Slashdot Mirror
Mass. Supreme Court Says Defendant Can Be Compelled To Decrypt Data
Trailrunner7 (1100399) writes ... Security experts have been pounding the drum about the importance of encrypting not just data in transit, but information stored on laptops, phones, and portable drives. But the Massachusetts Supreme Judicial Court put a dent in that armor on Wednesday, ruling that a criminal defendant could be compelled to decrypt the contents of his laptops. The case centers on a lawyer who was arrested in 2009 for allegedly participating in a mortgage fraud scheme. The defendant, Leon I. Gelfgatt, admitted to Massachusetts state police that he had done work with a company called Baylor Holdings and that he encrypted his communications and the hard drives of all of his computers. He said that he could decrypt the computers seized from his home, but refused to do so. The MJSC, the highest court in Massachusetts, was considering the question of whether the act of entering the password to decrypt the contents of a computer was an act of self-incrimination, thereby violating Gelfgatt's Fifth Amendment rights.
The ruling.
I lost the password in a hard drive crash.
Take the 5th and say your computer crashed. That works for the IRS.
If you read the ruling, the court admits that the only reason they said the defendant could be compelled to decrypt his data was because he had already admitted to the police that he was involved in the case, and that the details of his involvement were on the hard drive. I'm sure if he had kept silent the entire time and told them nothing, it would've been a different story.
if it's good enough for the IRS....
It's not self-incrimination in the same way that the intersate commerce clause gives the Federal government the power to regulate absolutlely anything that might have any impact on interstate commerce even if it never leaves your house.
That is, it's clearly a blatant violation of the Constitution, to everyone but lawyers.
Haven't read the entire ruling, only scanned it, but there is an important caveat in it:
We now conclude that the answer to the reported question is, "Yes, where the defendant's compelled decryption would not communicate facts of a testimonial nature to the Commonwealth beyond what the defendant already had admitted to investigators."
Seems like this guy has said "I did this, this, and this, and these files show that, but I don't want to let you see them", and the Court has ruled that he has to, because he's already admitted to those things, and therefore he would not be incriminating himself in doing so.
Of course, the reality may be that there's evidence of further illegal activities that he hasn't admitted to in the encrypted files. That might make the case for self-incrimination. I'd have to read the full ruling to see what, if anything, they said about that possibility.
"You cannot simultaneously prevent and prepare for war." -- Albert Einstein
This is why you don't talk to the cops, especially if you find yourself in the fortunate situation of having illegally acquired 13 million dollars and encrypted all of the evidence. If you say nothing to the cops, you win. The only way you lose is if you brag to them about how awesome a job you did at getting away with the crime.
The people up here who are saying "tell them you lost the key" "tell them it was scrambled not encrypted, etc" are all idiots. Lying to the cops is a crime. Telling them nothing is the superior response.
Cop executing search warrant: "it's asking for a password"
Def: "I want a lawyer, I'm not talking to you"
Cop: "You encrypted it, didn't you?"
Def: "lawyer lawyer lawyer"
Cop: "We'll just get a warrant anyway and you'll go to jail. Help us help you."
Def: "did't you hear me? I want a lawyer"
That being said, I'm in FL so I'm covered by the 11th circuit ruling. Either way, silence is golden. I'd say that at least 30 percent of my cases would have turned out much better if clients hadn't consented to searches, admitted to elements of crimes or just generally blabbed when they should have remained silent.
From TFS:
He said that he could decrypt the computers seized from his home, but refused to do so.
Just because he was a dumbass doesn't mean the rest of us have to be.
But let's say you want to be honest - here's a conceptual idea:
Encrypt your stuff on a drive with two-factor auth. The first is a key that expires after x number of days, renewing the expiration every time you access it (let's say 3 to 14 days, tops.) The second factor is a passphrase. Shouldn't be hard to cook up if you use a high-bit-count SSL certificate as your key, and the encryption software checks the date. Keep the key on a separate but random-looking USB stick, SD chip, whatever. When you're not using it, stick it in a camera, unused smartphone, or similarly hidden. To prevent BIOS/EFI tinkering, insure that the encryption software double-checks that the system time is within the window (between last successful access and new expiry date) on boot, and destroys the key if the date is outside that window. Same with insuring that the HDD is in the same hardware it originally sat in, destroying the key if the software detects that a series of MAC addys and serial numbers don't match up.
After the keypair expires (after all, you've been in jail all this time and unable to access it, so...) you can truthfully say that the data is unreachable by any means (though I do suggest that your statement not end with the phrase "...so suck it, copper!") Of course, this means *you* can't access it either, but one would hope you had a backup of the data stashed somewhere beyond the reach of a warrant or the authorities' knowledge, yes?
Fun mental exercise either way. :)
Quo usque tandem abutere, Nimbus, patientia nostra?
So if he had not admitted anything already and had refused to decrypt, the ruling may have been different.
That is irrelevant. The question at hand is whether or not the Government can force you to provide evidence against yourself in a criminal case. Now I'm just a stupid immigrant, but my understanding from the 5th Amendment is that nobody "hall be compelled in any criminal case to be a witness against himself". I don't care how much the police think they know. If they need his harddrive, their case is not solid and the suspect should not be required to provide incriminating evidence.
Being forced to provide evidence against yourself pretty makes it the Soviet Republic of Massachusetts.
I'm not a complete idiot... Some parts are missing.
I get the legalese argument the guy as trying to make and the narrow line they tried to draw with the ruling, but Im not sure why it even got past the original judge.
If it had been the exact same situation, just a combination lock on on physical file cabinet in his office, once a proper court subpena was issued Law Enforcement might have asked for the combination as a courtesy but would have been perfectly within their rights to simply cut the thing open. And if they found evidence of some unrelated crime, that is long been fair game just like a drug bust during a traffic stop.
Maybe it's different by State, I dont know
Common Sense isn't as Common as people think...
I think the correct response here would be to say that you can plead the 5th on the question of whether you can decrypt it or not, and if you claim the 5th compulsion is illegal. However, once you make an affirmative statement you waive the right to not be compelled. In terms of a key, it would be like if you had an almost impenetrable door that used a single key. The police ask you if you are in possession of said key while they have a valid warrant. You say yes, which means they have a right to compel you to hand over the key per the valid warrant. However if you shrug and plead the 5th it should not be on you at that point.
As an accused boot-licking pro-establishment government-and-big-business shill, I agree.
As a relatively sane individual who tends to think for myself, I also agree.
As someone with passing familiarity with 4th-amendment case law, I also agree.
This guy was a first-class idiot. An encrypted hard drive is little different from a locked safe. A court can order you to open it to reveal evidence, but the police need sufficient probable cause to convince a judge to issue that order. Saying "All the evidence is in there and I have the key" is pretty convincing probable cause that there's important relevant evidence in the safe (or disk). Saying nothing is a good way (and the only really safe way, as far as I know) to ensure that you're not giving the cops any additional assistance in proving your guilt.
You do not have a moral or legal right to do absolutely anything you want.
The ruling appears flawed, I sympathize with the dissent, but yeah. This guy screwed himself, in typical lawyer fashion, with excess arrogance.
He did not have to tell the police anything here, he has probably lectured his clients many times on exactly why they should never talk to the police, does not matter if you have nothing to hide, does not matter if you think you have done nothing wrong, and if you have done something but think you can talk your way out of it you are a fool. Ask for your lawyer then shut your mouth, and do not answer any questions, I dont care if they ask you about the weather, the reply is 'ask my lawyer.'
From the language used in the opinion, if he had simply shut his mouth and not started bragging/volunteering information, he would be in a very different situation today.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Friends don't let friends enable ecmascript.
He should have remained silent. Being a lawyer he should have known that.
He must be a pretty shite lawyer. (Hopefully he isn't a criminal defense lawyer, because then he really IS a shite lawyer.)
FTFA:
“During his postarrest interview with State police Trooper Patrick M. Johnson, the defendant stated ... ‘[e]verything is encrypted and no one is going to get to it.’ The defendant acknowledged that he was able to perform decryption.”
What a dumb-bumble-fark. He deserves to burn for bragging/taunting the cops.
Rules for Talking to Cops
ONE Don't talk to cops, except what you are legally required to say (you must ID yourself, to whatever extent your state's laws specify) TWO The only thing that should come out of your piehole from the time your are arrested (especialy during any "post-arrest 'let's get the suspect to incriminate himself' interview") are the words: "I wish to remain silent and I want a lawyer." TREE STFU until you get a lawyer FOUR Remember that Everything you say will be used to burn you. Cops can lie and get away with it, and if you lie to a cop, you're fried. Do not believe anything they say, and don't try to talk your way out of it because you'll lose. NaN Getting (and following) legal advice from random people on the internets is about the stupidest thing you could do.Yeah, right.
An encrypted hard drive is entirely unlike a locked safe. It is much more like a notebook kept in a private code: if I write "June 26: red green Q 17 x-ray romeo eagle" in my journal, the state has no rightful authority to compel me to tell them what that means to me.
Tom Swiss | the infamous tms | my blog
You cannot wash away blood with blood
Judge thinks you are lying. You're a geek, who presumably knows how to secure information on a computer. You saying "I lost the data" is equivalent to saying "My whole life is a lie and I don't actually know how to do any of the things I always talk about." Bullshit. You didn't lose the data. Your RAID6 didn't have a three-drive failure, and your backups weren't untested.
Same judge can think Lerner is telling truth. Lerner is an administrator, and she uses an iPhone and thinks the "e" on her desktop is the Internet, Her saying "I lost the data" is equivalent to her saying "I think the car's oil might be low, but I haven't looked. but the problem really could be oil, because I read a story in Readers Digest about a couple who saw some smoke coming out their hood, and when they finally got to town for someone to check it out, it turned out they were low on oil!" Her act is consistently dumb enough that no dumbness could be out of character.
When Lerner is asked the airspeed of an unladen swallow, she smiles helplessly, shrugs, and says "I don't know. What did you swallow?" When you're asked, you smugly immediately instinctively counter with "African or European?" and when the judge says "European," your eyes suddenly dart around and you say, unconvincingly, "Uh... I don't know anything about swallows."
Destruction of evidence is a separate crime, and simply having some type of electronic dead man's switch on it does not get one off the hook.
A self-destroying/expiring system is not illegal.
But the real problem with Penguinisto's idea is it won't work. When computer equipment is seized; the power is immediately removed, and the software can do nothing.
Power removal and system reboots are common enough, that there's no way the only copy of important data is in RAM; although, even if there is, authorities might attach a Firewire/PCI/Thunderbolt device, and use Inception to RAM dump the lower 4GB to write-only media.
Which brings me to the next point..... after the seized computer is shipped to a lab; the first thing they will do is remove the storage media from the computer, hook it up to a Write blocker (Which is a special hardware dongle that is inserted into the I/O path and blocks any Write operations, Security commands, or other destructive messages from being sent to the hard drive), before powering the system back on, booting from a read-only USB stick, and dumping a complete backup image of the entire disk to archive.
In the event that there is an ATA security lock/ATA password setup on the drive; the lab can disconnect the normal disk drive controller, and attach a custom one. If this is an encrypted SSD; they will have equipment and details from the drive manufacturer (obtained under lawful order), required to read the keys off the controller's PRAM chips.
They can also, lift the platters out of the drive, and have those imaged --- in case they suspect attempt to overwrite files with all zeros.
In short: The idea of using two factor in software with expiring keys for data stored on a HDD is extremely naive, if you think a LEO's lab will screw up and lose the data because of it.
Your only chance is if you have a really tamper-resistant HSM with a self-destruct mechanism, and the LEO cannot identify the manufacturer, or work out how to safely get in; considering the fact, forensic labs have many advanced diagnostic tools available that can be used to analyze unknown media modules, and chances are good they can cut in and analyze the logic and data stored on even so-called tamper proof electronics...
To prevent BIOS/EFI tinkering, insure that the encryption software double-checks that the system time is within the window (between last successful access and new expiry date) on boot, and destroys the key if the date is outside that window. Same with insuring that the HDD is in the same hardware it originally sat in, destroying the key if the software detects that a series of MAC addys and serial numbers don't match up.
This wont work, because you do not control the software used to decrypt it. If you are using a standard cipher (and you really, really should be using a standard vetted cipher), they will us their own decryption software that neither cares about certificate expiration nor about the new BIOS on the lab image that theyre using.
No "time expiring" crypto method that actually works has been devised, most probably because it literally cannot be done in a secure way. The attacker controls the decryption software and the hardware-- not you.
http://forensic.belkasoft.com/...
"Solid State drives (SSD) introduced dramatic changes to the principles of computer forensics. Forensic acquisition of computers equipped with SSD storage is very different of how we used to acquire PCs using traditional magnetic media. Instead of predictable and highly possible recovery of information the suspect attempted to destroy, we are entering the muddy waters of stochastic forensics where nothing can be assumed as a given."
"To those who are overly cautious, everything is impossible. "
All this is making me start to think of some kind of more clever "panic mode" encryption.
You'd have to make it really fast, such that it's reg proto-encrypted two ways, one normal, and the panic mode. So say something really fast like shift-control-alt-F11 instantly flips the "panic bit".
We as geeks could put all kinds of awesome stuff into it, smashed into a kind of digital Klein Bottle with milk for Schrodinger's cat.
"Do you know how to decrypt it?"
"No"
"Why not?"
"Because it's time-locked with a code that cannot be found until next September."
"Do you know what documents are on there?"
"The ones you are looking for are not there because they were broken into component parts that only the computer knows, tied to a code that September code. Meanwhile other documents you did not know were there, are there, because they were created by algorithms the moment I hit the Panic Button and not a moment before. And the base of the September key is an English phrase which may or may not admit a crime. You don't know."
"So what if the case is dismissed?"
"I can do other work until September. What's important is that it cannot be broken right now."
My first Journal Entry ever, in 8 years! http://slashdot.org/journal/365947/aphelion-scifi-fantasy-horror-poetry-webzine
All this is making me start to think of some kind of more clever "panic mode" encryption.
You'd have to make it really fast, such that it's reg proto-encrypted two ways, one normal, and the panic mode. So say something really fast like shift-control-alt-F11 instantly flips the "panic bit".
We as geeks could put all kinds of awesome stuff into it, smashed into a kind of digital Klein Bottle with milk for Schrodinger's cat.
"Do you know how to decrypt it?" "No" "Why not?" "Because it's time-locked with a code that cannot be found until next September." "Do you know what documents are on there?" "The ones you are looking for are not there because they were broken into component parts that only the computer knows, tied to a code that September code. Meanwhile other documents you did not know were there, are there, because they were created by algorithms the moment I hit the Panic Button and not a moment before. And the base of the September key is an English phrase which may or may not admit a crime. You don't know." "So what if the case is dismissed?" "I can do other work until September. What's important is that it cannot be broken right now."
In my opinion, that likely wouldn't work. Contrary to what you might see on TV or in movies, courts are not generally impressed by technicalities or deliberately unproductive cleverness. Consider the recent Supreme Court ruling against Aereo. The Court was entirely unmoved by the technical argument that the way Aereo implements their service is "basically like" individuals using antennas. They ruled that *overall* Aereo was obviously acting as a rebroadcaster, by taking in broadcast signals and sending them live to a large number of customers and charging for that. The notion that they don't charge for the broadcast, just the rent for the antenna was similarly unconvincing to the Court. Courts tend to look at net results, and less the technical path to achieve it. In this case, a court would rule that a) you've just admitted the system contains information related to the government investigation, b) you created the system being used to obfuscate and hide that information, and c) even though you've made it difficult or impossible to produce that information at this time, you can be compelled to do so at the earliest possible moment the system physically allows, and d) the fact that you appear to have deliberately done all of this in a deliberate attempt to thwart law enforcement with full knowledge of the legal consequences can subject you to an obstruction of justice charge.
Most judges and most courts do not consider the law to be a game that people can attempt to create exploits for. Exploiting loopholes in the law is one thing: doing so with an obvious willful intent to subvert the court tends to be looked upon extremely unfavorably. Judges have significant latitude to deal with people they think are trying to do that.
That only applies to people who have no authority that could ever possible impact the judge in question.
"That's a nice tax bracket you have there... it'd be a shame if it got audited for the last seven years, and every year from here on out, into the foreseeable future"