
Man jailed over computer password refusal - alexandros
http://www.bbc.co.uk/news/uk-england-11479831
======
boredguy8
Encryption and password privacy is an entirely unsettled area of US law. The
courts can probably compel you to _enter_ your password (to decrypt a drive,
or what have you), while you can maintain that the _content_ of your password
can be protected under the 5th. So, for instance, say you had encrypted files
of plans to build a bomb and detailed schematics of the White House. The judge
can order you to decrypt the files without forcing you to reveal that the
password was "K1llt3hPr3zn0w!"

As a practical matter, I've wondered what would happen if someone simply
claimed they couldn't remember the password. Especially if one could make it
look like the encrypted files hadn't been accessed in over a year.

TrueCrypt's Plausible Deniability
(<http://www.truecrypt.org/docs/?s=plausible-deniability>) makes these issues
even more complicated.

But yeah: by simply refusing, you'd be thrown in jail for contempt and your
only way out would be appellate review of the order. You'd have to challenge
the contempt citation on the basis that the original order was unlawful.

~~~
lkjuhygthyujk
I was a grad student in CS at Cambridge when this law was introduced. A nice
man from the police came to lecture us about it. We asked about proving that
say the results from a Monte Carlo simulation, or even just a blank disc
weren't encrypted - we were told not to worry the law would only be used
against terrorists.

Since this was before 911 - the 'terrorists' in question were presumably the
IRA, not sure they had much of an online presence back then.

~~~
MrRage
> Since this was before 911 - the 'terrorists' in question were presumably the
> IRA, not sure they had much of an online presence back then.

You do know that 9/11 was not the first terrorist attack on the US by Islamic
extremists, do you?

~~~
lkjuhygthyujk
Yes, but I'm assuming the UK didn't draft a law in the mid 90s to prevent
Islamic attacks on the US.

The fact that their plans would be written in a foreign language (never mind a
foreign alphabet) would have been more than adequate to keep it secret from
British intelligence.

ps. You do know that we have been having terrorist attacks for almost a
century.

~~~
billswift
>The fact that their plans would be written in a foreign language (never mind
a foreign alphabet) would have been more than adequate to keep it secret from
British intelligence.

This is one of the stupidest statements I have ever seen.

~~~
MichaelSalib
Why? Given that in 2010, nearly a decade after 9/11 and almost 7 years after
the invasion of Iraq, the US military, State Dept, domestic law enforcement
agencies and presumably intelligence agencies still have a severe shortage of
Arabic-speaking staff, why do you find the statement stupid? The UK before
9/11 was much less focused on terrorism than the US is now. Developing robust
foreign language capability in large organizations is very hard. That's why we
often fail at it.

Plus, in my experience, Arabic is a difficult language for people who grew up
speaking romance languages to learn. Perhaps not as difficult as Japanese, but
still much more difficult than German or French.

~~~
billswift
Of course most police forces and so on will not have speakers available, but
the comment said "British intelligence". Every intelligence agency has
translators for all major languages, and have for decades (Arabic was an
important language in the Cold War almost from the start). And they have
translators for minor languages on tap - I bet they could find a Basque, Lapp,
or Chukchi speaker if they needed one quicker than most universities.

~~~
baha_man
"I bet they could find a Basque, Lapp, or Chukchi speaker if they needed one
quicker than most universities."

That's probably where they get them.

------
ryanwaggoner
Just thought of a feature idea for TrueCrypt and other similar packages:
encrypted files or partitions can have multiple passwords, which reveal
different things. So you could have a password that reveals something
embarrassing but not incriminating. If the police or border nazis threaten you
with prosecution unless you reveal your password, you give them this one.
Meanwhile, you hide anything really confidential behind a password that you
never give out.

Or maybe they already have this?

~~~
digitallogic
TrueCrypt already has this feature: <http://www.truecrypt.org/hiddenvolume>

~~~
omh
Presumably the UK police are aware of this feature, which could lead to a more
interesting situation when you can't prove that you've really unlocked to the
deepest level.

~~~
FlemishBeeCycle
My understanding of the feature is that is is impossible to verify whether or
not you are using a hidden volume within a TC encrypted volume.

 _Although file-hosted TrueCrypt volumes (containers) do not contain any kind
of "signature" either (until decrypted, they appear to consist solely of
random data), they cannot provide this kind of plausible deniability, because
there is practically no plausible explanation for the existence of a file
containing solely random data. However, plausible deniability can still be
achieved with a file-hosted TrueCrypt volume (container) by creating a hidden
volume within it._

<http://www.truecrypt.org/docs/?s=plausible-deniability>

~~~
CGamesPlay
Clarification: it's impossible to determine if a hidden volume exists in a
TrueCrypt volume. It is trivial to determine whether a given password unlocks
the main, hidden, or neither volume.

~~~
hyperbovine
How is it trivial to verify whether a password unlocks something the existence
of which is impossible to verify?

~~~
NinetyNine
Data about the hidden volume is encrypted and kept in the second 512 bytes of
the volume, where as data about the normal volume is in the first 512 bytes.
If there is no hidden volume, the second 512 bytes are purely random data.

It's impossible to tell an encrypted volume header apart from random data.
It's very much "try, and if you fail, you either have the wrong key or the
volume doesn't exist".

------
squidbot
It occurs to me that since this part of a child pornography investigation, 16
weeks in jail for not giving them a password might actually be a far lighter
sentence than if the key was provided and illicit material was found. I don't
condone the porn, but it does seem like a logical trade-off.

~~~
BillGoatse
Wait until they ask him again, 16 weeks from now...

~~~
dc2k08
Can you be tried for the same crime twice?

~~~
maxawaytoolong
In the USA you cannot be tried for the same crime twice under double jeopardy
laws. From wikipedia:

 _There are three essential protections included in the double jeopardy
principle, which are:

\- being tried for the same crime after an acquittal

\- retrial after a conviction, unless the conviction has been reversed,
vacated or otherwise nullified

\- being punished multiple times for the same offense_

London and Wales repealed prohibition against double jeopardy in 2003, so if
you live there, you can indeed be tried for the same crime twice.

~~~
gloob
_But_...

this wouldn't be double jeopardy. It would be a second instance of him
refusing to turn over the passwords. Just as you can be tried twice for murder
twice if there are two separate murders, you could be tried twice in this
situation.

~~~
ciupicri
But... it's the same password/encrypted data here.

~~~
gloob
Disclaimer: IANAL. Disclaimer: IANAA (I Am Not An American)

Assaulting the same person twice would still be two different assaults.
Stealing a truck, getting caught and punished, and stealing the same truck
again would, to my understanding, not be risk-free, legally speaking. I
suspect the same would probably apply here, though given how unintuitive the
law is, especially in this area, I may well be dead wrong.

Edit: To clarify, my point is that _if_ the law amounts to "Refusal to turn
over requested passwords => jail time", this would seemingly constitute a
second refusal, even if the requested password was the same.

~~~
caf
By the same logic, if the authorities had asked him one hundred times in the
first interview for his password, and he'd refused one hundred times, then he
could be charged with one hundred counts of the offence and put away for 30
years.

The courts aren't run by robots. If it's substantially the same instance of
the offence, he couldn't be tried again.

------
mattm
A friend of mine flew back home to Canada. After clearing customs, he was one
of the random people chosen to have their luggage inspected. He had his laptop
on him and the customs agent booted up the computer, asked him to enter his
password and then took his laptop away before bringing it back without telling
him anything about it.

I wondered what would have happened if he refused to type in the password.

~~~
Deestan
Customs aren't law enforcement, they just like to think so.

The request to enter a password should be treated as a impolite request, which
you should politely deny.

~~~
GBond
Not sure why your were upvoted (probably for the sentiment that freely
entering one's password without reason should not happen) because that is not
correct.

In the US, "customs" typically refer to ICE and TSA, both are enforcement
functions of the United States Department of Homeland Security.

~~~
Deestan
_checking facts_... You are correct. I incorrectly assumed they were
equivalent to UK and Norwegian customs, where customs and border protection
are separate entities.

------
ck2
In the USA can you be compelled to testify against yourself by being coerced
into giving a password to law enforcement?

Has this been tested yet, out of curiosity?

I remember reading they can deny you entry/exit to the USA if customs can't
read your laptop but never heard anything like local/FBI.

If not, I hope it doesn't go before _this_ particular supreme court.

~~~
rdtsc
They can slap an "obstruction of justice" charge on. Or charge you with
"contempt of court" and just jail you based on that.

In broader terms yes the system has a way to inflict random punishment on you
for disobidience.

In other countries they will just start breaking your fingers, your loved ones
fingers, and so on. So the password problem is solved a lot "easier" then.

~~~
brettmjohnson
Once they start breaking your fingers, it gets a whole lot harder to enter
that 50-character password.

~~~
pavel_lishin
Relevant: <http://imgur.com/0YHea>

------
NathanKP
It seems like a bad idea to store anything incriminating on your local hard
drive. Why not keep your encrypted files on a flash drive? If the police show
up destroy the flash drive using a hammer, ensuring that the flash memory chip
is thoroughly pulverized and completely unreadable.

Likewise, if you are going to be using the internet for devious purposes drive
around and use a neighbor's open wireless network access point, which highly
reduces the chances that anything can be traced back to you. Or set up your
own unsecured wireless network point and suggest to officers that illegal use
came from an outside source.

Not that I want to condone illegal activities, or condone lying to police
officers, but to the hacker in me these seem like simple, sensible steps to
take that will be more dependable than even a 50 character password.

~~~
boredguy8
Intentionally destroying incriminating evidence is probably not something you
should ever do. Certainly not in such a way that leaves evidence in the form
of pulverized IC remains all over your kitchen counter.

~~~
ciupicri
But how can they prove that it was _incriminating_ evidence?

~~~
anthonyb
Usually there'll be a reason for the police to kick your door down. I imagine
that plus destroyed evidence would be enough to prove beyond reasonable doubt.

~~~
anthonyb
Also, I don't think it necessarily needs to be proven that the evidence was
incriminating; just destroying evidence is criminal behavior.

Of course, IANAL, but that's how I'd do it if I ruled the world...

~~~
loewenskind
How do you know it was evidence or related to the bust?

~~~
anthonyb
There might be all sorts of reasons - if you're being busted for fraud or tax
evasion and all of your hard drives are mysteriously blank, or there are empty
filing cabinets and a big pile of ash then I would imagine that would go down
fairly badly in court.

The modern equivalent is a whole bunch of destroyed media - thumb drives,
flash cards or hard drives.

------
gunmetal
"It sends a robust message out to those intent on trying to mask their online
criminal activities that they will be taken before the courts with the
ultimate sanction, as in this case, being a custodial sentence."

seems like a good reason to have "innocent until proven guilty". drive could
contain anything, or nothing.

------
vic_nyc
I wonder why he didn't say he "forgot the password". Although it may seem
implausible, how could they prove it's not true?

~~~
omh
I think that the law is worded so that it's an offence to have encrypted files
and not be able to decrypt them. Whether it's deliberate or just forgotten
isn't relevant (though I'd hope it would make a difference in sentencing).

~~~
points
How can you even prove that a file is encrypted? The whole law is baloney.

~~~
16s
Use TrueCrypt to do whole disk encryption on your Windows XP hard drive. Then
boot your computer with a Linux Live CD and dd the first 512 bytes to stdout.
This is what you'll see in plain text ASCII:

 _"TrueCrypt Boot Loader"_

No expert is needed to prove that you are using TrueCrypt whole disk
encryption. It has a huge stamp right up front.

~~~
barrkel
That's certainly true for that particular instance, in that particular
implementation. But it's not necessarily the case. Take some random file and
encrypt it with gpg; there's nothing obvious in the contents to mark it out as
encrypted data.

~~~
16s
tom@ubuntu:~$ gpg -c flag.png

tom@ubuntu:~$ gpg -v --list-packets flag.png.gpg

    
    
       :symkey enc packet: version 4, cipher 3, s2k 3, hash 2
    
       salt eae60ad4255dc4e2, count 65536 (96)
    
       gpg: CAST5 encrypted data
    

OpenPGP encrypted data is easy to find too. It even tells you the algo used.
The example is symmetrically encrypted, but it works the same with asymmetric
keys. Even shows who it is encrypted for. Edit: formatting.

~~~
16s
Here's what the gpg data looks like when using someone's public key to encrypt
a file... now we know who to go hit over the head with a hammer ;)

tom@ubuntu:~$ gpg -v --list-packets file.gpg

    
    
       :pubkey enc packet: version 3, algo 16, keyid 63E6E0BBB9FEE3A5
    
    	data: [2045 bits]
    
    	data: [2047 bits]
    
       gpg: public key is B9FEE3A5
    
       gpg: using subkey B9FEE3A5 instead of primary key 7A997B0A

~~~
limmeau
With option --throw-keyids, you'd have to try your hammer on several heads
until one fits.

------
eiji
"50-character encryption password" - nice!

I'm wondering ... Person A refuses for - pure principle (and maybe some ripped
DvD's) Person B refuses for - let's say child pornography and a dirty bomb
manual

Both will get the same jail time?

~~~
araneae
There are other legitimate reasons to not want to reveal the contents of your
hard-drive besides principle or self incrimination. For instance, if you had
the private information of any other people. My SO works with HIV, and
recently got access to sensitive data that had to be sent on DVD via courier.

Who here trusts the police to not disclose their HIV status?

~~~
aperiodic
Disclaimer: IANAL

If you're in the Unites States, the data is probably protected by HIPAA, the
Health Insurance Portability and Accountability Act[1]. HIPAA includes a
clause stating that the Attorney General or their designee may issue a
subpoena compelling your SO to disclose that information, but only to someone
investigating a Federal health care offense.

I've searched through the rest of HIPAA for keywords such as "law
enforcement", "criminal", and "disclosure", but I couldn't find anything about
being compelled to disclose HIPAA-protected information to law enforcement in
any other circumstance than investigation of a Federal health care offense.
However, I did not thoroughly read HIPAA, and there might be something in
another section of the US Code that's relevant.

Hopefully someone more knowledgeable about this can let me know if I've missed
something.

[1]: <http://www.legalarchiver.org/hipaa.htm>

~~~
araneae
Yup, that's the case. The question is whether or your hard drive is protected
from a criminal charges subpoena. The data is kept encrypted on the hard
drive, but of course the authorities don't know what's on the hard drive until
it's decrypted.

~~~
aperiodic
Disclaimer: IANAL.

Edit: My understanding of HIPAA was incorrect.

45 C.F.R 164.512:

A covered entity may use or disclose protected health information without the
written consent or authorization of the individual... in the situations
covered by this section, subject to the applicable requirements of this
section.

(a) Standard: Uses and disclosures required by law. (1) A covered entity may
use or disclose protected health information to the extent that such use or
disclosure is required by law and the use or disclosure complies with and is
limited to the relevant requirements of such law.

This would seem to give court orders and criminal subpoenas the power to
demand decryption of your hard drive regardless of whatever HIPAA data it
contains.

------
awakeasleep
As great as hidden volumes are, traces showing the inconsistency between the
fake and real volume will be left on your system unless you take heroic
measures to erase them.

Things like logs of all the external drives you connect, and links to recently
opened files.

~~~
CGamesPlay
Your entire operating system can be a hidden volume. I don't know how "heroic"
this is.

------
fbcocq
I've been resetting people's 8 character passwords lost due to Post-Vacation-
Insomnia for ages, I'd really like to see them expect me to remember a 50
character password under stress conditions.

~~~
brettmjohnson
I have a 12 character password and it is a pain in the ass to type it several
times a day. I couldn't imagine using a 50 character password.

~~~
voxxit
It is probably just a concatenated string of his credit card number or social
security number and random words. I wonder if they are currently trying to
crack it using some kind of dictionary brute force mechanism, or if there is
some kind of lock out enabled after five tries.

~~~
aidenn0
If they have physical access, then there is no effective lock-out mechanism.
Presumably they can determine which encryption software is used, and can use
the algorithm as many times as they want.

------
omh
This has happened before, although the details aren't clear. It was reported
last year (<http://www.theregister.co.uk/2009/08/11/ripa_iii_figures/>) that
two people had been convicted for similar offences. It seems that most people
don't comply, but not all of them are charged: "Of the 15 individuals served,
11 did not comply with the notices. Of the 11, seven were charged and two
convicted."

------
eof
How do they know it's a 50 character password?

~~~
tyree731
He probably volunteered that information.

~~~
eof
Seems a silly thing to offer

------
xenophanes
I realize this story is in the UK, but could it happen in the US or would the
5th amendment protect you?

As an American, it seems a bit insane to me for someone to be jailed for
refusing to help convict himself.

~~~
moxiemk1
I thought remembered a court precedent in the US that ruled being compelled to
divulge encryption keys was equivalent to being compelled to hand over keys to
locked places (like a safe), which is historically required.

That said, I can't find such an article, so hopefully I'm making it up and we
are indeed safe in our minds.

~~~
pilom
No legally in the US you are not required to give the keys to the safe, but
they can drop your sentence significantly for working with the investigators.
For a safe, if you don't give them the key, the get a grinder and hack saw,
for an encrypted hard drive in the US they give it to the NSA (though 50 chars
would be tough for even them i'd expect).

~~~
pyre
The NSA doesn't want anyone to know what their capabilities are, but I
remember a case where they gave it to a university which threw a cluster at
it...

edit: 'they' being 'the authorities', not the NSA.

------
bl4k
I am surprised that they didn't keylog his machine - as having a warrant to
search/seize means a warrant to keylog probably could have been obtained.

The police will learn from this and avoid these 'oh dammit' moments by just
keylogging everybody from now (or at least those suspected of having encrypted
volumes).

Keylogging is the one real weakness of all the TrueCrypt/other encryption
schemes (that and your password is in memory in the clear while the volume is
mounted, and even afterwards depending on your settings).

~~~
gregable
Could you defeat that somehow by having rotating keys?

~~~
ElliotH
Wouldn't that take a very long time to re-encrypt a whole drive with a new
key?

~~~
kd5bjo
You wouldn't re-encrypt the whole drive; usually, the master key is stored in
the first few sectors of the disk, encrypted with the login key. That way, you
only have to re-encrypt a small amount of data to effectively change the
entire disk's key.

------
mathgladiator
In the US, how does the fifth amendment work in this type of issue? If he
complies, then he is testifying against himself.

------
iuguy
It's about time this happened. In the UK we have a law called the Regulation
of Investigatory Powers Act (RIPA) which allows access to certain data held by
ISPs or can compel people in certain cases to not only hand over encryption
material but prohibits them from acknowledging that they had been charged
under such a law.

As you can imagine, that last bit results in some very complicated situations.
The laws governing paedophilia are quite different, with paedophiles having to
sign a sex offenders register.

In the case of a sex offender being caught, it's easier to just take the RIPA
sentence instead. This is what appears to have happened. I hope the guy's
password is long enough otherwise regardless of his crime he's in for a world
of pain.

------
thedjpetersen
If they are unable to crack the pass code, does he go free on lack of
evidence?

~~~
yardie
If they base the case entirely on one piece of evidence than they have already
lost. Through programs like CSI, people are convinced that most of the
evidence for a case comes from a lab and all they need is that one piece of
evidence.

What really happens is the investigators have to answer the 5-Ws
(who,what,etc) and they "build" a case against you. If they have one piece,
then they can go fishing for the rest. This is why it's important to shut your
month when talking to the police. Anything you say at this point can really
open you up to all types of crap later. They'll twist your words around,
become your friend, good cop/bad cop, mention friends and family and all other
types of tricks to get you to talk. Believe it or not, criminals willingly
give up testimony about themselves. Some guy in a lab with half a shoeprint
isn't what wins the case, you do.

If all the prosecution has is one piece of evidence then a competent barrister
can shred it to pieces. This guy's job is to create FUD, and lots of it. The
less evidence the prosecution has the easier his job is. But what he/she can't
do is fix anything you say in front of the police while he isn't there. This
is why it's important to shut up and ask a lawyer first.

------
abalashov
I am not sure I understand the basis on which this person was jailed. If the
court order to search his computer was provided on the basis of probable
cause, what was that probable cause? If law enforcement already had evidence
of some kind of misdeed, why do they need access to his computer? If the
evidence of his misdeeds is on the computer, wouldn't providing it be a) self-
incrimination of some description, as mentioned extensively elsewhere here and
b) law enforcement's inability to get access to the information get the case
dismissed due to lack of evidence?

------
jason_slack
Can anyone explain how TrueCrypt works for OS X? Could I have my entire home
directory on the hidden partition? What about their hidden operating system
feature? So I can have my normal OS as the decoy OS and then have a hidden
Linux OS (as example) that I use for sys adm type stuff and boot to it when I
need to? Can VMWare or Parallels see this partition and create a VM based on
it?

~~~
Groxx
Essentially, you can't true-crypt anything that can't run TrueCrypt before you
need access to it. So you wouldn't be able to run TC and enter your password
prior to logging in, which requires your home directory. Perhaps this could be
sidestepped, but I'd think it'd be a mega-hack unless you can boot to a USB
drive which can decrypt things and _then_ boot OSX. I haven't heard of anyone
doing that though, probably because Macs are a bit different with their
bootup. You're essentially stuck making a file-as-a-volume or a hidden
partition, though I don't know how / how well hidden partitions work in OSX.

Once your file / hidden partition is mounted, it's just another mounted
volume. Anything which can read / write to a volume it's not on shouldn't
notice a thing.

Also, it looks like it might just be Windows which gets the hidden-OS
capability, as it requires a TC boot-loader on-disk or on an external booting
device. Which means it should be possible for others as well, but it sounds
like they haven't done it yet. <http://www.truecrypt.org/docs/?s=hidden-
operating-system>

------
mirkules
Would it be possible to have one password for accessing the system, and a
separate password for permanently wiping sensitive parts (in the background,
even)? What would be the legal implications (other than the obvious
obstruction of justice charges if the authorities catch on)?

~~~
CGamesPlay
The problem there is that any evidence should have been copied and should be
accessed from a read-only media at that point.

------
loewenskind
It sounds to me like TrueCrypt needs a new feature: a password that just
destroys all data.

~~~
cracki
would be fast too. just zap the headers.

------
metal
They already have this. You can have two levels of passwords: one for the OS
and one for a hidden encrypted partition or encrypted file where you keep your
truly sensitive info.

------
rwmj
Not the first one: <http://www.theregister.co.uk/2009/11/24/ripa_jfl/>

------
varjag
It's the modern alternative to pulling fingernails.

------
nervechannel
Steganography.

------
confuzatron
If the Police have a warrant to search a safe, presumably you can be required
to hand over the combination or be in contempt of court. Even if the
combination for the safe 'lives in your brain'.

ISTM a virtual 'locked container of documents' would have the same legal
status.

I'm not sure why so many techies go down the Walter-Mittyesque 'Enemy of the
State' route when discussing this sort of thing. Mention the police in
conjunction with encryption and suddenly everyone's a paranoid compound-
dweller...

Let's be clear here - it is unlikely that this guy is making a stand for
paranoid techies - it is much more likely that he's got pics and videos on his
HDD of kids getting raped that he doesn't want the police to see.

------
malandrew
This Star Wars quote seems appropriate here, especially given the hidden
volume feature of TrueCrypt:

Princess Leia: "The more you tighten your grip, Tarkin, the more star systems
will slip through your fingers."

