English 19-year-old jailed for refusal to disclose decryption key

Marsh Ray marsh at extendedsubset.com
Wed Oct 6 16:57:07 EDT 2010 

On 10/06/2010 01:57 PM, Ray Dillinger wrote:
> a 19-year-old just got a 16-month jail sentence for his refusal to
> disclose the password that would have allowed investigators to see
> what was on his hard drive.

I am thankful to not be an English "subject".

> I suppose that, if the authorities could not read his stuff
> without the key, it may mean that the software he was using may
> have had no links weaker than the encryption itself

Or that the authorities didn't want to reveal their capability to break it.

Or that they wanted to make an example out of him.

Or...

> -- and that
> is extraordinarily unusual - an encouraging sign of progress in
> the field, if of mixed value in the current case.
>
> Really serious data recovery tools can get data that's been
> erased and overwritten several times

Really? Who makes these tools? Where do they make that claim?

Wouldn't drive manufacturers have heard about this? What would they do 
once they realized that drives had this extra data storage capacity 
sitting unused?

I see this idea repeated enough that people accept it as true, but no 
one ever has a published account of one existing or having been used.

 > (secure deletion being quite unexpectedly difficult)

Sure, but mainly because of stuff that doesn't get overwritten (i.e., 
drive firmware remaps sectors which then retain mostly valid data) not 
because atomic microscopy is available.

> , so if it's ever been in your filesystem
> unencrypted, it's usually available to well-funded investigators
> without recourse to the key.  I find it astonishing that they
> would actually need his key to get it.

What makes you think these investigators were well-funded?

Or they wouldn't prefer to spend that money on other things?

Or that they necessarily would have asked the jailers to release the 
teen because they'd been successful in decrypting it. Perhaps their plan 
was to simply imprison him until he confesses?

> Rampant speculation: do you suppose he was using a solid-state
> drive instead of a magnetic-media hard disk?

SSDs retain info too. Due to the wear leveling algorithms they're quite 
systematic about minimizing overwrite.

But I doubt any of that is an issue in this case.

- Marsh

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list