking havoc! Smashing in windows and stealing car stereos! Eating whole bags of Cheetos and vomiting them up into your dress shoes! I'll tell you -- there's nothing worse than a case that has been loosed upon the world. Those things are wild.
How soon we forget...
Article the seventh [Amendment V]
No person shall be held to answer for a capital, or otherwise infamous crime, unless on a presentment or indictment of a Grand Jury, except in cases arising in the land or naval forces, or in the Militia, when in actual service in time of War or public danger; nor shall any person be subject for the same offence to be twice put in jeopardy of life or limb; nor shall be compelled in any criminal case to be a witness against himself , nor be deprived of life, liberty, or property, without due process of law; nor shall private property be taken for public use, without just compensation.
Slashdot's rate-of-post filter: Preventing you from posting too many great ideas at once.
I found it funny that this is tagged "!Democracy". Perhaps you share President Bush's philosophy that democracy leads to freedom. (You know, the reason why we're in Iraq?) But it's absurd to suggest that the lack of freedom implies the lack of democracy. That's the equivalent of saying that a majority could never vote in a tyrannical government, or that 51% could never vote for the oppression of the other 49%.
With any new law, it's always useful to ask yourself "How could someone abuse this, and victimize innocent people?" In this case, it's quite easy.
First, ask yourself whether you may have any files on your machine that you don't know about, or which you couldn't decrypt. For most people, the answer is quite simple: "Yes." For example, do you run a browser? That browser has a cache. That cache contains files in an assortment of formats. It's quite likely that you've never seen some of those files' contents (maybe just because you didn't scroll far enough down the page to see the content). And if presented with only the file without any context, you'd have no idea what app to use to display its content, or even whether you have such an app installed.
On my web site, I have a demo of a bit of javascript that downloads files but doesn't display their contents. The intended use is to "preload" files used in the rest of the web site while you're looking at the main page, so that subsequent pages render faster. I also point out how this can be abused: My demo page downloads a file that is never used in subsequent pages. This "hidden" file can contain anything I like, from any web site. It could contain child porn, copyrighted MP3 music, a proprietary program that you haven't paid for - or an encrypted text for which you don't have a key.
As far as I can tell, this law doesn't distinguish this situation. The contents of your browser's cache are on your disk. This will be "proof" to most judges and juries that you downloaded them. So by merely viewing my web page or any other that uses such javascript, you could be framed for possession of such files. What would be your defense?
The obvious defense would be to try to convince the court that you could have been framed in this fashion. But even if you succeed at this, similar things could be done to you by any number of other means. Do you have anything installed that contains "auto-update" code? Note that most browsers now do this. Firefox asks you if you want an update installed, and it's probably trustworthy. But we recently learned that Microsoft software sometimes installs updates silently, even when you have turned auto-update off. An auto-update routine doesn't install its files in a labelled "cache" directory. Files can easily (and reasonably) be installed in any directory that you can write. So if anything at all on your machine has an auto-update feature, anyone who knows how to trigger it can install any files they like on your machine. And you could be prosecuted for failure to deliver the keys to decrypt these files that you didn't know about.
Almost every government contains people whose job includes finding ways to frame perceived "enemies" when the top people want. They won't have that as their job description, of course, and usually they are really working for the top officials or for a political party. This sort of law makes their job really easy, especially now that we have widely-used software such as browsers with caches, auto-update packages, and other things that download files without always telling the user about it.
To comply with this law, you had better be prepared to decode every file on your disks, including those that belong to any proprietary apps that you may have installed. If there's a single file anywhere on your disk that you can't convert to a human-readable form, you can be jailed for violating this law.
It's always a good idea to ask yourself "How can this be abused?"
Those who do study history are doomed to stand helplessly by while everyone else repeats it.
The solution here is quite simple. Encrypt your sensitive data with GNU Privacy Guard, for your own public key. This leaves a header in the files produced which identifies your key pair by the key ID. Key IDs are used to e.g. download public keys from keyservers and are also indicated in message signatures, and the public key generally indicates the owner of the private half.
/usr alone; one file among the 2,800 files in /usr/lib that's got a valid ELF header but where the data doesn't make any sense isn't going to raise any eyebrows. Private keys are also rather small, and you could just stick it in any old JPEG image of your house on your hard drive with e.g. outguess.
Then keep your key pair on a separate, well-hidden USB fob, or on a VPS somewhere in the deep, dark butts of Interring. Only keep it on a virtual memory filesystem on a system with encrypted swap partitions. If cops come bust your door down, they have to disconnect your computer in order to seize it. (You do have good passwords for when it's running, yeah?) This causes the copy of your private key to disappear.
Boom. Instant proof of not having the key.
You could also hide the private key in some obfuscated location on the filesystem. My desktop Debian GNU/Linux system has some 130,000 files installed on
This method can be extended to full-disk encryption if you encrypt the disk key with GPG to your own public key, and name the result something really obvious such as "disk_master_key.bin.gpg".
So yeah. Another law that's mostly useful for harassing hippies. Way to go. Very nice for making cops not look like the slimeballs they are.
Can't we just use the same defense of another infamous case whenever we are asked a question we don't want to answer?
Them: Tell us the encryption key!!
Me: I don't recall what it was, I encrypted that partition a long time ago to test some new software, then forgot the key. There was nothing but a copy of my etc directory anyway.
Them: We don't believe you!!
Me: Well, it's the truth. Whether you believe it is immaterial, ask your legal counsel.
I hope we don't start putting people in jail for not knowing things, in the US. We would have to designate half the country as a prison.
You're wrong. dd has been used to make legally admissible disk images.
A slashdotter who didn't build his own computer is like a Jedi who didn't build his own lightsaber.
she gives up the keys, if she knows what they are, isn't that self incrimination? Just plead the fifth.
How can this result in any problem for anyone since you could easily say: I can't give you the encryption key as that information would incriminate me. This is in fact why we have the 5th amendment(in the US anyway).
Can someone please just write a crypto program that changes the key every $timeunit based on something you type in? If you don't type something in it changes the key anyways but you can no longer decrypt it.
Basically the idea is that once you're arrested the key changes and you can prove in a court of law that it is impossible for you to know the key.
I find being offended by me offensive.
You LOOSE, good DAY sir!
Slow Down, Cowboy! It's been 60 minutes since you last successfully posted a comment.
Because private companies are the pinnacle of competence and government is the pit of deepest stupidity.
Well, duh. Private companies make money, government takes money. It's a perverted extension of "If you can't do, teach."
But, you could argue that the "takers" are the really smart people...
DATABASE WOW WOW
You have a right to remain silent. Anything you say can and will be used against you in a court of law. Sounds like this is a clear cut violation of Miranda Laws. Of course, I didn't RTFA, so I can't be sure.
How about connecting the drive, NOT mounting it, and using dd if=/dev/DEVICE of=somefile to make a verbatim copy, then mount that copy as a loopback?
May not be admissible in court, but for sure does not taint the drive in anyway.
2bits.com, Inc: Drupal, WordPress, and LAMP performance tuning.
- Er... I used Linux and mounted the... I think the better response would be:
- I used a software write block
Though I would assume that the hardware write blocks would carry some kind of certification required to be viable as proof. So the question would rather be "Did you use a XYZ-certified write block?"
Just pointing out that the difference isn't really about software vs. hardware. Unless there is a market for custom-made "hardware" write blockers with convenient evidence-manufacturing malfunctions.
I lost my sig.
I have no problem handing over my encryption keys if someone wants to send over Kelly Ripa.
No person shall be held to answer for a capital, or otherwise infamous crime, unless on a presentment or indictment of a Grand Jury, except in cases arising in the land or naval forces, or in the Militia, when in actual service in time of War or public danger; nor shall any person be subject for the same offense to be twice put in jeopardy of life or limb; nor shall be compelled in any criminal case to be a witness against himself, nor be deprived of life, liberty, or property, without due process of law; nor shall private property be taken for public use, without just compensation.
I believe that somebody got off the hook by using this few weeks - a month ago.
Well, OK, it really is a key ... it's just not normally a text string in the way it is used. The idea here is that the "key" is a series of selections on a range of images being displayed (in randomized arrangement). Certain images are to be clicked on in a specific sequence that the user has memorized. In a technical sense this really isn't much different than keystrokes in a certain sequence. The images could be of typefaces and the sequence thus be a string of characters. But by having real images of various things, especially like things that are hard to describe the differences in words, then the only way to decrypt the data (if some internal spyware was not involved in the first place) is for the original person to be involved. So they can't just ask you to hand over something like a key ... they have to have you actually make the selections for them.
now we need to go OSS in diesel cars
So I'm going to be put in jail because i forgot my key due to all the emotional stress of being investigated?
---- Booth was a patriot ----
No longer applies in this country either?
---- Booth was a patriot ----
Macintosh systems can do this at least as of 10.4; it is a System Preferences option. As another poster said, Linux can do so, Windows Vista has this as a built in option, and third party tools can do it on Windows XP.
Ok, somebody actually SHOULD write a worm which dumps child porn on people's computers. Make it a real citeable event and not just a theoretical possibility. Heck, make it encrypt the data as well.
What's all this talk about Kelly Ripa... I mean *really* what on earth could she possibly have done to elicit such ire... uh, er, um... never mind.
This is a criminal excuse of a law.
If state uses force to take my liberty, because its tools cannot read what I don't want them to, I shall bid my time and respond with proportional force.
If state uses violence against my associetes, I shall respond with propotion force on their behalf.
I would not like to, but to back down would be unethical. Violence deserves violence.
doing what someone says without thinking is sheepish.
Don't make me use Sheeple in a sentence! damn...
The Kruger Dunning explains most post on
I seem to have lost the first part of my post.
How do you get a warrant to get someone to tell you something they may not know?
I guess they would have to show a judge evidence that you did know it, but even then it isn't a certainty. Really, she could be just holding the file for someone else.
The Kruger Dunning explains most post on
The most interesting thing here is that governments are devoting terrorism resources to go after nonviolent people. Unlike real terrorists or religious fundamentalists, animal rights activists have never killed or seriously injured anyone, and in fact take great care to make sure they don't.
Seriously though, there are and always will be people telling you what to do. Many of them happen to be trustworthy and sensible. People are asked to do things and to think things all the time. The "sheep" label happens to be a convenient way of saying your trusting the wrong people (i.e. you don't like them).
On that note, I'm calling you a sheep. You obviously have subscribed to the "If you don't agree with me, you haven't thought it through, thus you are a sheep" concept. You obviously haven't fully thought it through, you've just taken for granted that the reasoning that other people with similar opinions (i.e. sheep, the lot of them) was all sound. Thus you are a sheep.
You know, there is a difference between trolling and pointing out the flaws in your reasoning. Just saying.
This made me think of Neil Stephensons Cryptonomicon. Wasn't there something were some guys had attached a huge magnet to their door-frame in case of a police raid, they'd just turn it on, and when the cops would carry the equipment out -> whooosh
I went to FLETC in 2006 to take the Digital Evidence Extraction Specialist course (which was basically "digital forensics for dummies", but they make you take that class first no matter what), and we got a free write blocker to take home with us (as in personally, not to take back to our agency). Plus 2x250GB Seagate PATA drives, which I still use for backups.
At least this shows that the police can't break the encryption themselves. Maybe MI6 have a backdoor (if you are paranoid, and PGP isn't open source of course) but the coppers certainly don't.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
So possessing a file of pseudo-random numbers could land you in jail - unless you retain the seed and the generator algorithm. Possessing a file of genuinely random numbers (e.g. generated from the noise source on a VIA CPU) is worse - there is no seed or algorithm to retain for your defence.
Your school project work requires you to roll a dice a thousand times and record the results for statistical analysis. Your brother gets into a bad crowd, and the police want the decryption key for your file, believing it to contain a hit list. You go to jail because you cannot produce the key.
Interestngly, all these arguments assume that the encrypted data:
1: exists
2: is hers
3: is encrypted with a key she knows (a hypothetical friend might have done it for her)
Right now, she doesn't really have to worry about using hidden partitions, self-destruct keys, or any other means of hiding the data beyond basic encryption, because the prosecuters still have to prove that the data is hers at all. Granted it's a weak defense, kind of like saying "that 10-pound bag of cocaine hidden in my car's door panel isn't mine", but it does pose an interesting question: Can you be prosecuted for failing to serve a subpoena, if it hasn't been proven that you actually posess the object demanded?
Well, I entered my passphrase and all I got was a JPG of the Prime Minister posing for the new Goatse website. Something that a dedicated animal rights activist would certainly be concerned about.
Have gnu, will travel.
Let's say you are sending a file to someone and encrypt it using that other person's public key. Then you forget the encrypted file on your hard drive (and probably even who he was if you don't keep track of things). Now, how can you give a key that decrypts this file?
What's the difference between using a "software write blocker" that you and 2,000,000 other people trust, and using a "hardware write blocker" that is proprietary, untested by third parties, and put together by some small POS company?
And what's the difference between the analyst testifying that they used a write blocker of any type and the analyst testifying in court that they used a write blocker - but actually he didn't or he forgot to connect it or etc etc etc.
You probably sell the damn things!
If not using "l33t hardware blockers" that for some reason you think are infallable was as dire as you think it was - the "it might have been a virus" defence would get everyone off scott free all the time.