[Cryptography] US Case: Infinite Jail Contempt for Disk Crypto, 5th Amndmnt, All Writs, FileVault, Freenet CHKs

Tom Mitchell mitch at niftyegg.com
Thu Apr 28 21:18:06 EDT 2016 

On Thu, Apr 28, 2016 at 12:25 PM, grarpamp <grarpamp at gmail.com> wrote:

>
> https://yro.slashdot.org/story/16/04/27/2357253/child-porn-suspect-jailed-indefinitely-for-refusing-to-decrypt-hard-drives
> http://thehackernews.com/2016/04/decrypt-hard-drive.html
> https://www.scribd.com/doc/310741233/Francis-Rawls-Case
>
> http://arstechnica.com/tech-policy/2016/04/child-porn-suspect-jailed-for-7-months-for-refusing-to-decrypt-hard-drives/
>
> Amici Curiae by EFF and ACLU
>
> A Philadelphia man suspected of possessing child pornography has been in
> jail for seven months and counting after being found in contempt of a court
> order demanding that he decrypt two password-protected hard drives. The
> suspect, a former Philadelphia Police Department sergeant, has not been
> charged with any child porn crimes. Instead, he remains indefinitely
> imprisoned in Philadelphia's Federal Detention Center


This seems ugly....
I would provide the key as requested and when the files fail to decode
there is
proof that the device was corrupted while in custody.

Many devices are encrypted with generated very strong keys
that are never exposed to the user.   Access to the strong key is via
a passphrase to unlock tools for the device.   Single bit errors can
render data on an encrypted device worthless (impossible to recover).

There seems to be a line between what you are and have vs. what you know.
It gets interesting when they demand testimony on someone else and
assert that "Self Incrimination" is not involved.

I know that I have forgotten passwords and lost key pairs.
Multiple  individuals  in multiple generations of my family tree have
passed from Alzheimer's.
I have used encryption but never recorded the key on devices I wish to
discard because
there was some risk of latent company confidential data that I do/did not
own on the device.
I know that I have changed passwords over time and abandoned accounts that
I have no
way to recover...
Passwords I have used and now believe to be invalid in my history:
  1234567890
  !@#$%^&*()_
  PassWord
  PassWordWithSalt

I also know that many systems running on encrypted filesystems have
been hacked by external agents.   While running these systems allow
interlopers to drop files on the system perhaps to be recovered later
and used in a future prosecution.   Home computers are especially
vulnerable to external attacks.  Larger systems also have flaws as
we are seeing with ransomware on some famous  hospital systems
(HIPPA demands security and some US states demand encryption).











-- 
  T o m    M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160428/aaa493d7/attachment.html>

More information about the cryptography mailing list