Slashdot Mirror
First Use of RIPA to Demand Encryption Keys
kylehase writes "The Regulation of Investigatory Powers Act (RIPA) is being used for the first time to force an animal activist to reveal encryption keys for encrypted files she claims to have no knowledge of. According to the article, she could face up to two years if she doesn't comply."
Acquire virus.
Virus encrypts hard drive with unknown key.
Virus forwards CP to authorities.
Authorities bust you for having CP, for not revealing those encrypted files, AND for probably having more CP. Most likely will be averaged..say..15k is a picture..you have 200GB. The media will say that you were arrested with 100k+ pieces of child pornography.
Five years later, turns out that it really was a virus. Sorry about that..here's your freedom again.
Job? I don't have time to get a job! Who will sit around and bitch about being broke and unemployed then?
The biggest problem I see with these kinds of "give it up or else" laws is how do you account for the situations when someone genuinely doesn't know the information you are seeking? Should someones ignorance be a jailable offense?
Are you telling me, that I could output /dev/random to a file, place it on my friends hard drive, say it contains valuable information pertaining to a case and he could go to jail or be fined for not revealing the password/key?
This gives me an idea!
Either way, if you need to you can get around this with TrueCrypt by taking some precautions such as:
1) Not naming it with the default extension (.tc)
2) Put it somewhere inconspicuous and name it appropriately
3) Making sure that it's a hidden encrypted volume
4) Open it through TrueCrypt and don't save the history, or passwords, or as automount, or similar
Shit, that was a typo, I meant to type FIRST POST!!!
This is my footer. There are many like it, but this one is mine.
How many times have I created an account so I could download something or other. Can I remember what my user name for those accounts is? Can I remember what my password is? No bleeping way.
...
If there's some password for some WordPerfect file I created in 1997, I'm sorry but I couldn't remember it if I tried really hard. I guess that in GB, that would send me to jail for a couple of years.
My gut reaction to this law is really really rude and I won't slime you with it. If I call the authorities facist pigs, you can fill in the blanks.
My ancestors gave their lives to protect me from what my political masters are doing to me now. Let's just say that I deeply resent it.
I often find that the captcha is strangely appropriate for my posts. In this case it is 'queasy'
Man will never be free until the last king is strangled with the entrails of the last priest. --Denis Diderot
1) Generate a file with whatever you like in it (anything believable and non-incriminating). Make sure the file's lenght matches the encrypted file.
2) Reverse-engineer a one-time pad using this file and the encrypted file.
3) Supply the one-time pad to authorities with instructions on how to use it.
Ta dah!
Is there any way the key would simply just give different data and not destroy it? I realize the file size might not add up, but look at OJ.
~S
1) IANAL.
2) I am not familiar with the details of this case.
That said, I believe that there *is* a time and place where this sort of activity counts as reasonable search & seizure. Say the cops get a warrant to search your house, and you have a safe, and you say, "gee, officer, I have *no* idea how that safe got mounted behind that picture," nobody will believe you and you'll get subpoena'd for the combo. Encryption keys shouldn't be treated any differently from a combination to a safe. If there's a reasonable suspicion for evidence to be hidden somewhere, the cops have a duty to search it.
Can't a court order someone to provide a physical key as part of a subpoena or a warrant? Why does law treat encryption keys differently?
A Better solution is plausible deniability.
One password gives your uber-secret-plans-for-world-conquest, the other password gives a few hundred meg of soft porn (or whatever).
That way, you appear to not be resisting their demands.
There are shills on slashdot. Apparently, I'm one of them.
The difference is that with a physical object, all these things are pretty clear-cut: either there is a safe or there isn't, either it contains drugs or counterfeit money or it doesn't. And if you insist that you forgot the combo to the safe, no big deal, they will simply force it open, and that will settle the matter.
With encryption, you can't even tell whether there is a safe there. I might well keep big files of random numbers on my machine, and just because a UK cop with a two digit IQ is incapable of figuring out why and suspects some nefarious purpose, that shouldn't be illegal. Furthermore, with encryption, the government simply cannot force the issue: in general, they just can't decrypt the data.
The DOJ has taken the position that giving up your encryption keys is not testimony, so it isn't protected by the 5th amendment. The issue hasn't even been resolved for forcing people to hand over paper-based personal notes (cf the Packwood case).
So, I wouldn't be so sure that the 5th amendment protects you.
I forgot to say that TrueCrypt is open source and free, and, in my experience, perfectly reliable. There are Windows and Linux versions, and a Mac OS X version is planned.
Don't forget to donate if you use TrueCrypt extensively.
The present government corruption in both the U.S. and U.K. started when secret violence was authorized as a way of protecting oil investments of British and U.S. investors. Tending toward outlawing privacy is a way of continuing that corruption. Any government that can act in secret cannot be a democracy, because citizens cannot participate in things that are unknown to them.
This is a good site to read about the corruption, and to contribute links: U.S. Government corruption TimeLines. Example: Complete 911 Timeline, 3895 events.
ccalam - acoustic versions of new songs.
Speaking as someone that used to teach Computer Forensics to the SFO, British Customs, the USA's FBI etc (they now have their own courses). I can assure you that the first thing that was covered was disk imaging and that you should always work from the image. The original is evidence and any damage (read change) renders that evidence inadmisable. All you have to do is turn on and the OS is likely to make a change. This is taken to the degree of not using windows as the OS for imagining as windows likes to write to secondary drives when they are mounted. If you use Linux you can more easily mount as read only. It is best to make a couple of good primary images and then work from images of them rather than continually reverting to the original drive/s when you mess up so as to minimise the risk of damage and a lost case.
I love stacking my barbecues in the shed at the end of summer - you can't beat a bit of grill on grill action.
TrueCrypt is perfect to change a non-geek security behavior in very little time.
You can send them the installer, help them build an encrypted volume and show them how to use it in less than half an hour.
The only problem is explaining that if (ok, when) they lose the password, you won't be able to crack it. Ever.
Almost all police departments will image the drive, then present the person with the image to decrypt. If the image gets stung by a self destruct Trojan, then the police will know that its not a forgotten password, and then proceed to use rubber hose decryption to obtain the contents of the drive.
__
Additionally to encryption, hardware can help too. I have a paranoid friend who has his storage disks in a little cabinet with an electromagnet, where the HDs are electromagnetized when the door is opened without pushing the hidden button first.
So when the cops come to collect the hardware and you're not in the room to warn them that your data is protected from thieves that way....
I agree with your approach. I disagree, from direct observation, that the FBI are competent enough to actually do any of this. Despite their much-vaunted "Computer Crime Squad", they remain unwilling to investigate and incompetent to follow even basic backup and clean room procedures of materials they investigate. I've actually had to explain such issues to them, at length, regarding stolen computer property and verifying that software was taken with it.
Unless they've had a complete turnover of personnel throughout the department in the last 2 years, they're not competent from top to bottom in any of the 4 state's offices I had to deal with then.
It should be noticed that the particular groups of people who campaign against Huntingdon Life Sciences are terrorists:
They use threats of force to induce fear in people at HLS;
They have used actual violent force, at the work and at the homes, of people who work at HLS;
They threaten anyone involved with HLS, their suppliers, etc, with the same degree of violence;
They have placed bombs, which exploded, under the cars of people who work at HLS or are involvd with HLS;
They claim their actions are justifiable, that they are engaged in a violent struggle, that their violence is justified because they must achieve their aims by any means possible.
These are not nice people we are talking about. They are not the innocent defenders of the fluffy bunnies. They are aggressive, violent people and they are familiar with the tools and techniques of covert violence. Curiously they fail to mention their devotion to violence in their own article about this case.
RIPA, like any other "anti-terrorism law", will one day be used against people who have nothing to do with terrorism.
Today is not that day.
"For a successful technology, reality must take precedence over public relations, for Nature cannot be fooled"
I agree about the 'competent enough to actually do any of this' part. I just don't think that they are educated enough. They COULD be competent enough with a little training. In a computer repair shop I used to work at, we came across a fellow with kiddy porn on his computer (obviously so, no one was digging for stuff) and so we were obligated to call the cops (incidentally, if you weren't aware kiddy porn is one of the few, maybe only, things that your computer repair guy is obligated, compelled by law to report to the police. anything else, cracked software, 200 ripped movies or whatever and they don't need to say anything, but if they don't report KP it is obstructing justice or some such and the person who found it is liable for prosecution).
Anyhow, after we reported it I was talking to an officer and he gave me the number of the computer crimes division, because according to him the beat cops (we just called the precinct) were notorious for screwing around with computers and rendering the evidence inadmissible in court because it had been tampered with.
I digress. The point being they just don't know any better. It's just another piece of evidence to them, and they don't understand that just by turning it on they are modifying it. Data on an HD is not static like a gun on the floor or a finger print. Even just looking at it can change it, and the average person just doesn't understand that yet.
That's actually pretty much a stretch. Your 'decent' lawyer would have to give some sort of proof that there was a second partition there. Something that TrueCrypt is pretty much designed to prevent. You can easily show the existence of the first truecrypt partition - it's there in the open. You can't prove the existence of the second partition.
I'm not sure a judge will buy 'because we didn't find what we were looking for' as a reasonable showing of proof that a second partition exists, and unfortunately, that's all the proof that exists. The formatting method and the processing method result in random data covering the entire partition block, as data is written to both the shown & hidden partitions, that data changes from random to encrypted. However the whole goal of the crypto data is to make it look random.
So you have potentially 3 blocks of random data each constructed with the same randomizing algorythm. How exactly do you show where one begins & one ends? How do you even show that the 3rd block exists? The whole purpose of the hidden block is to make it almost impossible to prove the existence of that third block. You literally are more likely to brute force the key than you are to prove the existence of the hidden partition.
So I'm going to be put in jail because i forgot my key due to all the emotional stress of being investigated?
---- Booth was a patriot ----