
Indefinite prison for suspect who won’t decrypt hard drives, US government says - LukeB_UK
http://arstechnica.co.uk/tech-policy/2016/05/indefinite-prison-for-not-decrypting-hard-drives-usa/
======
virmundi
The best part of this whole story is the unintended consequence of attack.
Don't like someone, encrypt a zip drive with drivel, toss it in his car and
call the cops. Say you saw him looking at what could be kiddie porn. The guy
doesn't know the password. Life in prison. No excuse.

This applies not merely to Bob in Accounting that's a dick, but to everyone:
Congress! Start sniping political enemies. A jump drive here. A hard drive
there. Soon, you could have 6 or so Congressional individuals going to jail
for a child porn ring. The Feds would think it's a great prisoner dilemma. No
one's turning on each other. Again, anonymous tip claiming that the right
honorable Representative Duggans was watching kiddie porn late at night in his
office. The same tipster told the police that while he was jacking it he
thanked Representative O'Connel for the present over the phone (make sure to
wait for an actual call so their is evidence).

Sure eventually all of this will die down. Until then, for $100 bucks and a
few hours you can sit back, eat some popcorn and watch the system implode. Do
it right and you'll get years of fun for everyone.

~~~
CPLX
Or you could just put actual kiddie porn on the planted hard drives and save
yourself this entire legal conundrum.

~~~
avar
Coming up with real fake evidence is a lot harder than just coming up with a
random blob that the cops think is evidence the suspect is hiding.

E.g. are you really able to carefully craft a filesystem image that you're
sure has no metadata that proves the innocence of the suspect?

~~~
falcolas
Eh, not so hard. Proxy their internet for a browsing session, and you put
thumbnails of images in their cache. If they have any encrypted drive, or any
encrypted blobs (could push those into their cache as well), and they're not
going to have a great day.

Cached images has been enough to put away more than a few folks - there was
also recently a story about using exactly that tactic against a suspected spy.

~~~
avar
This is really moving the goalpost from the grandparent's comment of "encrypt
a zip drive with drivel, toss it in his car and call the cops".

Yes of course you can get an active MiTM session going you can do a lot of
shady stuff.

~~~
falcolas
It can easily be used in tandem with the encrypted drive, to create probable
cause to suspect the drive.

And MiTM is far too simple to do. One of my friends was able to rickroll many
a person with about $100 of gear. It was always troubling to watch my computer
connect to my home network while at a conference, with no real notification to
me.

------
coreyp_1
This is an important constitutional issue! The subject may be deplorable, but
the root issue is not.

If it is a "foregone conclusion", then they should have no problem convicting
the guy without forcing him to testify against himself. If it is not a
"foregone conclusion", then they have been lying and are illegally
(unconstitutionally) depriving him of his freedom for months, without even
charging him with a crime!

~~~
INTPenis
>Investigators say they know child porn is on the drives. His sister saw some
of it and the suspect is said to have shown his family an illicit video, too.

So that's their basis for this "foregone conclusion" apparently. That at one
point in time it was witnessed.

That is very dangerous logic.

The sadest thing in this is that it took child pornography to make the
headlines, not political activism or journalism but the most despicable crime
in our modern society.

~~~
s_q_b
It's also totally insignificant. He could have broadcast it all over Times
Square. That in no way waives his right against self-incrimination under the
Fifth Amendment.

Also, every prosecutor in history has thought their entire case in chief was a
"foregone conclusion." That's totally irrelevant.

~~~
Bartweiss
It's baffling to me that people are treating "he _will_ be found guilty" as
evidence that he's already guilty and can be punished freely. We've got a code
of laws specifically designed to avoid Inquisition-style "accusation of guilt
is presumption of guilt" thinking.

~~~
Kristine1975
In the past in Europe, there existed the concept of "partially guilty."
Someone got shot and you were seen in the vicinity of the crime scene with a
gun? You're 25% guilty. Then you're tortured (since you're 25% guilty, it's
not torture of an innocent, but punishment), and under torture you "confess",
making you fully guilty.

Source: Foucault's Discipline and Punish

~~~
Bartweiss
That's absolutely fascinating, thank you. I need to finally suck it up and go
read _Discipline and Punish_.

As much as I'm not on board with "confession through torture", I wonder if
non-boolean guilt could help sort out some of the dumber quirks of our legal
system. As is we just have "innocent" and "guilty" (which is either 51% chance
of guilt in civil cases, or 'beyond reasonable doubt' in criminal ones).

But we're clearly fumbling around for new values. The Supreme Court decision
about retrials (that "probably would have been found innocent at original
trial" is not enough to justify a retrial) clearly makes more sense in terms
of real-valued guilt - we can then set some actual standard for retrial, which
is different from the standard for conviction. Perhaps you get convicted at
90% guilty in criminal cases, but don't get to open a retrial unless your
estimate drops to 70% guilty.

Now I'm fascinated. What would real-valued guilt look like in a modern system?

------
tetrep
I find this interesting, as I would almost certainly have forgotten my
password by now, it only takes me 4-6 months of never using a password to
forget it, so I wonder what happens if you can't decrypt your drives, due to
honest forgetting from sitting in jail refusing to, or from some sort of
deadman's switch or similar that drops keys after N days.

~~~
15155
> or similar that drops keys after N days

This cannot exist on "dumb" hardware.

------
upofadown
>... it's a "foregone conclusion" that illegal porn is on the drives, ...

Obviously not if the government needs the suspect to tell them where to find
the porn in the keyspace. The porn at this point literally does not exist on
the computer. The government is asking the suspect to find it for them there.

So the question here is; can the government compel someone to help the
government find evidence against them?

This reminds me of something a Pakistani coworker said. He said that in the
area of Pakistan he grew up in they had the best police force anywhere. There
were no unsolved crimes. Someone always confessed...

So this is the same sort of thing. Torture someone long enough with indefinite
detention and they will eventually come up with something to indict themselves
with. There has to be something illegal in any well used computer.

~~~
cauterized
Pretty sure that's in violation of the fifth amendment (self-incrimination).

------
tptacek
Contempt is appealable, and in stories about appeals for long contempt
sentences it appears that the likely sentence for the underlying matter is a
factor. So, as a practical matter, this might mean that refusal to unlock a
drive will net you the same sentence as if you were tried and found guilty for
whatever crime was supposed to be on the drive.

------
mmf
This effectively makes forgetting one's password a crime with a lifetime jail
sentence... Not bad, not bad

~~~
Benjamin_Dobell
No it doesn't. They found evidence on his computer that strongly suggests
there is child porn on the encrypted drive, there are witnesses that claim
"John Doe" showed them child porn _and_ he admitted to knowing the password
initially, it was only later he claimed he forgot.

Prosecutors need sufficient evidence to obtain from a judge warrants, and in
this case a decryption order, before they can hold you in contempt of court.

Of course, the evidence required for a warrant is still typically less than
what is necessary to convict. The issue here is something to do with fifth
amendment rights, which honestly I don't know a lot about because I'm
Australian.

------
Havoc
Thats pretty scary.

I've travelled with encrypted drives where I didn't know the password before.
(Forgot it & was bringing the drive to someone for their own use after
formatting).

------
probably_wrong
I agree with the overall idea that this is an interesting/problematic case,
but I think the discussion would be better served if we stopped assuming that
the authorities here are morons.

No, forgetting your password is not a lifetime sentence. No, not knowing the
password for an item you've never seen is not a lifetime sentence either.
Refusing to obey a judge's order, however, _will_ get you in trouble. Again,
these people are not morons, and if they say the guy is only pretending to
have forgotten his password (a dishonest criminal? shocking), they might have
a good reason.

~~~
hiq
The reasons are stated in the article (the suspect never mistyped his
password, and always remembered it), and addressed by the commentators you
criticize (under pressure and after seven months without typing it, it is not
impossible that you forget a possibly complicated password).

Even if you think that chances are high that the guy both is guilty of some
crime and remembers the password, that still leaves the "what if he is
actually innocent and actually forgot his password" case. Indefinite prison
sure seems a hard sentence in the latter case, which you cannot refute beyond
reasonable doubt.

~~~
zaroth
> The suspect never mistyped his password, and always remembered it

They even went so far as to say he always got it right on the first try.

I found that very interesting... How would they possibly know that? If they
had a key logger obviously they would already know the password.

Does FileVault store some indication of failed login count? That isn't reset
after a valid login?

~~~
zaroth
Actually, does this mean that Apple could be logging successful / unsuccessful
decryption counts for FireVault volumes? Is there some sort of lock-out
feature they are running?

------
silveira
Apart from the obvious assault on the presumption of innocence here, is there
a cryptographic file-system that stores a secret X and Y that given a key k_x
would decrypt the content X and given k_y would decrypt the content Y without
revealing to an attacker that there are multiple contents?

If yes, than one could store a real secret X and store a false secret Y,
something that looks like a secret enough to be perceived as a secret. Then in
case of torture, government persecution, etc, the victim could reveal only Y.

~~~
Veratyr
Yes, this was a feature of Truecrypt, though I'm not familiar with the
underlying crypto.

~~~
maxerickson
It just uses data layout. Normal volumes have some wasted space filled with
random data. Volumes with hidden volumes inside them fill that space with a
second header. If the outer volume is naively mounted, writes can destroy the
data stored in the inner volume.

------
jmnicolas
I'm quite surprised that they can break Freenet but can't break FileVault (I
remember reading an article about a Filevault master password that is short
and brute-forceable but can't find it atm). I would have bet the other way
around.

~~~
htns
Freenet has only symbolic privacy protection for downloaders. Privacy is
supposed to come from your node requesting not only blobs it is downloading
for itself, but also blobs other nodes have requested from it. Unfortunately,
as far as I understand, freenet's routing algorithm is such that these two
classes of requests come from blatantly different statistical distributions.
The further a requested blob is from a node's address the more likely it is
the node is requesting the blob for itself. Another layer of protection is the
blocks being encrypted, but if they are publicly published that can be changed
with a bit of scraping.

What this means is that by running a single freenet node you can monitor half
a hundred others. What's surprising is that it hasn't been done earlier. You
don't even have to commit a crime to do it as a civilian.

This could have been avoided if freenet was hoisted on top of tor (not totally
trivial because freenet runs over udp) or had an onion routing layer of its
own. If the glaring privacy flaw was fixed freenet would have amazing
properties which tor lacks, namely very safe and scalable (no dos unless you
take down the whole of freenet) static hosting and non-realtime communication
in general, and utter censorship resistance. Trying to figure out who has a
blob only spreads it around more.

It's a shame the ideas behind tor and freenet haven't come together in a
popular project.

------
cypherpunks01
This certainly points towards having more widespread support for plausible
deniability, no? Are there any mass encryption tools that are reasonably
simple to set up providing this (besides TrueCrypt Hidden Volumes)?

Would someone continue to be held in contempt if they furnished a decrypted
drive that didn't contain the information that court held as a "foregone
conclusion" that it contained?

~~~
DennisP
Why besides TrueCrypt?

~~~
nicolapcweek94
because it's supposed to be broken and/or backdoored since may 2014 when the
development abruptly stopped and weird warnings appeared on the official site
to switch to alternative programs

~~~
danielweber
There's no evidence it's been "backdoored since may 2014." There were no
changes at that point in time.

~~~
aendruk
"supposed [...] since may 2014"

------
BillinghamJ
In the UK, this is actually legal sadly.

~~~
oarsinsync
Sections 49 & 53 of the RIPA allows for up to two years imprisonment for
failing to provide unencrypted copies of key material. Not quite the same as
life. Although I wouldn't be surprised if they managed to abuse it in this
way.

~~~
patrickmay
> Although I wouldn't be surprised if they managed to abuse it in this way.

Simple. Imprison someone for two years. Demand they provide key material
again. Rinse and repeat.

~~~
kennywinker
Idk how it works in the UK, but in the US you can't charge someone for the
same crime twice.

~~~
yompers888
.. Unless they've committed it twice. 'Failure to abandon your fifth amendment
rights', 05/2016\. 'Failure to abandon your fifth amendment rights', 05/2018\.
'Failure to abandon your fifth amendment rights', 05/2020\. etc.

------
jimrandomh
Seven months imprisoned without trial and counting. The technicalities about
contempt and hard drives are a distraction; the real injustice is that, as a
routine matter, the US government no longer gives trials without extensive
pre-trial punishment.

------
maremmano
and what happens if I forgot my password?

~~~
INTPenis
>The defendant, who is referred to as "John Doe" in court papers, claims he
forgot the passwords. The suspect's identity is Francis Rawls, according to
trial court papers.

> In fact, Doe had multiple layers of password protection on his devices, and
> he always entered his passcodes for all of his devices from memory. Doe
> never had any trouble remembering his passcodes (other than when compelled
> to do so by the federal court), never hesitated when entering the passcodes,
> and never failed to gain entry on his first attempt.

~~~
oarsinsync
Which in itself isn't really valid. Under immense stress, memory fails. I'd
wager facing a long prison sentence for a crime that will make you a big
target in an already hostile environment would be pretty stressful.

~~~
dkersten
I was going to comment the same thing. If I'd been imprisoned for 7 months,
there's a good chance I'd forget my password manager master password too... I
remember it now because I enter it multiple times a day. After 7 months, under
duress and stress? I'm not sure if I would...

~~~
oarsinsync
Meanwhile a laptop I didn't access for 3 months has a boot password (that I
must not have needed for >3 months ontop of that) is now locked away and
without any ability for me to login to.

And that was without going to prison

~~~
mpnordland
Open it up and remove the CMOS battery for a while then replace it. That will
remove a BIOS password. OTOH, if you encrypted the drive...

~~~
oarsinsync
> if you encrypted the drive...

Yep, LUKS AES-256. I seem to recall someone demonstrating how to crack LUKS
for fun, but I can't remember where I found that article, nor enough keywords
to find it again. I might just be failing at Google, mind.

------
vox_mollis
_The exam showed that Doe accessed or attempted to access more than 20,000
files with file names consistent with obvious child pornography_

Is nobody else alarmed that OS X apparently logs any and all( or at least 20k
records )file accesses by default? This is way too many to be found in the HFS
journal, so it's clearly intentionally logging all accesses.

Edit: They also appear to have been able to deanonymize the defendant's
FreeNet usage, though this could have easily been OPSEC violations rather than
technical shenanigans.

------
ommunist
Scary sh#t. What if inmate forgot the password? I cannot remember 4-digit PIN
on a year old card I hardly used.

------
kragen
Ars Technica chose to illustrate this article with a perspective-distorted
screenshot of md5-crypt-encrypted passwords, the entire point of which is to
prevent the person who has the encrypted password from being able to decrypt
it.

------
joshfraser
The ACLU or EFF need to jump on this case. The precident set by this is too
important to leave to some randomly assigned public defender.

------
andai
What would happen if the suspect destroyed keys prior to arrest? (ignoring the
similar difficulty of proving this)

------
jupp0r
One more reason to have plausible deniability features.

------
astazangasta
Why doesn't the Fifth Amendment cover this?

~~~
rthomas6
For much the same reason that it's not against the fifth amendment to ask a
suspect to unlock a safe.

[http://lawcomic.net/guide/?p=2897](http://lawcomic.net/guide/?p=2897)

------
andai
what would happen if a suspect destroyed the keys?

------
davideous
Obligatory XKCD: [https://xkcd.com/538/](https://xkcd.com/538/)

~~~
mattraibert
In case you're curious, this is often called rubber-hose cryptanalysis:

[https://en.wikipedia.org/wiki/Rubber-
hose_cryptanalysis](https://en.wikipedia.org/wiki/Rubber-hose_cryptanalysis)

~~~
ommunist
In Russia, if you are curious this is often called rectal high temperature
cryptanalysis. There is manual.

[http://lurkmore.to/%D0%A2%D0%B5%D1%80%D0%BC%D0%BE%D1%80%D0%B...](http://lurkmore.to/%D0%A2%D0%B5%D1%80%D0%BC%D0%BE%D1%80%D0%B5%D0%BA%D1%82%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9_%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%BE%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D0%B7%D0%B0%D1%82%D0%BE%D1%80)

------
lossolo
"USA land of the free..." Really what happened with your country ? In EU you
can't imprison someone for not decrypting hard drive if he says it can
incriminate him, everyone understand this but not the biggest democracy in the
world?

~~~
chefkoch
The whole EU? No, a small island has some lunitic laws.

[https://en.wikipedia.org/wiki/Key_disclosure_law#United_King...](https://en.wikipedia.org/wiki/Key_disclosure_law#United_Kingdom)

~~~
mg794613
Well, to be fair the UK is more like the 51st state than part of the EU.

------
nluux
Let's not use euphemisms like "kiddie porn" and realize the danger that child
pornography feeds the child slavery industry. The core issue is that the
suspect is potentially hiding his network, clients or victims' identities.
Until he surrenders his hard drives, the truth may never come out.

~~~
andrewla
If there is useful information for law enforcement unrelated to the case at
hand, it seems that we have plenty of already-existing mechanisms. They could
offer him immunity in exchange for unlocking the drive, thus completely
skirting the fifth amendment issue, or they could convict him based on other
evidence, and offer favorable sentencing in exchange for unlocking the drive.

The fact that he is being compelled to offer evidence against himself seems
like the dubious part of this whole proceeding.

