English 19-year-old jailed for refusal to disclose decryption key
Marsh Ray
marsh at extendedsubset.com
Wed Oct 6 16:57:07 EDT 2010
On 10/06/2010 01:57 PM, Ray Dillinger wrote:
> a 19-year-old just got a 16-month jail sentence for his refusal to
> disclose the password that would have allowed investigators to see
> what was on his hard drive.
I am thankful to not be an English "subject".
> I suppose that, if the authorities could not read his stuff
> without the key, it may mean that the software he was using may
> have had no links weaker than the encryption itself
Or that the authorities didn't want to reveal their capability to break it.
Or that they wanted to make an example out of him.
Or...
> -- and that
> is extraordinarily unusual - an encouraging sign of progress in
> the field, if of mixed value in the current case.
>
> Really serious data recovery tools can get data that's been
> erased and overwritten several times
Really? Who makes these tools? Where do they make that claim?
Wouldn't drive manufacturers have heard about this? What would they do
once they realized that drives had this extra data storage capacity
sitting unused?
I see this idea repeated enough that people accept it as true, but no
one ever has a published account of one existing or having been used.
> (secure deletion being quite unexpectedly difficult)
Sure, but mainly because of stuff that doesn't get overwritten (i.e.,
drive firmware remaps sectors which then retain mostly valid data) not
because atomic microscopy is available.
> , so if it's ever been in your filesystem
> unencrypted, it's usually available to well-funded investigators
> without recourse to the key. I find it astonishing that they
> would actually need his key to get it.
What makes you think these investigators were well-funded?
Or they wouldn't prefer to spend that money on other things?
Or that they necessarily would have asked the jailers to release the
teen because they'd been successful in decrypting it. Perhaps their plan
was to simply imprison him until he confesses?
> Rampant speculation: do you suppose he was using a solid-state
> drive instead of a magnetic-media hard disk?
SSDs retain info too. Due to the wear leveling algorithms they're quite
systematic about minimizing overwrite.
But I doubt any of that is an issue in this case.
- Marsh
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list