
US Appeals Court: Forced Decryption Is Self-Incrimination - zach
http://volokh.com/2012/02/23/eleventh-circuit-finds-fifth-amendment-right-against-self-incrimination-not-to-decrypt-encyrpted-computer/
======
ChuckMcM
Wow I think they got one right. It will be interesting to see how the
government continues. Since currently its only a decision in the 11th circuit.
If the government appeals, it goes to the supremes and if _they_ hold that its
a violation of your fifth amendment then everyone in the country gets to claim
the fifth rather than give up the key.

While I hate evil doers just as much as the next person I dislike the loss of
civil liberties even more.

~~~
turing
Well, not _everyone_. There are still situations in which the decryption would
not be testimonial in nature and would thus not be privileged.

~~~
mbateman
Or situations in which the data wouldn't incriminate the owner of the data but
rather someone else, etc.

~~~
electromagnetic
Still, handing over the data would require the government agreeing that they
wouldn't mine the data to find a prosecution against you, which is likely what
companies already do.

------
ctdonath
Two analogies I use: rag doll and sawz-all.

Rag doll: so long as they can manipulate your uncooperative unresisting body
to do something (apply thumbprint, get DNA sample), they can order you to
cooperate. They cannot, however, compel you to do something which they
otherwise have no case without.

Sawz-all: so long as getting into a safe (or whatever) is just a normal matter
of time and money, they can order you to open it. If, however, "opening" an
encrypted volume or some such by brute force will take something on the order
of heat death of the universe, and otherwise they have no case, you can stay
silent.

~~~
monochromatic
Those analogies are only useful to the extent they agree with the law.
Otherwise they're just arbitrary.

~~~
erichocean
As if the _law_ isn't arbitrary! _Both_ are arbitrary, and _both_ might be
reasonable.

~~~
JeremyBanks
He didn't say "reasonable", he said "useful".

------
rosser
Am I correctly understanding this decision to mean that, if the government
already knows there's incriminating data on the drive, a compelled decryption
would not be testimonial (as in the referenced cases from the 5th Circuit);
but that the gov't can't compel decryption in order to go on a "fishing
expedition", as any evidence found would be self-incriminating, and thus incur
5th Amendment protection?

If so, that sounds spot-on correct to my (admittedly, lay and NAL)
understanding of the issues.

~~~
jrockway
I take a slightly different view in that one should never have to cooperate in
any way in his own prosecution. Except for computers, nothing else is
mandatory; if you refuse to be arrested, the cops will taze you (bro), if you
go on a hunger strike in prison, the guards will tie you down and feed you
through a tube, and so on. With all that as context, it seems absurd that you
should have to type your innermost thoughts into a laptop so that the
government can send you to jail.

~~~
rosser
There's a vast difference between not cooperating and actively impeding.
Destruction of inculpatory evidence, for example, is a crime, even if, by some
definitions, destroying the evidence could be termed "not cooperating." That's
why, IMO, the court makes a distinction between compulsory decryption of a
drive which the prosecution _already knows_ to contain incriminating data
(which isn't testimonial, and hence not subject to 5th Amendment protection),
versus being compelled to decrypt a drive because the government thinks it's
likely to find incriminating evidence on it.

Actively impeding the prosecution, in the form of refusing to decrypt a drive
known to contain inculpatory evidence, is in many ways tantamount to
destroying that evidence. (Assuming, of course, reasonably secure encryption
technology, &c.) You're not incriminating yourself by giving them the
plaintext; they _already know_ you have it, whether through confession, third
party testimony, or some other means.

What the court is saying here, OTOH, is that it would be _testimonial_ , and
hence subject to 5th Amendment protection, for you to decrypt a drive the
prosecution merely _suspects_ to contain inculpatory evidence, however strong
their argument for suspecting such evidence to exist (and they'll have much
better arguments than, "Well, drive is big enough to hold millions of
files..."). If they were to find any such evidence, they'd have found it
through compelling you to provide it to them, and that's the thing they're
saying is counter to the 5th Amendment — that, in providing them with evidence
they didn't already _specifically_ know to exist, you've incriminated
yourself.

~~~
erichocean
"the prosecution already knows"

Sorry, you lost me. If the prosecution "already knows", then why does the
drive need to be decrypted? It sounds like they already have the evidence.

And if they don't? Well, that's the definition of a "fishing expedition",
isn't it?

~~~
jasonwocky
In the abstract, it's possible to have knowledge without having proof.

~~~
erichocean
I don't know what "in the abstract" means in this case, but I do know that
claiming to "know" something without having actual proof is what's called a
_conjecture_ :

<http://www.merriam-webster.com/dictionary/conjecture>

A conjecture is not the same as knowledge, "in the abstract" or otherwise.

~~~
jasonwocky
If I saw something with my own eyes, but didn't capture a video recording of
it, I could argue that I have knowledge but not proof.

------
jrs235
If they don't have a case without the contents on the drive then they don't
have a case! I scoff at the prosecutors that claim "but if we can't get the
encrypted contents then criminals will get away!" Hey dipsticks! Maybe you
should collect other evidence and maybe make sure you build up a case that
doesn't strictly rely on the contents of a hard drive that you don't even have
possession of. Okay, so lets say you get the drive decrpyted... how you gonna
prove who/how the contents got on the drive?

~~~
smsm42
Well, that's exactly the point of the case - if the defendant decrypts it, by
that fact he proves he knew the password - meaning, he is the owner of the
drive and had control over it. Giving by that to the police proof of both that
the content was illegal and that he owned it. Unfortunately for them (but
fortunately for the defendant) the court did not go their way.

------
wladimir
I've always wondered this about forced decryption: what if you have large
random files on your harddrive? (irrelevant how they got there -- you may not
even know) For all intents or purposes these look like encrypted data, and if
they could force you to "decrypt" them you have a problem of Kafkaesque
proportions.

Is there any rule that data on your drive should be somehow sensible and
decryptable to human-understandable information, using keys that you have in
your head?

~~~
DanBC
People wanting to use encrypted volumes; or encrypted drives; or who delete
individual files; or who wipes discs[1] often use writes of random data to
'sanitise' the drive before writing their data.

Thus, they're likely to have lots of random data strewn around their drives.

I have no idea what would happen if you coughed up two keys which unencrypted
30% of that random data; what would happen with the rest?

------
newbusox
Realize that this is a fairly narrow opinion, and, in my opinion, not a
particularly well-reasoned one.

The issue here is child pornography: the would-be defendant was suspected of
having child pornography on various hard drives which were encrypted. The
court states that the actual contents of the hard drive are themselves not
testimonial—that is, they are not covered by the Fifth Amendment and, if the
government had access to the hard drives, they could present whatever was
incriminating on them into evidence. So the issue is whether the act of
producing the documents is a testimonial act and therefore covered by the
Fifth Amendment

The court concludes that the act of production is a testimonial act because,
one, the testimony was not a "foregone conclusion." This holding is based on a
case called Fisher v. United States, in which the Supreme Court stated that it
was not testimonial to hand over certain papers that might have incriminating
evidence because conceding that documents existed, that you had control over
the documents, or that they were in your possession was not incriminatory
given the circumstances of that case. Under the "foregone conclusion"
doctrine, the government knew of the existence and location of these papers so
the production of the papers added nothing or little to the government's
information. If the government did NOT know that documents existed, they could
not compel a would-be defendant to reveal the documents.

Second, and most importantly, the court concluded that decrypting the
documents would "use the contents of [the would-be defendant]'s mind" because
"the decryption and production would be tantamount to testimony by Doe of his
knowledge of the existence and location of potentially incriminating files; of
his possession, control, and access to the encrypted portions of the drives;
and of his capability to decrypt the files." It's again important to note that
this is a child pornography case: possession of child pornography is a crime,
so if the would-be defendant here provided a decryption key, this would be
tantamount to him admitting that he possessed the hard drive and had access to
the files within it—that alone would constitute a crime if the files were
found to be child pornography. This is therefore what the court later refers
to as an "implied factual statement" and the Fifth Amendment protects this.
Although the court also suggests that providing a decryption key might be like
providing a combination (and therefore be admissible for Fifth Amendment
protection on other grounds), it unfortunately devotes very little space to
this discussion—and this seems to be the really big issue here.

The case therefore leaves several unanswered questions: this is a child
pornography cases where mere possession alone is a crime: what if that wasn't
the case? What if this was a murder case and the defendant had stored notes
about his murder on the computer? What if the foregone conclusion doctrine
wasn't applicable—would the conclusion here be the same (most of the opinion
is actually devoted to this discussion, which is less broadly applicable
because, if the police know of the existence of specific files on hard drive,
this doctrine is inapplicable)?

Anyhow: it still is possible to get access to these documents if the
government gives him sufficient immunity, as the court notes. This would be
pretty important because if no one could ever access these documents (which
presumably would be possible if the would-be defendant doesn't decrypt them)
that would be an enormous problem for our justice system.

In conclusion: the applicability of this case to future cases is unclear, so,
for those that want this result, I don't really think this is a "slam dunk."
There will likely be many future cases further developing this doctrine. As
such, right now, it's very difficult to discuss the merits of the court's
holding on the "decryption is testimony" argument (which, in my mind, is the
most important) in a general sense, since the reasoning here seems very
specific to the facts of case.

~~~
drostie
_Anyhow: it still is possible to get access to these documents if the
government gives him sufficient immunity, as the court notes. This would be
pretty important because if no one could ever access these documents (which
presumably would be possible if the would-be defendant doesn't decrypt them)
that would be an enormous problem for our justice system._

Here's the sticking point for me: it's perhaps overly pedantic, but I want to
view the world honestly, and there are some great points of absurdity here. (I
always like the absurd, and the ways our world is otherworldly.)

The problem is that much of our approach to information is _creative_ , and we
need to start thinking in those terms.

If you have a JPEG of a murder on your unencrypted hard drive, that's not
actually a photograph; it's a set of magnetic pointings which can with certain
hardware be used to produce a photograph. If you think about it, that also
applies to writing on paper, or colored splotches encoding an _image_ into a
physical photograph. Those require a _creative attempt to produce meaning_.
The meaning can be off if the creative attempt is not followed through
correctly. The easy way to see this is to imagine someone systematically using
a common word in an uncommon way -- Feynman for example was once, on the
Challenger commission, chasing down memos which sounded like NASA had been
actively irresponsible, but instead it turned out to be a figure of speech
they'd adopted for a certain phase of their construction. Or imagine that our
demented individual really does have a very detailed, lifelike photograph
which appears to document his murder of another, but in fact the "murdered"
girl is a still-alive actress who was paid to appear in these photographs; the
"blood" and such is very convincing but is ultimately a prop.

So the meaning can be off, if the creative act goes awry. I'm using this to
underscore that you have to think, at some level, about that recreation of
semantics from the physical fact.

Let me be clear: I don't think this is a barrier to investigation usually. I
think it's clear that we expect a sort of 'normal hardware' that allows us to
recreate semantics. The photographs in this safe, when viewed by a normal
person in normal lighting, would show an image of the defendant committing a
murder -- and if they want to say that this was all theatrically staged, they
may produce the actress or others involved in the production. By that account,
photographs inside of a safe are also governed by this principle: even if
their physical location happens to be remote and inaccessible, reproducing the
image from the photograph is as simple as just looking at it. The photograph
really contains the image, up to a 'trivial' semantics.

Now bring this back to your other example of an encrypted disk storing child
pornography. That is a nontrivial semantic inflation: you are literally asking
the defendant to _create_ child pornography for the purposes of the case. In
some sense perhaps you're just saying "create whatever this drive's contents
are," with the understanding that the police is going to look through it for
child pornography -- in that phrasing, it's more clear that this pornography
might not actually exist, etc. -- so there is perhaps a way to comply without
generating child pornography at the judge's request.

But still, that's a little mad and absurd in the wonderful way that our world
can be otherworldly. It opens up all sorts of questions which I have no clue
how to answer. Decryption, like most computation, is a creative act. To demand
decryption is to demand creation.

I quoted the above in particular because I really don't care about the
"enormous problem for our justice system." Like, the fact that we don't have
embedded realtime GPS trackers installed in our spines is an "enormous problem
for our justice system" because it makes it so tremendously hard to figure out
whether our alibis are true or false. Screw that sort of thinking. _Whatever
caused the investigators to think this individual was manufacturing or
downloading kiddie porn should have been enough to convict._ This shouldn't be
a gray-matter area. "We just cracked down on this peer-to-peer kiddie porn
program, we saw that you were using it to share many images, here are the
filenames that the defendant's computer was sharing at the time we busted into
his house with a warrant." (Are the police allowed to download such things?
Probably. "Here are just a couple of the images we downloaded from him," too,
then.) So, if they don't have a case and are fishing through the hard drive to
try to make one, that's more or less explicitly what the Fifth Amendment is
supposed to guard against: "we don't know your exact sins but we know you're a
sinner so damn it, confess!"

But still, the sticking point is the glorious absurdity: "Mr. Doe, we have
reason to believe that if you say the magic word, your computer will
manufacture child pornography. We demand that you say the magic word, so that
we know whether this is true." How will we decide that issue in the face of
its pure and present absurdity?

~~~
abalashov
I have another pedantic concern, along different lines. Strictly speaking,
decryption function _y = f(x)_ produces deterministic output _y_ based on the
application of an algorithm to key _x_.

Most encryption software, including TrueCrypt, will complain if you provide
the wrong key. I object to this behaviour strenuously. What if it stopped
doing that? What if it just gave you whatever output would arise from feeding
key _x_ into the algorithm? It would be upon the court to show that the
resulting incoherent mass of bytes does not contain "satisfactory" output,
which requires them to show what the satisfactory output ought to be, which
means they must have some idea of what they're looking for to begin with and
the ability to show that it exists on the encrypted medium to begin with. This
would be problematic in most cases.

~~~
drostie
Well, it's not actually too problematic. Usually there are forms of metadata
which persist and can store this sort of information. So let's assume that you
didn't go for whole-drive encryption, and your text editor shows in its recent
history "/media/truecrypt1/where-I-buried-him.txt", written on the evening of
the murder: so the police believe that somewhere on your computer is a text
document revealing where the victim was buried. And since it's my story, we'll
suppose that you're completely innocent and that this is a fictional story
you've been writing for the last three months, but you're worried that your
bizarre murder fiction sounds eerily similar to the circumstances that the
other guy died, and might tend to sound incriminating or character-
assassinating to a jury.

Even if TrueCrypt didn't protect their encryption with a message-
authentication code, the police would still notice that you had given them a
decrypted file without a filesystem on it -- much less a filesystem containing
/media/truecrypt1/where-I-buried-him.txt . If they have already convinced a
judge to force you to decrypt the file, they could just tell the judge "this
person is being uncooperative!" and your hijinks will get you nowhere.

Now suppose that they do not have this, but convince the judge that since you
have TrueCrypt, and this is the only random-looking file on your computer,
that this is probably your TrueCrypt archive. They convince the judge to
threaten you with contempt if you don't decrypt it, through whatever means
they have available to them. Well, TrueCrypt containers are always meant to be
directories -- i.e. they always hold file systems -- and so you'd best decrypt
this container into a file system! But that severely restricts your defense.

TrueCrypt will let you do something different: to provide a 'wrong key' which
indeed decrypts the device to a valid file system. This is their 'hidden
volume' system.

I'm kind of mixed in my reaction to TrueCrypt's hidden partitions, for other
reasons. But they address the problem that you've identified, and I haven't
figured out a better solution.

~~~
tjoff
_Well, TrueCrypt containers are always meant to be directories -- i.e. they
always hold file systems -- and so you'd best decrypt this container into a
file system! But that severely restricts your defense._

TrueCrypt is not meant to hold file systems any more than a hard drive is.
There is nothing stopping you from _not_ creating a file system on your
truecrypt volume and just storing garbage in it - or use another encryption
software on top of it.

TrueCrypts hidden-volume feature is quite meaningless in most cases (my
opinion) due to the way it is likely used. If you present a decryption key
that gives access to a filesystem that does not match what was expected then
you are in trouble.

Especially the hidden OS feature... So you have been using this laptop on
multiple occasions the last week (of which we have proof) but according to the
filesystem you presented to us this system haven't been used for over a month.

The same goes for a hidden volume. Unless you actively use it as often as you
use your device (which is _really_ cumbersome to do right) you might just be
better of without it since exposing it will tell them way more than you want
to tell them (for starters it will tell them that you are actively lying and
having made precautions in order to try and get away with lying).

~~~
drostie
Your last paragraph is actually the "mixed reactions" that I was having. It
seems like for hidden volumes to work right, you need to constantly be using
the outer volume. That's fine, there are plenty of applications you might want
to encrypt but might not need to hide from the police -- passwords and emails,
perhaps, or legally-downloaded-and-possessed pornography, or a journal, or
something like those.

The problem is, due to what I guess is something of a flaw in the central
idea, you ultimately have to provide the password for your inner volume when
you do all of these things which don't involve it. So now your private data is
split up over two drives, which is at least somewhat questionable, and also
the "mundane" drive requires the "important" password.

This may be acceptable if you're collecting a small cache of text documents
which you believe could harm a corporation -- then you say "no, I don't have
those articles, see, this really is just my porn stash, please don't hurt me.
But a criminal or a government -- no, they're willing to be patient and
they're perhaps willing to peek at your password input prompts with webcams or
audio-recordings. They would know that there's an extra password being entered
every time you decrypt that file.

------
aspensmonster
To me it all comes down to whether you have to force the cooperation of the
defendant or not when gathering evidence. Part of the problem is bad
analogies: "Demanding the private key to an encrypted volume is no different
than demanding the combination to a safe" or any other equivalent concept. If
the defendant doesn't provide the combination to a safe than the blowtorches
are coming out. At no point is his cooperation a _necessary condition_ to the
gathering of evidence. However, to demand the defendant disclose the private
key --or the more common "we don't want the key, just what's inside" demand--
is to require his cooperation. It is now a necessary condition that the
defendant comply in order to gather this evidence. And as such, it becomes an
invasion into the mind of the defendant for the purposes of coercing a
confession.

Indeed, the judge could grant immunity to the defendant, thereby requiring him
under law to "testify" his private key, but then you don't have a case to
prosecute. I wrote about this more thoroughly here
[http://aspensmonster.com/2012/01/26/on-private-keys-and-
the-...](http://aspensmonster.com/2012/01/26/on-private-keys-and-the-fifth-
amendment/). I'm curious to know what others think about all of this but lack
the time to read through tens of pages of comments at the moment :P

------
aperrien
I have some definite concerns with this. If producing the key via government
coercion is legal, where do we stop? Right now, we have (admittedly) very
crude technology that lets us probe the brain and tell with a reasonable
certainty if someone is lying. It may be possible to produce a machine in the
future that can analyze the mind well enough that it will be possible to tell
what words a person is thinking. If that's the case, would it be legal to
require the accused to be subject to such a machine to reveal their password?
If that is the case, will the government need the accused's testimony at all?

Further along that line of thinking, it may become possible to change what a
person is thinking by suppressing or exciting different regions within the
brain. At that point, is punishment still legal if the government can simply
change what a perpetrator thinks? For example, changing a con artist's mind so
they no longer think of using their persuasive skills to con people. On the
surface, isn't that what prison and the penal code is about anyway?

I believe we need to concern ourselves greatly about this, because we are now
on the cusp of technologies that will make building brain-computer interfaces
not only possible, but possibly simple. This will be an amazing boon to the
elderly, others who have degenerative problems, and probably everyone else. At
that point however, where does an individual's mind stop, and legally-
accessible file storage begin?

I believe the slippery slope of both these arguments starts at this point,
deciding where the demarcation of self-incrimination is. What we decide as a
society over this argument will have a significant affect on how our ultimate
future will go.

------
jakeonthemove
Yes! There are still smart people in the justice system who will make the
right decision no matter who they're pissing off. My hat's off to you, Judge
Tjoflat!

P.S. More people should know about this decision and the judges!

------
macrael
The analogy to a combination for a safe seems very apt, I've forgotten: what
is the precedent in such situations? Have people been forced to give up the
combination for a safe in court before?

~~~
shingen
Imagine if you stored a murder weapon in a safe. A search warrant will almost
always open a safe (either by voluntary capitulation or by force).

There has been a lot of debate over whether a court should have to issue a
specific search warrant just for a safe, or whether a search warrant for your
property is enough to allow them to open such. The authorities always attempt
to apply a search warrant for your house to mean your safe as well. You'd need
some kind of pre-emptive action to try to stop that, and even then, good luck.

~~~
macrael
Sorry, that's a bit different than what I'm asking. One of the ways the "safe"
analogy breaks down when talking about crypto is that safes can generally be
broken open by force but well encrypted data cannot be. I'm asking if there
have been instances in the past where police could _not_ break open a safe by
force and so instead compelled (or tried to compel) the defendant to reveal
the combination in court.

~~~
shingen
I just asked a lawyer friend this that does trials; he says: in cases where
there is a sealed safe (the police / govt didn't breach it for whatever
reason) a court will usually ask you to open it if the prosecution can provide
enough evidence to suggest that the contents are a critical element to the
case. That requires some kind of trail that leads to the safe. A court won't
just automatically force you to open your safe and potentially incriminate
yourself; but they also will not allow you to use a safe to hide your murder
weapon if all evidence points to you having stored it there.

In the case of cryptography, if the contents are bad enough to put you in
prison for a zillion years, obviously you have to make a judgment call as to
the punishment if you refuse a court order to decrypt the contents. Since this
is still such a relatively new gray area, I'd say a court would still blaze
its own path (not depend primarily on prior precedent) in deciding if you're
to be compelled. Perhaps you aren't likely to be convicted of the worst
charges if you don't decrypt, and it might prevent the prosecution from
building up other charges, but you will be punished by the court for refusing
its order.

~~~
redthrowaway
Would refusal to decrypt be contempt of court? If so, the penalties seem to be
far more lenient than any of the crimes I can think of that one would want
evidence of hidden. It may well be that savvy criminals would adopt strong
encryption as a matter of course.

~~~
shingen
Yes, it'd be contempt of court if you disobeyed a court order to decrypt a
drive. The contempt would very likely be preferable. It's not a felony after
all.

It'd have to be better than what is on the drive - assuming you've got
anything on the drive to begin with (some kind of incriminating evidence or
something else they can build charges with). The difference might very well be
that you prevent the prosecution from building a strong enough case, and at
the least maybe you buy yourself some time to build a better defense.

I'd predict that as major crime continues to shift to the digital realm,
criminals will adopt ever stronger encryption for that very reason, and the
government will use that practice to argue in favor of violating more civil
rights. Seems to be the trend these days.

~~~
wisty
IANAL, but isn't there something about the rules of evidence?

Like, the prosecution can't just say "we think he hid it on an encrypted HDD,
but we aren't sure". The judge won't allow that. But if you claim to have
forgotten the password, then the prosecution can speculate.

------
recursive
What is the difference between an encrypted hard drive, and one filled from
/dev/random or the like? If I fill a hard drive with cosmic noise, can I be
face consequences for not being able to decrypt it?

~~~
dedward
Nothing - my personal opinions aside, the difference seems to be if the
prosecution has enough evidence to convince a judge that a specific piece of
suspected evidence is contained in that encrypted data.

The court decision even addresses this - that there is no way to tell whether
the drive is full of random data or real files once decrypted, and the
government has not shown they are looking for a specific information - they
are basically going on a fishing expedition saying "make him decrypt his drive
because we think we'll find bad stuff on it"..... that's different than "Make
him decrypt his drive because the file we gave him in the sting operation is
strongly believed to be sitting on his drive, because the undercover officer
saw him load it onto the laptop right before we arrested him". In this case,
the court ordering the guy to decrypt the drive is reasonable. The devil is in
the details it seems... the details are everything.

They absolutely can't just bust down your door and demand your decryption
keys.... the court seems to have addressed that.

------
DanBC
Can't the investigators get a warrant to spy on the suspect? They then install
a bunch of spyware on the machine and in the suspect's home and on the
suspect's internet connection.

~~~
AndrewDucker
If I was that suspect then I would never, ever, use that computer again.

~~~
DanBC
For sure.

There are other measures the suspect could have taken; store everything on an
always encrypted micro-SD, which is tiny enough to be easily destroyed.

Actually: Has anyone done any research about the risks of "super microscopes
and Flash memory"? There's a theoretical risk with conventional platters. I
don't know how big one bit is on a conventional drive, and I don't know how
big one bit is on a, say, 8GB micro-sd card.

~~~
burgerbrain
What are they going to do, read the encrypted data off the flash drive the
hard way?

~~~
DanBC
I stress this is just me noodling around, and that I'm not talking about real
world risks. But: Is it possible to read unencrypted data of the flash drive
the hard way?

Obviously, if it's sensibly encrypted there's no point. But a person may think
they have physically destroyed a flash drive only to have left information
available.

Here's some links to DIY de-capping and microscopy of a variety of ICs:

([http://siliconexposed.blogspot.com/2011/03/microchip-
pic12f6...](http://siliconexposed.blogspot.com/2011/03/microchip-
pic12f683-teardown.html))

(<http://uvicrec.blogspot.com/>)

([http://dangerousprototypes.com/2011/06/27/hacking-the-
pic-18...](http://dangerousprototypes.com/2011/06/27/hacking-the-
pic-18f1320/))

~~~
burgerbrain
I imagine it's probably possible. The trick with flash drives though I think
is the size. You could easily swallow a micro sd card without anyone even
noticing.

------
darxius
In plain English: Does this mean an encrypted hard drive CANNOT be decrypted
by law enforcement and the contents of the drive cannot be used in court to
convict?

~~~
elithrar
> In plain English: Does this mean an encrypted hard drive CANNOT be decrypted
> by law enforcement and the contents of the drive cannot be used in court to
> convict?

Not exactly. It means that the defendant does not (currently) have to provide
the decryption key in cases where law enforcement has had no luck accessing
the volume via other means.

Not all encryption schemes are created equal, and in many cases, law
enforcement will attempt to circumvent or retrieve the key otherwise (i.e.
volatile memory, disk controllers, etc).

~~~
darxius
So a sufficiently strong method of encryption (one that is proven to be not
time or resource efficient) is enough to protect your hard drive from law
enforcement eyes?

~~~
rosser
To an extent, yes.

If the prosecution simply suspects there to be incriminating evidence on the
encrypted drive, however strongly, then compelling you to decrypt the drive
would be "testimonial". After the decryption, they'd have evidence they didn't
have (or at least didn't know of) before the decryption. That's effectively
testifying against yourself, and thus subject to 5th Amendment protection.

If, OTOH, the government already specifically knows that you have
incriminating data on an encrypted drive, this test doesn't seem to apply, per
my reading. It's not "testimonial" for you to decrypt the drive, as they
already know the evidence exists, and that it's on the encrypted drive. The
plaintext doesn't give them anything they don't already know about.

An interesting question in all this is the disposition of additional evidence,
beyond the stuff they already knew about, in such a case. Contrived example:
if John Doe is compelled to decrypt his laptop to provide the prosecution with
evidence they already knew about in an embezzlement case, and they happened
also to find child porn (which they had no reason to suspect the existence of,
and weren't searching for) on the drive, does that mean new charges?

~~~
jrockway
_If, OTOH, the government already specifically knows that you have
incriminating data on an encrypted drive, this test doesn't seem to apply, per
my reading. It's not "testimonial" for you to decrypt the drive, as they
already know the evidence exists, and that it's on the encrypted drive. The
plaintext doesn't give them anything they don't already know about._

How can one know something exists if they don't have it? They can be "pretty
sure", but they can't "know". Therefore, providing the encryption passphrase
is always testimonial. (Mumble, mumble, something about a radioactive cat...)

~~~
rosser
_How can one know something exists if they don't have it?_

I don't think the distinction the court is making here is particularly
epistemological. The question isn't even directly about the specific evidence
on the encrypted drive. It's about whether the act producing said evidence,
itself, would be testimonial. If the prosecution "knows" you have this
evidence, however — legally, of course — they came by that knowledge, then the
act of producing it isn't testimonial. If they don't know of _specific_
evidence, OTOH, then compelling you to produce any evidence you might have
would be.

If, for example, you were dumb enough to admit to a third party that you keep
the map showing where you buried the bodies on an encrypted drive, that
person's testimony might be sufficient. Worse, you might have let slip that's
where the data is while being interrogated. Or maybe the Customs agent saw a
file named "XYZ Company Fraud.xls" the last time you came back from overseas,
and now you're being prosecuted for defrauding XYZ Co. There are countless
ways for the man to come by knowledge of the existence of a specific piece of
evidence.

~~~
marvin
In the case of child porn, how about network logs from your ISP? Would this be
enough? There's no way they can be sure that the images are stored on your
disk. But digital traces are logged all over the place, so this is a very
relevant point.

------
Intermernet
I wonder if evidence acquired by brute force decryption is admissible?

~~~
dedward
Sure, if the seizure of the laptop as evidence was legal and all that, of
course it would be.

The issue is the defendants rights and responsibilities in helping them figure
that out.

------
nusrat
My Objections Re Judicial Or Legislative Constraints On Cryptology In A First
/ Fourth / Fifth Amendment Domain: The Idioglossia Paradigm

The following all occurs in San Francisco. Imagine that Alice, a native
speaker of english, has devised a private spoken language, which is
grammatically and linguistically rich, robust, and functionally complete, and
which also is completely indecipherable and "un-analysable" to others by any
means. Assume that no one, without Alice's cooperation, can definitively
ascertain if she has taught anyone else to speak or understand her language.

1\. May Alice legitimately be constrained from (or sanctioned for) expressing
herself in this language?

2\. If a communication by Alice in this language has been audio-recorded,
under what condition may she legitimately be compelled to translate the
recording?

3\. If the communication of item #2 has been rendered -- or even originally
produced -- in a faithful phonetic written form on a single paper copy, under
what condition may Alice legitimately be compelled to translate it?

4\. If the single copy of #3 is instead digital, produced in a manner such
that nothing about its location, file-name, etc. imply anything about the
content of the communication, then under what condition may Alice legitimately
be compelled to translate it?

5\. Now imagine another person, Carol, an "idiot savante", with idioglossic
capability which superficially seems equivalent to Alice's. However, Carol's
case is different, in that she has the mental ability to perform the most
advanced and secure key-generation, encryption, and decryption without
artificial aids. Carol's talent is so profound, that her encrypted-from-
english speech -- and her comprehension of any received communication which
has been thus encrypted -- occurs in real-time, and is indistinguishable from
the naturalistic communication of a speaker of some unknown language (e.g.
Alice).

Are the answers to items #1-through-#4 any different in Carol's case?

6\. Suppose that Ted purchases a new, blank, never-formatted hard-drive,
formats it, creates a top-level directory named "Porn", and three subordinate
directories named "Adults","Teens", and "Even Younger", and in the last
creates a subordinate directory named "Screamed So Loud, I Had To Wear Hearing
Protection". Into this directory he creates -- eiher copied or "de novo" -- a
file named "I Got This From Alice.mpg.pgp" and one named "I Got This From
Carol.mpg.pgp". Ted then purchases a new laptop computer, and replaces its
single hard-drive with the one containing those files.

Ted then proceeds quickly to a nearby place, where he is detained and the
computer examined, and the the presence of the files is discerned by the
examining authority. Forensic examination of the contents is fruitless. IANAL,
but I believe that it can reqasonably be said that Ted has committed no
illegal act in arriving at this moment.

What can legitimately be compelled of any of the three named parties?

7\. Ted is suspected of having child-porn on the disk, and is arrested. From
the moment of his arrival at the place where is was originally detained,until
the moment when a court orders Ted to render the files intelligible, Ted has
communicated _nothing_ to anyone except the bare minimum which is legally
required (name, etc.).

The "government" has expended enormous effort and expense in this entire
matter. At this point Ted complies with the court's order. (IANAL, but I
believe that the exact manner in which he does this is irrelevant to the
coming question.)

The contents of the files are shown to be nothing but the most scatalogical,
vile, horrific, vituperative, and scurrilous written characterizations of all
of the individuals -- by name -- involved in Ted's detention, arrest,
prosecution and trial, including any judge(s) involved.

From the perspective of knowing _nothing_ of Ted's intentions or actions
before the examination of his computer -- and nothing after except what was
apparent to all involved without his cooperation -- can Ted reasonably be said
to have violated any laws? Are there any charges which are likely to be
sustained, assuming adequate and competent defense counsel?

~~~
anigbrowl
Interesting questions, to which I shall attempt brief, (but necessarily
superficial) replies. However, I'm going to go on general principles rather
than 9th circuit precedent, California law, or rules of the court of the City
and County of San Francisco, for the simple reason that I am not willing to
spend hours checking them

Alice If we stipulate the existence of Alice's language with the
characteristics you describe, it's hard to see how it could be beyond any sort
of analysis - but we'll examine that in more detail with Carol.

1\. Yes. Alice being a native speaker of English, the court can demand that
her testimony, if any, be in the same language as that of the proceedings.

2\. Where she is a material witness testifying under oath with a grant of
immunity, and there is reason to believe that the recorded speech is material
to the proceedings - eg if she made a speech in her private language, and then
remarked in English upon the subject of her speech.

3, 4 - likewise, insofar as she is capable. 2, 3, & 4 are all types of
Funniest Joke in the World problems: if the communication is recorded in any
form such that a person can understandably repeat it to Alice without
themselves understanding the content, then the onus is on Alice to interpret
the meaning for the court.
(<http://en.wikipedia.org/wiki/The_Funniest_Joke_in_the_World>)

Carol, the human encryption engine My understanding is that Carol also speaks
English; that being the case, the same answers. Carol's lack of insight into
her linguistic/cryptographic facility is irrelevant; after all, most people
speak fluently in their native language without necessarily being able to
analyze how. Illiterate people can't articulate rules of grammar but can still
talk; likewise, one can toss a ball reliably without knowing the first thing
about calculus or mechanics. This is a Chinese Room type of problem; unlike
Searle, I don't think there needs to be an identifiable seat of consciousness.
(<http://en.wikipedia.org/wiki/Chinese_room>) Like Hofstadter, courts are
concerned with capacity and compliance, rather than epistomological
understanding. It is enough that Carol be able to consistently exercise her
talent on demand. There's a parallel to this situation with claims of
_facilitated communication_ for autistic or otherwise incommunicative people;
some cases have fallen apart dramatically in court when the claims of
interpretative ability were proved unreliable, though not before some
defendants had their lives ruined with false accusations of abuse.

Ted 6\. I'm unclear on what basis Ted was detained and his computer examined,
and a defense attorney would certainly start by attempting to suppress such
evidence if it was obtained via an illegal search. With a grant of immunity,
one could compel from any of the three testimony about what contact had
occurred between them, if any (eg whether Alice has ever met Ted or given
anything to him), and likewise a good-faith attempt at 'translating' the PGP
file - _eg_ Carol might be able to decrypt it given a lucky guess at the key,
if it were absurdly insecure.

7\. If Ted is suspected and tried of possessing child porn based _solely_ on
the suggestive folder names, and a judge found no reason to suppress, then he
would likely be acquitted since the naming of the folders was not done under
oath. With no testimony on Ted's part, his defense counsel could argue that
there are many possible reasons to engage in such activity. Perhaps Ted plans
to create a fictional story about a child pornographer and intends to employ
the laptop as a prop - the sort of prop that is often employed in movie and TV
shows about police investigations. Perhaps Ted merely has a warped sense of
humor. Perhaps he aims to entrap a child pornographer by connecting the laptop
to the internet and seeing who downloads the files. Perhaps the files do
contain video...of Ted's face as he imagines pornographic situations. The
existence of so many possibilities casts a reasonable doubt on the supposition
that the folder names are necessarily descriptive of their content.

But now take the file content as the hostile characterizations of the law
enforcement personnel that you describe. This is potentially incriminating;
not because it speaks ill of the legal establishment, but because we must ask
how probable it is that the identity of everyone involved in Ted's legal case
was foreseeable. If Ted lives in a small town with one cop, one sheriff, one
prosecutor, one defense lawyer, one clerk of court, and one judge, and had
some reasonable expectation of detention and search - _eg_ a history of poor
relations with the town's sole cop - then the involvement of these individuals
with Ted's criminal prosecution was highly foreseeable, and it is quite
plausible that Ted wrote his hostile prose as a description of what he
expected to occur that day, which suspicions have been vindicated by events.
In that case, the evidence would probably be exculpatory insofar as it
demonstrated Ted's prior belief that he was going to be the victim of legal
harassment, albeit in perverse fashion.

But since this episode takes place in San Francisco, a city of about 700,000
people, the chances that Ted could accurately predict the identity of everyone
connected with his arrest and prosecution in advance are very low indeed. Ted
would need to have either superhuman powers of foresight, or introduce
additional evidence to show why that combination of individuals was rationally
predictable - proof of corruption in the local legal establishment, or an
enormously detailed knowledge of administrative scheduling and procedure in
multiple different offices - police station, jail, DA's office, Sheriff's
office, and Court. The probability of accurate foresight here is so low that a
jury might infer Ted had encrypted multiple streams of information in advance
and selected an appropriate key during trial: memorizing a list of all law
enforcement personnel in advance, supplying a key representing the ordinal
placement of the arresting officer Ted in an encrypted version that list, and
using a decryption process that retrieved the name of the officer and
substitutes it into a generic 'vile characterization' written and encrypted in
advance. This would require a truly impressive memory for multiple long lists,
but such feats of memory are not superhuman; there are professional
entertainers who specialize in such feats and can explain or demonstrate them.

The probability that Ted had the time, capability and inclination to do this
is demonstrably higher than the probability that he was clairvoyant or an
incredibly good guesser. If, as seems possible, the specificity of the
document rested on a trick of memorization and a selective decryption
mechanism that could yield multiple valid-seeming plaintext values in response
to multiple different keys, then a jury would have to weigh the possibility
that the decryption process was intended to be obfuscatory rather than
revelatory, and that there might well be a 'meta-key' that decrypted the files
into video of child porn for Ted's illicit enjoyment. In other words, a
perverse form of steganography that overtly identifies its significant content
but frustrates its easy retrieval. Obviously this is all subject to the limits
of information theory - if the size of the scurrilous prose plaintext file and
the size of the encrypted files were both small and close - only a few
kilobytes in length, say - then the probability that the encrypted files also
contained contraband video would be correspondingly small. If the encrypted
files were several gigabytes each, it would be entirely possible for them to
include video, scurrilous plaintext, and multiple lists of names.

There would still, arguably, be a reasonable doubt about the nature of the
still-hidden data in the file (if any), but the jury would be entitled to take
these factors into account when assessing the defendant's credibility. On
these facts, I think that Ted would have to be acquitted on charges of
possessing child porn, as its existence could not be established beyond a
reasonable doubt - if he were convicted, an Appeal court would probably free
him. On the other hand, and subject to the estimable probabilities described
above, I think he could be convicted of obstruction of justice for wilful
frustration of the Court's fact-finding function - not by declining to comply,
but by complying in such a manner as to strain the bounds of credibility.

------
joering2
this is the key to this case and reasonings behind such a response from court:

> The Government attempts to avoid the analogy by arguing that it does not
> seek the combination or the key, but rather the contents.

Government had inexperienced prosecutor building case and the judge,
rightfully responded to prosecutor request: in order to get the content that
prosecutor wants, they need keys. By not revealing keys defendant is using
5th. Everything seems fine, other than I am sure this case will come back and
this time prosecutor will wont the keys not the content. This mistake, I think
rest assured, will not happen from Prosecutor's part again in this or any
other cases.

\---

below is what I started typing but when I read the case again it stroked me as
of why we dealing with such a decision. I decided to leave it instead of
deleting if you want to read anyways:

First and foremost: I use TrueCrypt. Its amazing, simple, and it works. Just
make sure, when converting existing partition, you use at least "3-pass wipe"
mode since todays hard disk drives can keep "second layer" of magnetized data
you were converting for months giving law enforcement access to your pure data
pre-endryption. In my example, I have about 10TB across 8 HDD with my
CAD/3DStudio Max work. I also have hours of digital-cam material from 2003
where 15 minutes of recording took 2TB of avi files and I never cared to
convert.

Said that, I think in this case the court was terribly wrong and defendant
should play lottery first thing he leaves the jail.

> First, the decryption and production of the hard drives would require the
> use of the contents of Doe’s mind

say what? they asked him for password he knows. He doesnt want to give it out.
Court agrees saying that this would require to force defendant to use his mind
and reveal information he keeps there and that noone else can access. May I
know any court case or any case where defendant brain would not be used?? I
dont honestly find a difference between asking him for password and asking him
for anything else in any case proceedings. He is unwilling to comply with
court, bottom line.

> Just as a vault is capable of storing mountains of incriminating documents,
> that alone does not mean that it contains incriminating documents, or
> anything at all.

sure, but if the Government has any other evidence against defendant, the
burden of proof should clearly shift to defendant. If, for example Government
has ISP logs of tons of torrent data downloaded by defendant router, one can
fairly assume that illegal files are stored there. If defendent is not willing
to "open the safe" by releasing the key, he should be found guilty by
withholding the evidence. -- Just open the damn vault and show those idiots
from the Govt & Co how stupid they really are!

~~~
bad_user

         rest assured, will not happen from Prosecutor's part
         again in this or any other cases
    

When asking for something, such as a key, the prosecutor has to have at least
a reason behind the request (like retrieving the contents of that safe, or
hard-disk).

Also, if the legal system is so dumb about semantics such as this, there's now
a powerful precedent anyway.

    
    
          He is unwilling to comply with court, bottom line.
    

But he has the right to not comply with the court, as then he would
incriminate himself. The prosecutor first has to prove that the defendant is
actually guilty, otherwise that's just fishing for evidence and crimes
committed which may or may not exist. And that's exactly what the 5th
Amendment is about.

    
    
          If, for example Government has ISP logs of 
          tons of torrent data downloaded by defendant router, 
          one can fairly assume that illegal files are stored there
    

That's just stupid. I download everything big from torrents, like Ubuntu Linux
distributions ... should that give anybody the right to inspect my hard-drive?

~~~
joering2
> Also, if the legal system is so dumb about semantics such as this, there's
> now a powerful precedent anyway.

what do you mean? Prosecution should be asking specific questions, judge
should address them. In this example they didnt ask for keys, they asked for
the content of the hard drive.

Anyways, yes Prosecution asks stupid questions; even more: they will try to
persecute you and put behind bars based on their frivolousness thinking
process. This case is a great example: they dont know whats on the hartd
drive, but there may be illegal files so yeah lets put the guy in jail.

> The prosecutor first has to prove that the defendant is actually guilty,
> otherwise that's just fishing for evidence and crimes committed which may or
> may not exist.

well they had to build a case somehow. something must have gotten them to this
guy's door, right?

> That's just stupid. I download everything big from torrents

no, by "tons of torrent" data I did not necessary mean big in size. if his IP
was found on plenty of illegal torrents then this was a good enough reason to
assume he is downloading illegal stuff [but let alone not good enough to
sentence him].

------
shingen
I guess it's better late than never. A critical finding.

