Judge Orders Child Porn Suspect To Decrypt His Hard Drives

An anonymous reader writes "After having first decided against forcing a suspect to decrypt a number of hard drives that were believed to be his and to contain child pornography, a U.S. judge has changed his mind and has now ordered the suspect to provide law enforcement agents heading the investigation with a decrypted version of the contents of his encrypted data storage system, or the passwords needed to decrypt forensic copies of those storage devices. Jeffrey Feldman, a software developer at Rockwell Automation, has still not been charged with any crime, and the prosecution initially couldn't prove conclusively that the encrypted hard drives contained child pornography or were actually Feldman's, which led U.S. Magistrate Judge William Callahan to decide that forcing him to decrypt them would violate his Fifth Amendment right against self-incrimination. But new evidence has made the judge reverse his first decision (PDF): the FBI has continued to try to crack the encryption on the discs, and has recently managed to decrypt and access one of the suspect's hard drives... The storage device was found to contain 'an intricate electronic folder structure comprised of approximately 6,712 folders and subfolders,' approximately 707,307 files (among them numerous files which constitute child pornography), detailed personal financial records and documents belonging to the suspect, as well as dozens of his personal photographs."

What kind of encryption did the FBI break?

[samriel]

Reading that made me ask three questions:
1) What kind of encryption did the FBI break?
2) Can they do it again, for any arbitrary encrypted data?
3) If 2), what kind of decryption should we use instead of 1) ?

Re:What kind of encryption did the FBI break?

[imsabbel]

Most likely they had a dictionary attack (maybe hand-tuned to the suspect) get a lucky it.

If they had "broken" it, they wouldn't have stopped at one drive.

Re:What kind of encryption did the FBI break?

[Penguinisto]

Conspiracy bits aside, if the FBI found something, why would they demand he open the gates to more?

Could they not simply prosecute him based on just what they have so far? That way there would be no 5th Amendment violation, and they would (should?) have sufficient evidence so far to successfully prosecute him anyway.

Re:What kind of encryption did the FBI break?

Agreed. Besides, they're making things up -->

an intricate electronic folder structure comprised of approximately 6,712...

has absolutely no technical standing and contains all marketing words. If they successfully decrypted a
single drive, and found evidence, it is strong enough to build a case.

Encryption is boolean; you either discovered the key, or you haven't. There isn't a "key" out there the will
give a "partial" decryption. This is nonsense. So, what is happening is that they have evidence to move forward
with an indictment, but they're trying to set a legal precedented to override the 5th for future cases, IMHO.

This is basically the same tactic used in U.S. schools on the children now a days. You know, Billy said you did it,
so why don't you tell us what you did...

CAPTCHA = 'mischief' Wow! it says it all!

Re:What kind of encryption did the FBI break?

[ebno-10db]

He's already been incriminated

So why hasn't he been charged?

it's a "foregone conclusion"

The foregone conclusion they're talking about is just that the drives are his.

He's not even being forced to tell the cops his password/passphrase, he's only instructed to enter it unobserved into the system so the disks will be unencrypted.

That's a distinction that only a lawyer would think mattered.

So you can't argue that they cops are learning anything new regarding putting this guy in prison.

Additional counts. Other crimes. All kinds of incriminating stuff could be on the other drives.

If their real interest was in using the stuff on the other drives to pursue other criminals, they cut cut him a deal (somewhat reduced sentence, whatever) to get him to decrypt them. That's a tactic they use all the time, and often with good reason. Here they want an Alice in Wonderland interpretation of the 5th.

Re:What kind of encryption did the FBI break?

All of this information is in the initial filing, which wired posted here, including the fact that the government figured out partial patterns to his passwords. You should read the filing, though I warn you, you will want to retch by the end of it:
http://www.wired.com/images_blogs/threatlevel/2013/04/fedswantdecryption.pdf

After reading the request, I am amazed that the judge issued the first ruling at all. The download logs clearly showed entries that graphically describe pedophilia being written to a secure disk. I think the agents freaked out a bit, and assumed the disks would self destruct (as far as I know, the maxtor disks don't in fact do so).

I know it's unpopular to say on slashdot, but the government has a job to do, and is doing it well.

Re:What kind of encryption did the FBI break?

[ebno-10db]

Because the prosecutor hasn't filed charges yet. They're still working on the case.

You make it sound like "gosh, we just haven't gotten around to it yet". If they had any real evidence they could, and should, charge him in a heartbeat. Then they can keep him in jail or push for a very high bail (easy in a CP case), which makes him much less of a flight risk than just being a suspect. If they're "still working on the case" after that they can always add more charges later.

And that the images of [CP] on them are his. You forgot that tiny detail.

They don't know what's on the drives that are still encrypted. You forgot that tiny detail. If there was real CP on what they did decrypt then there is no excuse for not charging him ASAP.

It is a distinction that shows he's not being forced to provide information that the government doesn't already possess.

Of course he's being asked to provide information they don't already possess. Why else would they be trying to get it? What the "foregone conclusion" exception to the 5th means is that you have to hand over evidence, not information, if they can show it's a foregone conclusion that the evidence exists.

They have the disks and proof of his crime

Great. Why don't they use it?

he's not even expected to tell them the password.

That's a distinction that only a lawyer could think mattered.

You're very good at telling a prosecutor how to do his job.

As are you. What's your point? Everybody here is playing armchair prosecutor, judge, cop, fiddler, whatever.

They'll be in a much better position to offer a deal when the full extent of the crime is known.

That's true. Unfortunately the Bill of Rights sometimes makes the work of police and prosecutors more difficult. That's the price we pay for a society where the government can't arrest and imprison anybody they want. The people who wrote and ratified the Bill of Rights were no fools. Each and every right in there was to prevent government abuses that had a long history.

Re:What kind of encryption did the FBI break?

[Runaway1956]

Bottom line - the 5th guarantees that you do not have to provide ANY EVIDENCE to be used against you. The judge is requiring the accused to provide evidence intended to assist in his own prosecution.

Parsing words won't change that bottom line. It can only make you feel better about having coerced the hapless fool under your control.

Re:What kind of encryption did the FBI break?

[FatLittleMonkey]

and to understand that the important part of the document is the "6712 folders" and seven hundred thousand plus images they contain.

Seven hundred thousand files. But you genuinely heard it in your head as "images", right? And that is why prosecutors play such word games with, what should be, mundane technical information, because it does the same thing with the judge and jury.

"707,307 files" becomes "700,000 images" becomes "700,000 porn images, much of it kiddy porn."

Re:What kind of encryption did the FBI break?

[dj245]

All of this information is in the initial filing, which wired posted here, including the fact that the government figured out partial patterns to his passwords. You should read the filing, though I warn you, you will want to retch by the end of it: http://www.wired.com/images_blogs/threatlevel/2013/04/fedswantdecryption.pdf

After reading the request, I am amazed that the judge issued the first ruling at all. The download logs clearly showed entries that graphically describe pedophilia being written to a secure disk. I think the agents freaked out a bit, and assumed the disks would self destruct (as far as I know, the maxtor disks don't in fact do so).

I know it's unpopular to say on slashdot, but the government has a job to do, and is doing it well.

Regardless of the circumstances, ordering someone to decrypt a hard drive should be against the 5th amendment. I look at this the same way as any other "evidence is in a very hard place to get" situation.

If I lock evidence in a locker or a house, the authorities are going to break my lock or break down the door. They can't order me to give them the key if the location of the key is unknown to them. If I have an electronic keypad, they can't order me to give them the passcode.

If I kill someone and, having decided that a "shallow grave" is likely going to get me caught, bury the body in a 1000ft grave (suppose I own a drilling company), they can't make me dig up that body. It is upon them to dig it up. If I weigh someone down and dump them in the ocean, they can't force me to tell them the exact latitude/longitude. They can gather evidence all day long through any legal means, but forcing someone to actively incriminate themselves has never been, and should not be, legal in the US.

The fact that we now have locks that are effectively unpickable and unbreakable is unfortunate for law enforcement, but that doesn't change the 5th amendment. There should be no exceptions. The nature of the crime or the amount of other evidence doesn't matter to the 5th amendment.

"constitutes" child pornography.

Weasel-wording it like that makes me think it's probably random manga pictures from his browser cache and not real child pornography.

Re:"constitutes" child pornography.

[tompaulco]

Well the legal definition specifies "lascivious" media rather than some laundry list of people, poses and acts. I suspect there's Kim Possible and My Little Pony erotic fan-art posted on Tumblr and Deviantart that meets the technical criteria for child pornography every day.

Yes, that is true. Child Pornography is a scare word to make jurors convict. In reality, the legal definition of child pornography, while varying by location, may constitute such things as:
Nude pictures or movies of a 1 year old
Depictions of sex or nudity of a 17.999999 year old even if they look 25 years old.
Depictions of sex or nudity where someone holds the opinion that they look less than 18 years old even if they are 25 years old.
Pictures or movies depicting sex with a greater than 18 year old who is dressed in schoolgirl outfit or wearing pigtails in an attempt to look like a less than 18 year old even if it is still obvious that they are 25 years old or even older.
Pictures or movies depicting sex with 30 to 40 year old women filed under the heading "Teen Sex".
Pictures or movies of cartoons depicting nudity or sex of characters whom someone holds the opinion that the character looks less old than a real life18 year old.
Nude or partially unclothed photos taken of themselves by owners of a phone who are less than 18, or appear to be less than 18 or who are trying to appear to be less than 18.

Re:FBI shits on the constitution.

The Judge never said the FBI couldn't have a go at it, just that the suspect couldn't be compelled to hand over the decryption information because of lack of evidence.

Once the FBI had some success of their own and found evidence, then the judge changed his mind.

Re:FBI shits on the constitution.

[Hatta]

You don't have to provide the police a key to your house, unless they can convince a judge there is definitely something illegal hidden behind your front door.

This is the crucial issue, which you are glossing over. You DON'T have to provide the police a key to your house, even if they can convince a judge that there is definitely something illegal hidden behind your front door. If the cops show up to your house with a warrant, there's no requirement that you unlock the door for them. If you don't, they'll just break the door down.

What's happening here is quite different. The judge is compelling this man to assist the police who are trying to incriminate him. This is like issuing a search warrant where you are compelled to tell the police where your hiding places are.

Re:Good

[ShanghaiBill]

Pedophiles are animals, and don't deserve rights.

You are an idiot, and I doubt if you even understand what pedophilia is. Most pedophiles are not child molesters. Most child molesters are not pedophiles. Pedophilia is a psychological condition that causes someone to be sexually attracted to prepubescent children. But most people that feel this attraction do not act on it (since to do so is a serious crime). Most people charged as child molesters, on the other hand, are not pedophiles. They are not attracted to prepubescent children. Instead they are attracted to teenagers that are legally children, but biologically most certainly are not.

But the defendant in this case has not been accused of either pedophilia (which is not a crime) nor child molestation. He has been accused of possessing child pornography, which is a crime even if no actual children are involved. Computer generated animation, or even a pencil sketch can get you arrested. You want to castrate people for drawing pictures?

Re:FBI shits on the constitution.

[paiute]

I'm one hour away from full decryption and sellout of the entire USA economy, and you can't stop me.

No, but your mom can. She just called down the stairs that your Hot Pockets are done.

If the 5th protected him before, it still does.

[karlandtanya]

I'm guessing it's this part of it that protected him:
"nor shall be compelled in any criminal case to be a witness against himself"

There's no clause in the fifth amendment that says "...but if we have good evidence you're guilty, then you have to tell us what we need to know in order to get more evidence."

The police put you in a room and say "CONFESS", and you refuse. Judge says "that's right--you don't have to confess to anything. In fact, you don't have to say anything at all. You can remain silent."
Later, the police find some evidence that suggests you really did something illegal. And really socially repulsive.

Judge thinks for 2 seconds and realizes "Who's going to defend a kiddy diddler? I can rule however I want against this guy and get almost no political backlash. But if I "defend the constitution", I'm a liberal judge letting a monster get away on a technicality." Not a difficult decision for a pragmatic public servant. "Let the beatings begin.".

First they came for the child rapists and I said nothing because everyone would think I was one, too.