Original story Interesting. Encryption works better than I thought. Sooner or later everyone is going to start doing this.
Because you have child pornography? No really, my regular passwords are known by a lot of people, but my (root) passwords for my servers or backup and the likes are my little secret and I'll never give them up. Both out of security reasons as out of principle.
To protect yourself against self-incrimination. Ask Hex about her friend who's now on the sex offenders register because he downloaded a zip file of random porn which just happened to include images of children.
Ouch, poor Hex's friend. Sounds like it was a setup though, and in all fairness how are you to know the contents of a file that you are downloading, espescially zip files, before you download it anyway without someone telling you the contents. Still it does pose an interesting dilemma, but if this guy doesn't give up his password and comes out of the other end of this all ok, does that mean that if you download music in the form of encrypted zip files or other encrypted files that you'll be ok because of your rights etc? Should make for an interesting case no matter how morally wrong the subject matter may be.
In the UK at least, the word of the law is that possession of indecent images is a crime (regardless of intent), but it is inevitably up to the jury as to whether someone who claims they 'accidentally' or 'unknowingly' came into the possession of those files is guilty or not. It might not be 'fair' for someone to be tried for possession if they got it by accident, but the fact that they are in possession means they have broken the law.
Same thing happened to one of my mates. He coorporated and found the guy who hosted the folder with pr0n (including child pornography) so he´s free of charge now.
Haven't you geeks learned by now never to download material of questionable content or from questionable sources?!? Virusses or child pr0n: you only have yourself to blame. Moreover to download such stuff is careless, but to keep it looks suspect. With regards to the case: That just goes to show that the law has some catching up to do. After all magazines and photos are not an extention of human memory. Similar with the password: a key is a key. A warrant to search is a warrant to search. Else, some social engineering could help in guessing what the password is. Check the guys bank and internet shopping accounts; anything that requires a log-on or password that can be more easily retrieved from the system. Chances are, one of them hits paydirt.
Last i remember half the stuff on the crapy P2P programs for porn include PRE TEEN ILLEGAL INCEST CHILD PORN etc in the title, its never usually ANY of the above, so how can you be charged on the title of a movie without seeing its contents first?
No they shouldn't force him to incriminate himself, but can't they break the encryption or brute force the password?
In the UK at least you have to give up your key. AFAIK it's never made it to court; what would happen if you'd forgotten it Redbourne, with some of the encryption available breaking it isn't really an option unless the government are willing to spend a lot of time/money doing so.
Intention is kind of an important consideration here. If you break into a bank but find the vault empty, does that mean you should walk free? No. To crack something like PGP would have a supercomputer that could try 1,000,000,000 attempts per second about 1.07x10^22 years. There is power (literally) in 128 bit encryption.
What about a PGP-like system with 2 passwords, the real one and a "hijack" code which shreds the encrypted file. Make both similar, say "password" and "PaSsWoRd", so if the file self-destructs, you simply question the persons typing skills.
it conflicts with the right to remain silent though.... would be interesting to see which one would win if someone would dare to battle it out through every possible legal instance.
Presumably they'd make a copy of the data beforehand. With regards to the right to remain silent, it's out the window: if you stay silent a jury is now allowed to draw a negative conclusion from that
So if the police stop me at the border and suspect I'm smuggling contraband, can I simply lock my door and disallow them to search my car? After all, giving up the key would be self-incriminating. The Magistrate argued that the password is not a real key. What if I replace the normal locks on my car with some kind of software-based keypad? -monkey
Definitely an older story that's popped up again, but quite interesting nonetheless. I've had Judge Niedermeier guest speak in one of my classes a while back, and it was one of the few times I've gotten a good impression from anyone who's a part of the legal system. He seemed remarkably sane and logical. This kind of case really pushes the limits for testing the constitution IMO. Getting a warrant in this case is perfectly legal and justified, as the law enforcers have probable cause to check out the premises. But of course, there's the right to not incriminate yourself. It's easy enough for cops to break into a house (legally) if they have a warrant - they just have to kick in the door, regardless of whether you allow them to or not. AFAICS, the law only allows them to attempt to bruteforce the password (your digital equivalent to a battering ram) thanks to the fifth, unless he willingly tells them.
^^^ Good analogy. Luckily, people are not that imaginative. I'd be willing to bet that he has used the same or very similar password on other log-ons, which are easier to retrieve.
There are other means of breaking into an encrypted file other than brute force attacks, such as dictionary attacks and rainbow tables, both of which are far more likely to succeed. PGP (and other variants) are statistically impossible to break into in our lifetime if the password is strong, but there are ways and means (which I obviously won't detail ) to improve the odds. As for a password that would destroy the file, digital forensic examiners only ever work off copies of storage media, so it wouldn't make the blindest bit of difference (apart from showing that you attempted to destroy evidence, which is a separate charge in itself!).
