Mass. Supreme Court Says Defendant Can Be Compelled To Decrypt Data

← Back to Stories (view on slashdot.org)

Mass. Supreme Court Says Defendant Can Be Compelled To Decrypt Data

Posted by Unknown on Thursday June 26, 2014 @04:06AM from the wrench-helps dept.

Trailrunner7 (1100399) writes ... Security experts have been pounding the drum about the importance of encrypting not just data in transit, but information stored on laptops, phones, and portable drives. But the Massachusetts Supreme Judicial Court put a dent in that armor on Wednesday, ruling that a criminal defendant could be compelled to decrypt the contents of his laptops. The case centers on a lawyer who was arrested in 2009 for allegedly participating in a mortgage fraud scheme. The defendant, Leon I. Gelfgatt, admitted to Massachusetts state police that he had done work with a company called Baylor Holdings and that he encrypted his communications and the hard drives of all of his computers. He said that he could decrypt the computers seized from his home, but refused to do so. The MJSC, the highest court in Massachusetts, was considering the question of whether the act of entering the password to decrypt the contents of a computer was an act of self-incrimination, thereby violating Gelfgatt's Fifth Amendment rights. The ruling.

83 of 560 comments (clear)

Min score:

Reason:

Sort:

I lost the password by pjh3000 · 2014-06-26 04:06 · Score: 5, Funny

I lost the password in a hard drive crash.
1. Re:I lost the password by pjh3000 · 2014-06-26 04:07 · Score: 5, Funny
  
  ... the hard drive was recycled.
2. Re:I lost the password by pjh3000 · 2014-06-26 04:24 · Score: 2
  
  So why isn't Lerner in jail?
3. Re:I lost the password by ZombieBraintrust · 2014-06-26 04:30 · Score: 2
  
  He already admitted he could decrypt it. So not really an issue here.
4. Re:I lost the password by sycodon · 2014-06-26 04:31 · Score: 3, Insightful
  
  Can they compel you to unlock a safe? A safe Deposit box? While authorities can get into these without your help, what if they couldn't?
  Electronic information is directly analogous to paper. Information is information regardless of how its stored.
  
  --
  When Fascism comes to America, it will call itself Anti-Fascism, and tell you to give up your guns.
5. Re:I lost the password by jythie · 2014-06-26 04:34 · Score: 3, Informative
  
  They can indeed compel you to unlock a safe, just like they can compel one to hand over documents during discovery.
6. Re:I lost the password by Enry · 2014-06-26 04:44 · Score: 2, Informative
  
  She personally didn't lose the e-mail and much of it has already been recovered.
7. Re:I lost the password by grahamm · 2014-06-26 04:52 · Score: 4, Insightful
  
  But having opened the safe, can they force you to 'decode' the entries on a paper document which are written in a code or cipher? If not, then they should not be able to force you to decrypt an electronic document which is written in 'code'.
8. Re:I lost the password by jythie · 2014-06-26 04:52 · Score: 4, Insightful
  
  A safe can also have a combination lock or keypad, more frequently then a physical key.
9. Re:I lost the password by dave.leigh7335 · 2014-06-26 05:16 · Score: 2
  
  He already admitted he could decrypt it. So not really an issue here.
  Sure it is. He mis-remembers it. Obviously his recollection is marred by the passage of time and the stress caused by the accusations. Also, it was a really complicated password that's hard to remember. And his dog ate it. Oh, and perhaps he hasn't spent any effort to refresh his memory, contemplating instead the fact that the rights listed in the Bill of Rights are inalienable. They are affirmed by, not granted by, the Constitution. A state judge doesn't get to waive them with not-terribly-clever re-definitions.
10. Re:I lost the password by Totenglocke · 2014-06-26 05:18 · Score: 2, Interesting
  
  And THAT is what keyfiles are for. Pick a random .dll or some such that's part of Windows (or OS of your choice) as a keyfile so that there's nothing suspicious about the file itself. Simply don't select the keyfile when entering the password and you're good.
  
  --
  "The tree of liberty must be refreshed from time to time with the blood of patriots and tyrants." ~Thomas Jefferson
11. Re:I lost the password by Defenestrar · 2014-06-26 05:18 · Score: 5, Interesting
  
  No, as the series of court rulings have gone, the Fourth Amendment does not protect you from lawful search and seizure (such as a safe or hard drive). The combination to the safe, or encryption key to the drive, is not incriminating evidence and providing it to allow for lawful search and seizure does not violate your rights. They can admit evidence produced by oneself into court (such as two sets of books in one's own handwriting for a case of fraud) and that is not a violation of the Fourth (or Fifth) - just so with information one puts on a hard drive. What they can not compel one to do is testify against oneself (which is the Fifth by the way) nor assume guilt because you do not take the stand (not that a prosecutor won't toe that line with the jury). So, if one can keep all details of a crime in one's head and manage to destroy all other evidence which could be subject to lawful search and seizure - then you've got a shot at being a criminal mastermind.
  I'm not sure I entirely agree with the line of thought - but I can certainly follow the logic as well as the precedence.
  What would be interesting is if one's pass-code was material evidence with respect to the case - but a possible way around that would be limited immunity or ruling it as inadmissible evidence...It would make for an interesting case study.
12. Re:I lost the password by DaHat · 2014-06-26 05:18 · Score: 2
  
  It's not so clear cut.
  They generally can't compel you to turn over your encryption keys so they can go on a fishing expedition through your encrypted hard drive, looking for evidence with which to proceed... but they can compel you if they know you have specific evidence that they will find (ie they saw kiddie porn on your PC before you closed it and it required a password to log back in)
  
  --
  Help Brendan pay off his student loans
13. Re:I lost the password by Shakrai · 2014-06-26 05:28 · Score: 2, Insightful
  
  That's an incredibly stupid idea. You might as well make the password a six digit numeric, because that's about how long it will take a computer to go through every .dll on a standard Windows installation looking to see if one is the keyfile.
  
  --
  I want peace on earth and goodwill toward man.
  We are the United States Government! We don't do that sort of thing.
14. Re:I lost the password by Jane+Q.+Public · 2014-06-26 05:29 · Score: 2
  
  They can indeed compel you to unlock a safe, just like they can compel one to hand over documents during discovery.
  Not if it has a combination lock. Under some circumstances, that is.
  
  See, a lot of people here aren't getting what this is about. The 5th Amendment, and how it works.
  
  You cannot be compelled to produce knowledge -- "a product of the mind", as the courts put it -- if that could incriminate you. That includes an encryption key or a safe combination.
  
  But what many people don't seem to get here, and what many people find strange, is that this only holds if the contents are unknown. If the contents are already known, then the person isn't incriminating himself. So decryption / combination can be compelled. (It should also be noted that a safe isn't really a good example, though, because they only need probable cause to force it open, and the hell with the combination.)
  
  Example: a few years ago, a man was crossing the border with his laptop. He had an encrypted volume active and open when customs looked at it. A customs agent saw some child pornography on the encrypted volume, and showed it to another agent. Then the man somehow managed to turn off the laptop.
  
  In court, the judge ruled that because illegal material was already known to be on the drive, the judge could compel the man to hand over the decryption key. The man wouldn't be incriminating himself because he was already known to have illegal material there. (I would argue, though, that the man could have had other content on the drive, which was unknown, and which could have incriminated him for some other crime. In which case the ruling would be improper.)
  
  But again, it was only because specific illegal content was already "known with particularity" to be on the drive, that the judge could so order.
15. Re:I lost the password by Rob+Y. · 2014-06-26 05:42 · Score: 2, Insightful
  
  Not to mention that the entire witch hunt for IRS 'discrimination against right-wing groups' is a bogus, political sideshow. And beyond that, not to mention that *all* of these political groups shouldn't be tax-exempt - or certainly not in the way that allows their donors to be anonymous.
  It never ceases to amaze me that presumably smart Slashdotters are so quick to subscribe to conspiracy theories (cue smarmy response about how non 'presumably smart' I am). And that they embrace nonsense just because they think they're libertarians and the issue at hand falls on the libertarian side of an issue. The wholesale compromise of U.S. democracy in favor of big cash contributions is a tragedy - for liberals, conservatives and libertarians alike. But the media love it. Ad sales spike like crazy around elections, and for TV stations, election season is probably what Christmas season has long been for retailers - a few months, without which they would operate in the red...
  
  --
  Posted from my Android phone. Oh, I can change this? There, that's better...
16. Re:I lost the password by Jane+Q.+Public · 2014-06-26 05:45 · Score: 5, Informative
  
  No, as the series of court rulings have gone, the Fourth Amendment does not protect you from lawful search and seizure (such as a safe or hard drive). The combination to the safe, or encryption key to the drive, is not incriminating evidence and providing it to allow for lawful search and seizure does not violate your rights.
  In most circumstances, this is just plain false. As explained (but not very well) in TFA.
  
  Unless it is already known "with particularity" that the drive or safe contains some specific illegal or incriminating material, a judge cannot compel someone to hand over a decryption key or combination. Because those are the only circumstances that would not compel him to incriminate himself. This has nothing to do with the Fourth amendment at all, it's just the Fifth.
  
  Having said that: if they have probable cause or a warrant, they can force open a safe without violating either the 4th or 5th Amendments. The 4th only requires probable cause, and it doesn't require the suspect to incriminate herself, so the 5th isn't violated.
  
  However, with decent encryption there is no way to do that with a hard drive, so the circumstances are very different and the 5th Amendment comes into play. The court cannot compel speech, or "a product of the mind" like a combination or encryption key, if in doing so the individual would incriminate himself. The exception -- the ONLY exception -- is when specific evidence or illegal material is already known to be inside, "with reasonable particularity" as the courts have put it. ONLY in those circumstances is a suspect not being forced to incriminate himself. (And of course if the court did compel disclosure, and the material in question turned out to not be there after all, then the witnesses who said it was would be in some very serious trouble.)
  
  Simply suspecting something is inside is not sufficient. Probable cause is not sufficient. It is a far higher standard of evidence.
17. Re:I lost the password by Jane+Q.+Public · 2014-06-26 06:08 · Score: 2
  
  Yes, but how many people are using 4.1a from what....10 years ago? Almost everyone would be using a newer and (from the evidence provided by the Dev) compromised version.
  Pardon me. Brain fart, as they say. I meant 7.1a. That's the one being audited, and it has turned out okay.
18. Re:I lost the password by tmosley · 2014-06-26 06:08 · Score: 2
  
  Right, I'm sure they didn't just have a visit from the NSA (Not Secure Anymore) who wanted a backdoor in their software, and they refused to give them one, shutting down instead.
19. Re:I lost the password by tmosley · 2014-06-26 06:13 · Score: 2
  
  So if they force disclosure of a password and the data that was "known" to be on there isn't there, do you get to sue for violation of your fifth amendment rights?
20. Re:I lost the password by MouseTheLuckyDog · 2014-06-26 06:15 · Score: 2
  
  Yes that is why they found an email from Lois Lerner requesting that Senator Grassley be audited.
21. Re:I lost the password by Rigel47 · 2014-06-26 06:21 · Score: 3, Insightful
  
  It amazes me that you subscribe to the idea that a local desktop hard drive crash wiped out all email for a high-ranking IRS official... and that the IRS is essentially shrugging at any notion of ineptitude. Clearly you know fuck all about tech.
22. Re:I lost the password by TheCarp · 2014-06-26 06:24 · Score: 4, Interesting
  
  Not only that either.... he admitted not only that he COULD but, that the communications that they were looking for were, indeed in those encrypted volumes.
  As I understand, previous arguments and rulings have centered upon the idea that decrypting data would potentially give away information that the police didn't have already: like that you have the key and are associated with the contents.
  If the police find a USB key in my drawer, and I refuse to talk about it, they only know that I posessed it. They don't know whats on it...or that I actually know whats on it. For all they really know, it could be an empty encrypted parition that I setup and lost the key to (yes, I have done this a coupel of times), it could even be a drive someone asked me to hold onto.
  OTOH if I give them that information, then they can connect me directly with the unencrypted data, this makes a good amount of sense in that case.
  
  --
  "I opened my eyes, and everything went dark again"
23. Re:I lost the password by nabsltd · 2014-06-26 06:39 · Score: 2
  
  The court cannot compel speech, or "a product of the mind" like a combination or encryption key, if in doing so the individual would incriminate himself. The exception -- the ONLY exception -- is when specific evidence or illegal material is already known to be inside, "with reasonable particularity" as the courts have put it.
  In this case, the defendant admitted the encrypted data is communications with someone who is not his lawyer, and the state showed that those communications are likely to be evidence in this case. So, this time, the ruling is correct.
  If, however, the defendant had an encrypted file and the state had no knowledge of what might be in it, then the mere fact that it is encrypted is not probable cause to issue a warrant to compel the release of the password.
24. Re:I lost the password by Anonymous Coward · 2014-06-26 06:54 · Score: 2, Informative
  
  As another AC, my agreement that Rigel47 is a low-information poster aka knows fuck-all about what he's talking about, won't mean much.
  But this WaPo summary of the situation which confirms that the IRS had a 6-month backup retention policy should be meaningful.
  I do not expect this information to change Rigel47's opinion one bit. Truth rarely convinces ideologues. But anyone else following along might learn something.
25. Re:I lost the password by AutodidactLabrat · 2014-06-26 06:56 · Score: 2
  
  What we do know is that IRS and HEW communications are encrypted at every point, even internally. A lost password file control like "Keypass" and the entire server storage chain is permanently gibberish.
  For security purposes, those files are NEVER backed up by central servers (Key-in-Lock weakness) and so, once crashed....gone
26. Re:I lost the password by david672orford · 2014-06-26 07:31 · Score: 2
  
  Ultimately, the problem is one of a practical nature: until the incriminating evidence is actually shown to be on the encrypted hard drive, it is only suspected to be there, by any legal interpretation of "suspicion" -- if it was legally known to exist there, you could be found guilty without the bothersome effort of having to decrypt the data. Thus, by the wording of the ruling, the court is allowed to compel testimony in the form of a passphrase under literally any circumstance, since any suspect is, by definition, under "reasonable suspicion."
  Welcome to the new world order. Papers, please...
  That is not quite what decision says. Reasonable suspicion is sufficient to get a search warrant and the authorities can take the hard disk and try to break the encryption. The defendant can be compelled to give them the key only if it is already proven (not just reasonably suspected) that he has it. This defendant lost because he bragged to the cops that he had the key.
  The reasoning is that when a defendant decrypts a hard disk for the police he is admitted that he had access to its contents. But he has already admitted that. So now by unlocking the drive he will be telling the police anything new. He is simply unlocking the door so that the cops can go in with warrant in hand.
27. Re:I lost the password by david672orford · 2014-06-26 07:37 · Score: 2
  
  It's not so clear cut.
  They generally can't compel you to turn over your encryption keys so they can go on a fishing expedition through your encrypted hard drive, looking for evidence with which to proceed... but they can compel you if they know you have specific evidence that they will find (ie they saw kiddie porn on your PC before you closed it and it required a password to log back in)
  How sure they are that they know what is on the hard disk is not important as long as it was enough to get a warrant. According to this decision the important point is whether by unlocking the drive the accused will be admitting that the encrypted volume is his.
28. Re:I lost the password by KevReedUK · 2014-06-26 07:56 · Score: 4, Insightful
  
  OK... so the fact that they have a 6 month retention policy is one thing, and does, indeed, pretty much invalidate Rigel47's post.
  
  BUT it does raise a perhaps more important question...
  
  IANAL, but I believe the IRS can audit you after up to 6 years. Bearing this in mind, and the fact that I think it is highly unlikely that they would accept the excuse of "I only have a 6-month retention policy on my receipts" as sufficient to allow you to get away without providing the relevant documentation, it does lead me to wonder... If they are forcing and enforcing long retention policies on those that they serve, why do they get away with only having to accommodate a twelfth of the retention period themselves?
  
  --
  Just my $0.03 (At current exchange rates, my £0.02 is worth more than your $0.02)
29. Re:I lost the password by nytes · 2014-06-26 09:56 · Score: 2
  
  Anything found in the course of a legal search is fair game for prosecution.
  So if they enter your house with a warrant to search for drugs and find that body you've been keeping in the freezer, you're hosed.
  
  --
  -- I have monkeys in my pants.
30. Re:I lost the password by lgw · 2014-06-26 10:21 · Score: 3, Insightful
  
  It's worth noting that the EPA also has a recent history of remarkably convenient hard drive crashes affecting an ongoing investigation.
  Sarbanes-Oxley made it very clear that this shit doesn't fly for companies. You produce the records, or you get serious legal punishment (one of the few corporate cries that can land the CEO in jail, in extreme cases). No excuses accepted.
  Why doesn't the government impose the same standard on itself? Yes, that was a rhetorical question.
  
  --
  Socialism: a lie told by totalitarians and believed by fools.
31. Re:I lost the password by Citizen+of+Earth · 2014-06-26 16:48 · Score: 2
  
  He just needs to tell them that the passphrase he uses contains a confession to a crime. Then, he could not divluge his password without confessing to a crime, which he cannot be compelled to do.
Except, of course, they have to prove you can by i+kan+reed · 2014-06-26 04:07 · Score: 2

I mean, all you have to say is that you lost the actual key and cannot comply.
1. Re:Except, of course, they have to prove you can by Penguinisto · 2014-06-26 04:28 · Score: 5, Interesting
  
  From TFS:
  
  He said that he could decrypt the computers seized from his home, but refused to do so.
  Just because he was a dumbass doesn't mean the rest of us have to be.
  But let's say you want to be honest - here's a conceptual idea:
  Encrypt your stuff on a drive with two-factor auth. The first is a key that expires after x number of days, renewing the expiration every time you access it (let's say 3 to 14 days, tops.) The second factor is a passphrase. Shouldn't be hard to cook up if you use a high-bit-count SSL certificate as your key, and the encryption software checks the date. Keep the key on a separate but random-looking USB stick, SD chip, whatever. When you're not using it, stick it in a camera, unused smartphone, or similarly hidden. To prevent BIOS/EFI tinkering, insure that the encryption software double-checks that the system time is within the window (between last successful access and new expiry date) on boot, and destroys the key if the date is outside that window. Same with insuring that the HDD is in the same hardware it originally sat in, destroying the key if the software detects that a series of MAC addys and serial numbers don't match up.
  After the keypair expires (after all, you've been in jail all this time and unable to access it, so...) you can truthfully say that the data is unreachable by any means (though I do suggest that your statement not end with the phrase "...so suck it, copper!") Of course, this means *you* can't access it either, but one would hope you had a backup of the data stashed somewhere beyond the reach of a warrant or the authorities' knowledge, yes?
  Fun mental exercise either way. :)
  
  --
  Quo usque tandem abutere, Nimbus, patientia nostra?
2. Re:Except, of course, they have to prove you can by Penguinisto · 2014-06-26 04:32 · Score: 2
  
  He should have remained silent. Being a lawyer he should have known that.
  Sometimes lawyers think they're smarter than the average person in matters of law, and often in demonstrating their 'prowess' end up proving that they're not. It happens.
  
  --
  Quo usque tandem abutere, Nimbus, patientia nostra?
3. Re:Except, of course, they have to prove you can by Sarten-X · 2014-06-26 04:34 · Score: 4, Insightful
  
  As an accused boot-licking pro-establishment government-and-big-business shill, I agree.
  As a relatively sane individual who tends to think for myself, I also agree.
  As someone with passing familiarity with 4th-amendment case law, I also agree.
  This guy was a first-class idiot. An encrypted hard drive is little different from a locked safe. A court can order you to open it to reveal evidence, but the police need sufficient probable cause to convince a judge to issue that order. Saying "All the evidence is in there and I have the key" is pretty convincing probable cause that there's important relevant evidence in the safe (or disk). Saying nothing is a good way (and the only really safe way, as far as I know) to ensure that you're not giving the cops any additional assistance in proving your guilt.
  
  --
  You do not have a moral or legal right to do absolutely anything you want.
4. Re:Except, of course, they have to prove you can by mi · 2014-06-26 04:58 · Score: 2
  
  This guy was a first-class idiot.
  Or, maybe, he was just trying to create a precedent for the rest of us, huh? Some people are willing to die for the freedom of others, whereas this guy merely risked legal troubles... Neah, nobody but an idiot would do such a thing...
  
  --
  In Soviet Washington the swamp drains you.
5. Re:Except, of course, they have to prove you can by Safety+Cap · 2014-06-26 05:00 · Score: 5, Insightful
  
  He should have remained silent. Being a lawyer he should have known that.
  He must be a pretty shite lawyer. (Hopefully he isn't a criminal defense lawyer, because then he really IS a shite lawyer.)
  FTFA:
  
  “During his postarrest interview with State police Trooper Patrick M. Johnson, the defendant stated ... ‘[e]verything is encrypted and no one is going to get to it.’ The defendant acknowledged that he was able to perform decryption.”
  
  What a dumb-bumble-fark. He deserves to burn for bragging/taunting the cops.
  Rules for Talking to Cops
  ONE Don't talk to cops, except what you are legally required to say (you must ID yourself, to whatever extent your state's laws specify) TWO The only thing that should come out of your piehole from the time your are arrested (especialy during any "post-arrest 'let's get the suspect to incriminate himself' interview") are the words: "I wish to remain silent and I want a lawyer." TREE STFU until you get a lawyer FOUR Remember that Everything you say will be used to burn you. Cops can lie and get away with it, and if you lie to a cop, you're fried. Do not believe anything they say, and don't try to talk your way out of it because you'll lose. NaN Getting (and following) legal advice from random people on the internets is about the stupidest thing you could do.
  
  --
  Yeah, right.
6. Re:Except, of course, they have to prove you can by jcochran · 2014-06-26 05:01 · Score: 2
  
  Wouldn't work.
  Reason?
  It's standard forensic practice to make bit level copies of media and examine the copies, not the original material. Your software can do anything it wants to with the USB stick and an overwrite simply means that a new copy is made from the original (using software and hardware under the investigators control) and they get to try again.
7. Re:Except, of course, they have to prove you can by Mr.+Slippery · 2014-06-26 05:02 · Score: 3, Insightful
  
  An encrypted hard drive is little different from a locked safe
  An encrypted hard drive is entirely unlike a locked safe. It is much more like a notebook kept in a private code: if I write "June 26: red green Q 17 x-ray romeo eagle" in my journal, the state has no rightful authority to compel me to tell them what that means to me.
  
  --
  Tom Swiss | the infamous tms | my blog
  You cannot wash away blood with blood
8. Re:Except, of course, they have to prove you can by mysidia · 2014-06-26 05:06 · Score: 4, Interesting
  
  Destruction of evidence is a separate crime, and simply having some type of electronic dead man's switch on it does not get one off the hook.
  A self-destroying/expiring system is not illegal.
  But the real problem with Penguinisto's idea is it won't work. When computer equipment is seized; the power is immediately removed, and the software can do nothing.
  Power removal and system reboots are common enough, that there's no way the only copy of important data is in RAM; although, even if there is, authorities might attach a Firewire/PCI/Thunderbolt device, and use Inception to RAM dump the lower 4GB to write-only media.
  Which brings me to the next point..... after the seized computer is shipped to a lab; the first thing they will do is remove the storage media from the computer, hook it up to a Write blocker (Which is a special hardware dongle that is inserted into the I/O path and blocks any Write operations, Security commands, or other destructive messages from being sent to the hard drive), before powering the system back on, booting from a read-only USB stick, and dumping a complete backup image of the entire disk to archive.
  In the event that there is an ATA security lock/ATA password setup on the drive; the lab can disconnect the normal disk drive controller, and attach a custom one. If this is an encrypted SSD; they will have equipment and details from the drive manufacturer (obtained under lawful order), required to read the keys off the controller's PRAM chips.
  They can also, lift the platters out of the drive, and have those imaged --- in case they suspect attempt to overwrite files with all zeros.
  In short: The idea of using two factor in software with expiring keys for data stored on a HDD is extremely naive, if you think a LEO's lab will screw up and lose the data because of it.
  Your only chance is if you have a really tamper-resistant HSM with a self-destruct mechanism, and the LEO cannot identify the manufacturer, or work out how to safely get in; considering the fact, forensic labs have many advanced diagnostic tools available that can be used to analyze unknown media modules, and chances are good they can cut in and analyze the logic and data stored on even so-called tamper proof electronics...
9. Re:Except, of course, they have to prove you can by LordLimecat · 2014-06-26 05:12 · Score: 3, Informative
  
  To prevent BIOS/EFI tinkering, insure that the encryption software double-checks that the system time is within the window (between last successful access and new expiry date) on boot, and destroys the key if the date is outside that window. Same with insuring that the HDD is in the same hardware it originally sat in, destroying the key if the software detects that a series of MAC addys and serial numbers don't match up.
  This wont work, because you do not control the software used to decrypt it. If you are using a standard cipher (and you really, really should be using a standard vetted cipher), they will us their own decryption software that neither cares about certificate expiration nor about the new BIOS on the lab image that theyre using.
  No "time expiring" crypto method that actually works has been devised, most probably because it literally cannot be done in a secure way. The attacker controls the decryption software and the hardware-- not you.
10. Re:Except, of course, they have to prove you can by Mr.+Slippery · 2014-06-26 05:14 · Score: 2
  
  Destruction of evidence is a separate crime
  But since I have not committed a crime, the automated destruction of my private data to protect it from cyber-criminals in the event I lose control of it is not destruction of evidence.
  
  --
  Tom Swiss | the infamous tms | my blog
  You cannot wash away blood with blood
11. Re:Except, of course, they have to prove you can by Prune · 2014-06-26 06:03 · Score: 2
  
  There's a much better approach. There are secure key storage ICs you can buy for a few dollars a piece at the usual electronics distributors (Digikey etc.), which have a pin or set of pins to which a signal will cause instant secure erasure of the stored data. With one of these, the solution is quite trivial, and I've prototyped it before. Across it's ground and VCC pins, the device has a capacitor large enough to give it a fraction of a second of charge when disconnected from power. The erase signal pin is triggered by ANDed physical interlocks and power sense. If the power goes out, or the physical interlocks are opened, the key is instantly erased.
  
  --
  "Politicians and diapers must be changed often, and for the same reason."
12. Re:Except, of course, they have to prove you can by charles2678 · 2014-06-26 06:12 · Score: 2
  
  If they're professional forensic analysts, pretty near 100%. I've torn a prosecutor's case to pieces (well, provided an expert report used to do so) for relying on analysis by folks who weren't forensic professionals (school district IT staff), and that was a decade ago. I'm sure that any defense attorney worth their salt knows folks like me, and any crime lab is prepared.
13. Re:Except, of course, they have to prove you can by stox · 2014-06-26 06:59 · Score: 4, Informative
  
  http://forensic.belkasoft.com/...
  "Solid State drives (SSD) introduced dramatic changes to the principles of computer forensics. Forensic acquisition of computers equipped with SSD storage is very different of how we used to acquire PCs using traditional magnetic media. Instead of predictable and highly possible recovery of information the suspect attempted to destroy, we are entering the muddy waters of stochastic forensics where nothing can be assumed as a given."
  
  --
  "To those who are overly cautious, everything is impossible. "
14. Re:Except, of course, they have to prove you can by rastos1 · 2014-06-26 09:38 · Score: 2
  
  Remember that Everything you say will be used to burn you. Cops can lie and get away with it, and if you lie to a cop, you're fried. Do not believe anything they say, and don't try to talk your way out of it because you'll lose.
  
  Out of interest - what makes a lawyer so special that he can talk to the cops? Are lawyers vaccinated against cop-tricks or something?
Lois Lerner Method by bhlowe · 2014-06-26 04:08 · Score: 5, Insightful

Take the 5th and say your computer crashed. That works for the IRS.
1. Re:Lois Lerner Method by LordLimecat · 2014-06-26 05:15 · Score: 3, Insightful
  
  Except that thats not the ruling, and in your rush to karma-whore you apparently did not read the story. The reality is more nuanced than that, but of course reality gets fewer insightful votes than regurgitating nonsense about authoritarianism.
Ruling doesn't change much. by timrod · 2014-06-26 04:13 · Score: 5, Informative

If you read the ruling, the court admits that the only reason they said the defendant could be compelled to decrypt his data was because he had already admitted to the police that he was involved in the case, and that the details of his involvement were on the hard drive. I'm sure if he had kept silent the entire time and told them nothing, it would've been a different story.
1. Re:Ruling doesn't change much. by rahvin112 · 2014-06-26 04:19 · Score: 3, Funny
  
  You would think a lawyer would know better than to talk to the police.
2. Re:Ruling doesn't change much. by Nyder · 2014-06-26 04:20 · Score: 2
  
  If you read the ruling, the court admits that the only reason they said the defendant could be compelled to decrypt his data was because he had already admitted to the police that he was involved in the case, and that the details of his involvement were on the hard drive. I'm sure if he had kept silent the entire time and told them nothing, it would've been a different story.
  I don't agree. Even if he admitted he as involved, giving up any evidence of his involvement is self-incrimination. They don't know how much he was involved and his evidence would show that. Obviously if he gives it to them, it will show exactly what he was doing, thus proving he was guilty, which would be self-incrimination if he gives it.
  They need to prove he broke the law with other evidence, then what he has encrypted, because legally, they aren't allowed to have him give up the info.
  
  --
  Be seeing you...
3. Re:Ruling doesn't change much. by Rary · 2014-06-26 04:52 · Score: 4, Informative
  
  You may not agree, but it seems to be well established in law that once you admit to the crime and identify the existence and location of evidence, you've waived your 5th Amendment right.
  
  --
  "You cannot simultaneously prevent and prepare for war." -- Albert Einstein
Re:The relevant part by SteWhite · 2014-06-26 04:14 · Score: 2

Exactly - another key sentence in there is:
"In the Commonwealth's view, the defendant's act of decryption would not communicate facts of a testimonial nature to the government beyond what the defendant already has admitted to investigators. As such, the Commonwealth continues, the defendant's act of decryption does not trigger Fifth Amendment protection."
So if he had not admitted anything already and had refused to decrypt, the ruling may have been different.
I lost the password by Anonymous Coward · 2014-06-26 04:15 · Score: 5, Insightful

if it's good enough for the IRS....
Re:in what way is this not self-incrimination by pixelpusher220 · 2014-06-26 04:17 · Score: 2

A key is a physical object and as such can be compelled. You aren't participating in your testimony by providing the physical item; you have to provide LOTS of other information during disclosure so it's not like you can't be compelled to provide something that physically exists.

The difference here is that the key is theoretically in his mind and so he would have to participate in providing that; hence why it's generally been found that keys can be compelled but combinations on locks can't and similarly passwords can't be.
BR Of course the amendments have been eroding for some time now...

--
People in cars cause accidents....accidents in cars cause people :-D
Re:WTF? How is this not self incrimination? by 0123456 · 2014-06-26 04:18 · Score: 3, Insightful

It's not self-incrimination in the same way that the intersate commerce clause gives the Federal government the power to regulate absolutlely anything that might have any impact on interstate commerce even if it never leaves your house.
That is, it's clearly a blatant violation of the Constitution, to everyone but lawyers.
Important Caveat by Rary · 2014-06-26 04:20 · Score: 5, Informative

Haven't read the entire ruling, only scanned it, but there is an important caveat in it:

We now conclude that the answer to the reported question is, "Yes, where the defendant's compelled decryption would not communicate facts of a testimonial nature to the Commonwealth beyond what the defendant already had admitted to investigators."
Seems like this guy has said "I did this, this, and this, and these files show that, but I don't want to let you see them", and the Court has ruled that he has to, because he's already admitted to those things, and therefore he would not be incriminating himself in doing so.
Of course, the reality may be that there's evidence of further illegal activities that he hasn't admitted to in the encrypted files. That might make the case for self-incrimination. I'd have to read the full ruling to see what, if anything, they said about that possibility.

--
"You cannot simultaneously prevent and prepare for war." -- Albert Einstein
1. Re:Important Caveat by Rary · 2014-06-26 04:42 · Score: 2
  
  Just doing a little digging into the details of the 5th Amendment in practice, and found this interesting tidbit:
  
  The Court acknowledged that it is well established that a witness, in a single proceeding, may not testify voluntarily about a subject and then invoke the Privilege against Self-Incrimination when questioned about the details.
  That could very well apply in this case, so that even if there is additional evidence in the files beyond what he has admitted to, the moment he started admitting to some of it, he effectively waived his self-incrimination right.
  
  --
  "You cannot simultaneously prevent and prepare for war." -- Albert Einstein
criminal defense attorney and programmer here by Anonymous Coward · 2014-06-26 04:21 · Score: 5, Informative

This is why you don't talk to the cops, especially if you find yourself in the fortunate situation of having illegally acquired 13 million dollars and encrypted all of the evidence. If you say nothing to the cops, you win. The only way you lose is if you brag to them about how awesome a job you did at getting away with the crime.
The people up here who are saying "tell them you lost the key" "tell them it was scrambled not encrypted, etc" are all idiots. Lying to the cops is a crime. Telling them nothing is the superior response.
Cop executing search warrant: "it's asking for a password"
Def: "I want a lawyer, I'm not talking to you"
Cop: "You encrypted it, didn't you?"
Def: "lawyer lawyer lawyer"
Cop: "We'll just get a warrant anyway and you'll go to jail. Help us help you."
Def: "did't you hear me? I want a lawyer"
That being said, I'm in FL so I'm covered by the 11th circuit ruling. Either way, silence is golden. I'd say that at least 30 percent of my cases would have turned out much better if clients hadn't consented to searches, admitted to elements of crimes or just generally blabbed when they should have remained silent.
1. Re:criminal defense attorney and programmer here by Svartalf · 2014-06-26 09:23 · Score: 2
  
  Precisely. There's several copies of a prominent law professor's lecture on the subject and spells out PRECISELY why you don't do things like that.
  https://www.youtube.com/watch?...
  Now, the burning question would be, "how did they get access to his encrypted system files?"- without a warrant, they're just as screwed in light of the recent Supreme Court rulings. You need a warrant for those things- and you need to state you're looking for a specific on them before they can legitimately reach the conclusion the Mass Supreme Court arrived at. Without that, it's just like the Fourth Amendment violation I experienced about 5 years ago. No *VALID* warrant? No case. No seizure allowed.
  
  --
  I am not merely a "consumer" or a "taxpayer". I am a Citizen of the State of Texas
Second key by OnAutopilot · 2014-06-26 04:23 · Score: 2

Would it be possible to have a system where you have a second key that "decrypts" to an empty drive? I don't see how they could prove that you used your primary or fake key.
Re:The relevant part by Anonymous Coward · 2014-06-26 04:25 · Score: 2, Funny

So what they're saying is that since the decryption key isn't "testimony" it doesn't count under the 5th Amendment. (IANAL)
Guess I'm safe then. My decryption key is "testimony". Lowercase, no special characters or digits.
Re:The relevant part by sabri · 2014-06-26 04:29 · Score: 3, Insightful

So if he had not admitted anything already and had refused to decrypt, the ruling may have been different.
That is irrelevant. The question at hand is whether or not the Government can force you to provide evidence against yourself in a criminal case. Now I'm just a stupid immigrant, but my understanding from the 5th Amendment is that nobody "hall be compelled in any criminal case to be a witness against himself". I don't care how much the police think they know. If they need his harddrive, their case is not solid and the suspect should not be required to provide incriminating evidence.

Being forced to provide evidence against yourself pretty makes it the Soviet Republic of Massachusetts.

--
I'm not a complete idiot... Some parts are missing.
Digital vs Physical by Quantus347 · 2014-06-26 04:32 · Score: 4, Insightful

I get the legalese argument the guy as trying to make and the narrow line they tried to draw with the ruling, but Im not sure why it even got past the original judge.

If it had been the exact same situation, just a combination lock on on physical file cabinet in his office, once a proper court subpena was issued Law Enforcement might have asked for the combination as a courtesy but would have been perfectly within their rights to simply cut the thing open. And if they found evidence of some unrelated crime, that is long been fair game just like a drug bust during a traffic stop.

Maybe it's different by State, I dont know

--
Common Sense isn't as Common as people think...
1. Re:Digital vs Physical by JeffOwl · 2014-06-26 04:49 · Score: 2
  
  The difference is that a locked file cabinet is trivial to circumvent without the cooperation of the key or combination holder. Once they had the warrant the police wouldn't bother with the courts, they would hire a locksmith or some other such expert to break open the cabinet or safe. Apparently the encryption on the hard drive in this case is much more difficult if not impossible for anyone at the state level to break it within a reasonable time period. So to avoid waiting 5 years and spending lots of $ on super computer time, they went to a judge to see if the threat of jail would shortcut the process.
  Oblig: http://xkcd.com/538/
2. Re:Digital vs Physical by Arker · 2014-06-26 04:52 · Score: 2
  
  "If it had been the exact same situation, just a combination lock on on physical file cabinet in his office, once a proper court subpena was issued Law Enforcement might have asked for the combination as a courtesy but would have been perfectly within their rights to simply cut the thing open." The only difference appears to be that the LE agency involved purports to be incapable of 'cutting the lock.' Well that and the unwise statements made to police by the defendant voluntarily. It would be interesting if a similar case could be constructed with an un-cuttable physical lock, but of course such things do not exist...
  
  --
  =-=-=-=-=-=-=-=-=-=-=-=-=-=-
  Friends don't let friends enable ecmascript.
3. Re:Digital vs Physical by dcooper_db9 · 2014-06-26 06:14 · Score: 2
  
  Breaking the lock only requires reasonable cause. Compelling the defendant to provide the security code introduces the fifth amendment question. Breaking encryption takes time and money that the state would rather spend elsewhere.
  
  --
  I do not block ads. I do block third party scripts.
4. Re:Digital vs Physical by AK+Marc · 2014-06-26 10:11 · Score: 2
  
  He confirmed he had relevant documents. They could have subpoenaed the records, rather than the key.
  
  It would be interesting if a similar case could be constructed with an un-cuttable physical lock, but of course such things do not exist...
  They do, if you have a sufficiently booby-trapped safe. If broken open, it destroys the contents.
  
  --
  Learn to love Alaska
He walked into this one by MikeRT · 2014-06-26 04:33 · Score: 4, Insightful

I think the correct response here would be to say that you can plead the 5th on the question of whether you can decrypt it or not, and if you claim the 5th compulsion is illegal. However, once you make an affirmative statement you waive the right to not be compelled. In terms of a key, it would be like if you had an almost impenetrable door that used a single key. The police ask you if you are in possession of said key while they have a valid warrant. You say yes, which means they have a right to compel you to hand over the key per the valid warrant. However if you shrug and plead the 5th it should not be on you at that point.
Re:The relevant part by jythie · 2014-06-26 04:38 · Score: 2

You can not be forced to testify against yourself, but you can be forced to hand over evidence that exists.
As a lawyer he should have known better by Arker · 2014-06-26 04:39 · Score: 4, Informative

The ruling appears flawed, I sympathize with the dissent, but yeah. This guy screwed himself, in typical lawyer fashion, with excess arrogance. He did not have to tell the police anything here, he has probably lectured his clients many times on exactly why they should never talk to the police, does not matter if you have nothing to hide, does not matter if you think you have done nothing wrong, and if you have done something but think you can talk your way out of it you are a fool. Ask for your lawyer then shut your mouth, and do not answer any questions, I dont care if they ask you about the weather, the reply is 'ask my lawyer.' From the language used in the opinion, if he had simply shut his mouth and not started bragging/volunteering information, he would be in a very different situation today.

--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Friends don't let friends enable ecmascript.
Re:So whats the case law on keys by Quantus347 · 2014-06-26 04:43 · Score: 2

Not quite, but you are making a good point. According to The Ruling the only reason the motion was filed and this issue came at all up was because the guy happened to have used a particularly effective encryption software that the State was unable to circumvent. But they tried and would have been perfectly allowed to use any of the information found had they succeeded. Which is like saying that the 5th amendment would protect the contents of my safe, but only if I can afford a top-of-the-line one.

--
Common Sense isn't as Common as people think...
Re:The relevant part by suutar · 2014-06-26 04:44 · Score: 2

from what I've read, the interpretation is that you may not be forced to _create_ evidence that may be used to convict you at the request of a government entity. Answering a question from a government employee is creating statements that didn't already exist. Filling out a form is creating documents that didn't exist. Evidence that they already have can be followed up. Evidence that is known to already exist can be demanded (blood samples, DNA samples, papers in a safe), and the fifth won't help because you're not creating anything.
Following this interpretation, data on the drive already exists. Taking the fifth when asked if you know the password may be allowable, but once knowledge of the password has been admitted, it's down to the "demanding evidence that exists" category and the fifth doesn't help.
I'm not saying that's the ideal answer, but there is a certain logic to the position.
Re:So whats the case law on keys by mbone · 2014-06-26 04:52 · Score: 2

A better analog might be, suppose someone said in testimony

I buried all my documents in a box out in the desert.
Could they then be compelled to provide the location if police searches turned up a blank? Seems like they could.
Of course, if you are willing to go to jail and wait it out, the "compulsion" is never forever, Seems like that might depend on just what's in those documents.
Same lie, two people, different outcome by Anonymous Coward · 2014-06-26 05:05 · Score: 5, Interesting

Judge thinks you are lying. You're a geek, who presumably knows how to secure information on a computer. You saying "I lost the data" is equivalent to saying "My whole life is a lie and I don't actually know how to do any of the things I always talk about." Bullshit. You didn't lose the data. Your RAID6 didn't have a three-drive failure, and your backups weren't untested.
Same judge can think Lerner is telling truth. Lerner is an administrator, and she uses an iPhone and thinks the "e" on her desktop is the Internet, Her saying "I lost the data" is equivalent to her saying "I think the car's oil might be low, but I haven't looked. but the problem really could be oil, because I read a story in Readers Digest about a couple who saw some smoke coming out their hood, and when they finally got to town for someone to check it out, it turned out they were low on oil!" Her act is consistently dumb enough that no dumbness could be out of character.
When Lerner is asked the airspeed of an unladen swallow, she smiles helplessly, shrugs, and says "I don't know. What did you swallow?" When you're asked, you smugly immediately instinctively counter with "African or European?" and when the judge says "European," your eyes suddenly dart around and you say, unconvincingly, "Uh... I don't know anything about swallows."
1. Re:Same lie, two people, different outcome by TheCarp · 2014-06-26 07:00 · Score: 4, Insightful
  
  > You saying "I lost the data" is equivalent to saying "My whole life is a lie and I don't actually know how to do any
  > of the things I always talk about." Bullshit. You didn't lose the data.
  Funny you would say that because.... you know I have a bunch of encrypted partitions, some of which I actually can't open. Some of it is encrypted with keys that I deleted because they were not needed. For example I have one particular one I can't open, because I never saved the key....it was only a temporary place to pull some data off encrypted tape to search for something.... after I no longer needed it, I just unmounted it. At the time I meant to go back and look for more, I never did, then I forgot the key....big deal....I have the tape still.
  Course, I could never prove to anyone else that the data in there is the same as is on the tape....but.... frankly, that wasn't one of my concerns when i created it....I just didn't want to write it all to unencrypted disk and leave it sitting there.
  I also have a few emails encrypted to my pgp key from the 90s. I can't seem top decrypt my key even though I thought i remembered the password. I only keep it around because someday I might guess right and there would be some minor use to having it.
  Guess my whole life is a lie because I lost some data. I better go resign my day job right now!
  
  --
  "I opened my eyes, and everything went dark again"
2. Re:Same lie, two people, different outcome by TheCarp · 2014-06-26 09:59 · Score: 2
  
  > You said you deleted the unneeded data, therefore you didn't lose it, you disposed of it.
  Yes, however the point remains that it means I have encrypted data that I can't decrypt; for really no nefarious reason and no lie. Its there, its encrypted, there does exist a key that could turn it back into the data that was.... but I could neither decrypt it nor prove it matches that other data that I can decrypt. Best anyone, even a forensic investigator could do is take my word for it.
  Really in the end, the only point here is that the stink test proposed doesn't work....a professional familiar with encryption is actually quite likely to have data he can't decrypt for one reason or another.
  Hell, to be honest, I do occasionally wonder that it might be a liability. Then I think.... fuck em, maybe I should just make some full partitions of just random data for kicks.
  
  --
  "I opened my eyes, and everything went dark again"
You talk, it's your fault by MikeRT · 2014-06-26 05:34 · Score: 2

but bullshit as in, contrary to a reasonable reading of the Constitution by a citizen of normal intelligence.
And how so? He waved his ability to execute their search in their faces and then suddenly is surprised when his failure to STFU per the 5th was held against him.
If an ordinary person believes they can give a cop legally valuable information about a case against them and not expect to have that used against them, their intelligence doesn't even rise to the level of pop culture references (you have the right to remain silent, anything you say...)
And let's be clear here. This was a lawyer, not an ordinary person. Odds are higher an ordinary person would have been smart enough to just shut up whereas this guy probably thought he'd use some fancy legal maneuvering he learned along the way to win on a technical point.
Re:The relevant part by Wookact · 2014-06-26 06:16 · Score: 2

If the government serves you with a search warranty for your paper files you do not go and collect them into a box and hand them over. You step out of the way and they gather them. The government issues a search warrant for your combination safe, you stand out of the way while they open it. If the government issues a search warranty for your encrypted documents, you are now expected to supply them? Um no. You stand out of the way and allow them to go get them.
Re: known data isn't there by TaoPhoenix · 2014-06-26 07:19 · Score: 4, Interesting

All this is making me start to think of some kind of more clever "panic mode" encryption.
You'd have to make it really fast, such that it's reg proto-encrypted two ways, one normal, and the panic mode. So say something really fast like shift-control-alt-F11 instantly flips the "panic bit".
We as geeks could put all kinds of awesome stuff into it, smashed into a kind of digital Klein Bottle with milk for Schrodinger's cat.
"Do you know how to decrypt it?"
"No"
"Why not?"
"Because it's time-locked with a code that cannot be found until next September."
"Do you know what documents are on there?"
"The ones you are looking for are not there because they were broken into component parts that only the computer knows, tied to a code that September code. Meanwhile other documents you did not know were there, are there, because they were created by algorithms the moment I hit the Panic Button and not a moment before. And the base of the September key is an English phrase which may or may not admit a crime. You don't know."
"So what if the case is dismissed?"
"I can do other work until September. What's important is that it cannot be broken right now."

--
My first Journal Entry ever, in 8 years! http://slashdot.org/journal/365947/aphelion-scifi-fantasy-horror-poetry-webzine
Re: known data isn't there by dnavid · 2014-06-26 08:44 · Score: 3, Insightful

All this is making me start to think of some kind of more clever "panic mode" encryption.
You'd have to make it really fast, such that it's reg proto-encrypted two ways, one normal, and the panic mode. So say something really fast like shift-control-alt-F11 instantly flips the "panic bit".
We as geeks could put all kinds of awesome stuff into it, smashed into a kind of digital Klein Bottle with milk for Schrodinger's cat.
"Do you know how to decrypt it?" "No" "Why not?" "Because it's time-locked with a code that cannot be found until next September." "Do you know what documents are on there?" "The ones you are looking for are not there because they were broken into component parts that only the computer knows, tied to a code that September code. Meanwhile other documents you did not know were there, are there, because they were created by algorithms the moment I hit the Panic Button and not a moment before. And the base of the September key is an English phrase which may or may not admit a crime. You don't know." "So what if the case is dismissed?" "I can do other work until September. What's important is that it cannot be broken right now."
In my opinion, that likely wouldn't work. Contrary to what you might see on TV or in movies, courts are not generally impressed by technicalities or deliberately unproductive cleverness. Consider the recent Supreme Court ruling against Aereo. The Court was entirely unmoved by the technical argument that the way Aereo implements their service is "basically like" individuals using antennas. They ruled that *overall* Aereo was obviously acting as a rebroadcaster, by taking in broadcast signals and sending them live to a large number of customers and charging for that. The notion that they don't charge for the broadcast, just the rent for the antenna was similarly unconvincing to the Court. Courts tend to look at net results, and less the technical path to achieve it. In this case, a court would rule that a) you've just admitted the system contains information related to the government investigation, b) you created the system being used to obfuscate and hide that information, and c) even though you've made it difficult or impossible to produce that information at this time, you can be compelled to do so at the earliest possible moment the system physically allows, and d) the fact that you appear to have deliberately done all of this in a deliberate attempt to thwart law enforcement with full knowledge of the legal consequences can subject you to an obstruction of justice charge.
Most judges and most courts do not consider the law to be a game that people can attempt to create exploits for. Exploiting loopholes in the law is one thing: doing so with an obvious willful intent to subvert the court tends to be looked upon extremely unfavorably. Judges have significant latitude to deal with people they think are trying to do that.
That's a nice tax bracket you have there... by tlambert · 2014-06-26 11:22 · Score: 3, Funny

That only applies to people who have no authority that could ever possible impact the judge in question.
"That's a nice tax bracket you have there... it'd be a shame if it got audited for the last seven years, and every year from here on out, into the foreseeable future"