Rael
03-04-2009, 11:05 PM
Imagine some government thugs bust down your doors one night, for whatever reason. Or imagine any scenario when the government winds up confiscating your computer.
Now, imagine that the government computer guys can't access your data. So they forward it to the FBI's best computer forensics team. What do they find? Zip. Nada.
Won't they just shit bricks? And won't you be sitting there laughing?
This has already happened. Ask alleged pervert Sebastian Boucher. I'm posting the story below.
Ah, but I'm not doing anything wrong, you say! Suppose you have books on your computer that tell you how to do illegal things. Suppose you are wrongly accused of some of those things, and the government uses the fact that you have the materials on your computer to bolster their bogus case in front of a jury.
TrueCrypt is a free program that gives you military grade encryption suitible for top secret data, with algorithms that so far have never been broken. If you choose whole disk encryption, everything you do on your computer that touches your hard drive is encrypted. As soon as your computer is off, without the password, your data is safe. And it does this without slowing your computer down a bit.
http://www.truecrypt.org/
JOHN CURRAN
Associated Press
February 8, 2008 at 4:06 PM EST
BURLINGTON, Vt. — When Sebastien Boucher stopped at the U.S.-Canadian border, agents who inspected his laptop said they found files containing child pornography.
But when they tried to examine the images after his arrest, authorities were stymied by a password-protected encryption program.
Now Boucher is caught in a cyber-age quandary: The government wants him to give up the password, but doing so could violate his Fifth Amendment right against self-incrimination by revealing the contents of the files.
Experts say the case could have broad computer privacy implications for people who cross borders with computers, PDAs and other devices that are subject to inspection.
“It's a very, very interesting and novel question, and the courts have never really dealt with it,” said Lee Tien, an attorney with the Electronic Frontier Foundation, a San Francisco-based group focused on civil liberties in the digital world.
For now, the law's on Boucher's side: A federal magistrate here has ruled that forcing Boucher to surrender the password would be unconstitutional.
The case began Dec. 17, 2006, when Boucher and his father were stopped at a Derby Line, Vt., checkpoint as they entered the U.S.
Boucher, a 30-year-old drywall installer in Derry, N.H., waived his Miranda rights and cooperated with agents, telling them he downloads pornography from news groups and sometimes unknowingly acquires images that contain child pornography.
Boucher said he deletes those images when he realizes it, according to an affidavit filed by Immigration and Customs Enforcement.
At the border, he helped an agent access the computer for an initial inspection, which revealed files with names such as “Two year old being raped during diaper change” and “pre teen bondage,” according to the affidavit.
Boucher, a Canadian with U.S. residency, was accused of transporting child pornography in interstate or foreign commerce, which carries up to 20 years in prison. He is free on his own recognizance.
The laptop was seized, but when an investigator later tried to access a particular drive, he was thwarted by encryption software from a company called Pretty Good Privacy, or PGP.
A grand jury subpoena to force Boucher to reveal the password was quashed by federal Magistrate Jerome Niedermeier on Nov. 29.
“Producing the password, as if it were a key to a locked container, forces Boucher to produce the contents of his laptop,” Niedermeier wrote. “The password is not a physical thing. If Boucher knows the password, it only exists in his mind.”
Niedermeier said a Secret Service computer expert testified that the only way to access Boucher's computer without knowing the password would be to use an automated system that guesses passwords, but that process could take years.
The government has appealed the ruling.
Neither defence attorney James Budreau nor Vermont U.S. Attorney Thomas Anderson would discuss the charge.
“This has been the case we've all been expecting,” said Michael Froomkin, a professor at the University of Miami School of Law. “As encryption grows, it was inevitable there'd be a case where the government wants someone's keys.”
Authorities have encountered such dilemmas before, but have used other methods to learn passwords, including installing surveillance devices that capture keyboard commands. Sometimes investigators have given up before a case reached the courts.
In a 2002 case, the FBI used a keyboard program to obtain gambling records from the computer of Nicodemo Scarfo, Jr., the son of a jailed New Jersey mob boss.
In another case, an officer found child pornography on the laptop of a man who flew into Los Angeles International Airport from the Philippines. But a federal judge later suppressed the evidence, ruling that electronic storage devices are extensions of the human memory and should not be opened to inspection without cause.
That case didn't hinge on a password, though.
Orin Kerr, a law professor and computer crime expert at George Washington University, said the distinction that favours the government in Boucher's case is that he initially co-operated and let the agent look at some of the laptop's contents.
“The government can't make you give up your encryption password in most cases. But if you tell them you have a password and that it unlocks that computer, then at that point you no longer have the privilege,” he said.
Tien, the attorney with the Electronic Frontier Foundation, said a person's right to keep a password secret is a linchpin of the digital age.
Encryption is “really the only way you can secure information against prying eyes,” he said. “If it's too easy to compel people to produce their crypto keys, it's not much of a protection.”
Now, imagine that the government computer guys can't access your data. So they forward it to the FBI's best computer forensics team. What do they find? Zip. Nada.
Won't they just shit bricks? And won't you be sitting there laughing?
This has already happened. Ask alleged pervert Sebastian Boucher. I'm posting the story below.
Ah, but I'm not doing anything wrong, you say! Suppose you have books on your computer that tell you how to do illegal things. Suppose you are wrongly accused of some of those things, and the government uses the fact that you have the materials on your computer to bolster their bogus case in front of a jury.
TrueCrypt is a free program that gives you military grade encryption suitible for top secret data, with algorithms that so far have never been broken. If you choose whole disk encryption, everything you do on your computer that touches your hard drive is encrypted. As soon as your computer is off, without the password, your data is safe. And it does this without slowing your computer down a bit.
http://www.truecrypt.org/
JOHN CURRAN
Associated Press
February 8, 2008 at 4:06 PM EST
BURLINGTON, Vt. — When Sebastien Boucher stopped at the U.S.-Canadian border, agents who inspected his laptop said they found files containing child pornography.
But when they tried to examine the images after his arrest, authorities were stymied by a password-protected encryption program.
Now Boucher is caught in a cyber-age quandary: The government wants him to give up the password, but doing so could violate his Fifth Amendment right against self-incrimination by revealing the contents of the files.
Experts say the case could have broad computer privacy implications for people who cross borders with computers, PDAs and other devices that are subject to inspection.
“It's a very, very interesting and novel question, and the courts have never really dealt with it,” said Lee Tien, an attorney with the Electronic Frontier Foundation, a San Francisco-based group focused on civil liberties in the digital world.
For now, the law's on Boucher's side: A federal magistrate here has ruled that forcing Boucher to surrender the password would be unconstitutional.
The case began Dec. 17, 2006, when Boucher and his father were stopped at a Derby Line, Vt., checkpoint as they entered the U.S.
Boucher, a 30-year-old drywall installer in Derry, N.H., waived his Miranda rights and cooperated with agents, telling them he downloads pornography from news groups and sometimes unknowingly acquires images that contain child pornography.
Boucher said he deletes those images when he realizes it, according to an affidavit filed by Immigration and Customs Enforcement.
At the border, he helped an agent access the computer for an initial inspection, which revealed files with names such as “Two year old being raped during diaper change” and “pre teen bondage,” according to the affidavit.
Boucher, a Canadian with U.S. residency, was accused of transporting child pornography in interstate or foreign commerce, which carries up to 20 years in prison. He is free on his own recognizance.
The laptop was seized, but when an investigator later tried to access a particular drive, he was thwarted by encryption software from a company called Pretty Good Privacy, or PGP.
A grand jury subpoena to force Boucher to reveal the password was quashed by federal Magistrate Jerome Niedermeier on Nov. 29.
“Producing the password, as if it were a key to a locked container, forces Boucher to produce the contents of his laptop,” Niedermeier wrote. “The password is not a physical thing. If Boucher knows the password, it only exists in his mind.”
Niedermeier said a Secret Service computer expert testified that the only way to access Boucher's computer without knowing the password would be to use an automated system that guesses passwords, but that process could take years.
The government has appealed the ruling.
Neither defence attorney James Budreau nor Vermont U.S. Attorney Thomas Anderson would discuss the charge.
“This has been the case we've all been expecting,” said Michael Froomkin, a professor at the University of Miami School of Law. “As encryption grows, it was inevitable there'd be a case where the government wants someone's keys.”
Authorities have encountered such dilemmas before, but have used other methods to learn passwords, including installing surveillance devices that capture keyboard commands. Sometimes investigators have given up before a case reached the courts.
In a 2002 case, the FBI used a keyboard program to obtain gambling records from the computer of Nicodemo Scarfo, Jr., the son of a jailed New Jersey mob boss.
In another case, an officer found child pornography on the laptop of a man who flew into Los Angeles International Airport from the Philippines. But a federal judge later suppressed the evidence, ruling that electronic storage devices are extensions of the human memory and should not be opened to inspection without cause.
That case didn't hinge on a password, though.
Orin Kerr, a law professor and computer crime expert at George Washington University, said the distinction that favours the government in Boucher's case is that he initially co-operated and let the agent look at some of the laptop's contents.
“The government can't make you give up your encryption password in most cases. But if you tell them you have a password and that it unlocks that computer, then at that point you no longer have the privilege,” he said.
Tien, the attorney with the Electronic Frontier Foundation, said a person's right to keep a password secret is a linchpin of the digital age.
Encryption is “really the only way you can secure information against prying eyes,” he said. “If it's too easy to compel people to produce their crypto keys, it's not much of a protection.”