Security Basics mailing list archives
Re: Judge orders defendant to decrypt PGP-protected laptop - CNET News
From: Shailesh Rangari <shailesh.sf () gmail com>
Date: Sat, 7 Mar 2009 17:44:51 -0500
Steve,I agree that their is a real possibility that a said user may forget the password owing to numerous reasons, But I am not aware of any technique that can prove beyond a reasonable doubt that the user has really forgotten his password or is pretending it to avoid a sentence. Seems like the case is bound to set a precedent in the interpretation of this law. Any which ways it would be worthwhile to observe whether the US courts follow a similar course of action as their UK counterparts.
It is also kind of interesting that the UK courts follow a course of action which almost deters users from using encryption for the fear of forgetting keys that may lead to a sentence. That leaves people in UK the option of using Key Escrow Encryption scheme only.
Shailesh On Mar 7, 2009, at 5:10 PM, Stephen Mullins wrote:
Is it not plausible that he forgot his key phrase after a year of not typing it? A twenty to thirty character key phrase is pretty easy to forget if you don't use it frequently. Frankly, I'm pretty sure that after a year I'd have forgotten a 20 to 30 character key phrase, especially if it was a truly strong pass and not based on natural language or 1337. The problem with this is that it takes us to where the U.K. is today - refusing to hand over passwords on demand to the police results in a minimum sentence of 2 years in prison. This is essentially a defacto ban on encryption technology by virtue of the risks of forgetting a password being so great that it simply does not make sense to use it at all. I don't like where that leads. Steve Mullins On Fri, Mar 6, 2009 at 3:55 PM, vulcanius <vulcanius () gmail com> wrote:IANAL but in my opinion there isn't an issue of self-incrimination anymore. If it's true that he allowed the border agents to search his laptop initially then he has, in my limited knowledge I believe, waived certain rights.On Thu, Mar 5, 2009 at 8:33 PM, Shailesh Rangari <shailesh.sf () gmail com > wrote:Its strange that the act of revealing the password has essentially been termed underprivileged by the courts in the mentioned case. The Supreme Court on earlier occasions has termed acts of providing fingerprints, blood sample etc. underprivileged because in principle they do not reveal a persons thoughts or knowledge of a particular fact and also because possession of ones own fingerprint is an undeniable fact.In case the Supreme Court concurs with the decision of the District Court the options Mr. Boucher would have are interesting -1) Self Incriminate - by providing the password that is known to Mr. Boucher which in turn would turn testimonial of his knowledge and control over the said laptop and its contents 2) Perjury - by lying on oath that he does not knows the password that can be proved otherwise by the ICE Agent for he found the laptop sans the encryption3) Contempt of Court - by rejecting both the options mentioned above Regards, Shailesh On Mar 3, 2009, at 1:00 PM, tvlillard () msn com wrote:Reference below is an interesting article concerning a Judge's order to decrypt of a harddrive.Judge orders defendant to decrypt PGP-protected laptop - CNET News URL: http://news.cnet.com/8301-13578_3-10172866-38.htmlFederal court orders defendant accused of having illegal data on his laptop to type in his PGP passphrase so prosecutors can access decrypted files.Thanks Terrence
Current thread:
- Re: Judge orders defendant to decrypt PGP-protected laptop - CNET News, (continued)
- Re: Judge orders defendant to decrypt PGP-protected laptop - CNET News Atom Smasher (Mar 05)
- Re: Judge orders defendant to decrypt PGP-protected laptop - CNET News David Gadoury (Mar 24)
- Re: Judge orders defendant to decrypt PGP-protected laptop - CNET News Michael Painter (Mar 05)
- Re: Judge orders defendant to decrypt PGP-protected laptop - CNET News nameless (Mar 05)
- Re: Judge orders defendant to decrypt PGP-protected laptop - CNET News Kurt Buff (Mar 05)
- Re: Judge orders defendant to decrypt PGP-protected laptop - CNET News Randy Smith (Mar 06)
- Re: Judge orders defendant to decrypt PGP-protected laptop - CNET News nameless (Mar 05)
- Re: Judge orders defendant to decrypt PGP-protected laptop - CNET News J. Oquendo (Mar 06)
- Re: Judge orders defendant to decrypt PGP-protected laptop - CNET News vulcanius (Mar 06)
- Re: Judge orders defendant to decrypt PGP-protected laptop - CNET News Stephen Mullins (Mar 09)
- Re: Judge orders defendant to decrypt PGP-protected laptop - CNET News Shailesh Rangari (Mar 09)
- Re: Judge orders defendant to decrypt PGP-protected laptop - CNET News Aarón Mizrachi (Mar 19)
- Re: Judge orders defendant to decrypt PGP-protected laptop - CNET News Craig S Wright (Mar 19)
- Re: Judge orders defendant to decrypt PGP-protected laptop - CNET News Kurt Buff (Mar 19)
- Re: Judge orders defendant to decrypt PGP-protected laptop - CNET News Craig S Wright (Mar 20)
- Re: Judge orders defendant to decrypt PGP-protected laptop - CNET News Kurt Buff (Mar 20)
- Message not available
- Re: Judge orders defendant to decrypt PGP-protected laptop - CNET News Kurt Buff (Mar 24)
- RE: Judge orders defendant to decrypt PGP-protected laptop - CNET News Craig S. Wright (Mar 24)