"...nor shall be compelled in any criminal case to be a witness against himself..."
July 11, 2011 9:24 PM   Subscribe

Just say you forgot the password. It worked for Ronald Reagan, and everyone still thinks he was being honest.
posted by Brian B. at 9:27 PM on July 11, 2011 [40 favorites]

The bill of rights really gets in the way of keeping us safe!
posted by fuq at 9:29 PM on July 11, 2011 [9 favorites]

With easy to use encryption software like Truecrypt that can provide plausible deniability, there's really no way the government could get your data if you really wanted to hide it, I'd think.
posted by Thoughtcrime at 9:29 PM on July 11, 2011 [8 favorites]

Take the technology out of this and now imagine we are talking about a locked file cabinet. They get searched all the time.

The plausible deniability from the hidden volumes is really interesting though.
posted by furiousxgeorge at 9:33 PM on July 11, 2011 [1 favorite]

The right to not self-incriminate is a pretty hard area of law. Basically, you're hiding evidence. Should a criminal be allowed to lock away evidence? A gun, a knife, kept in a safe?

The court would only authorise (well, in my country) the opening up of that laptop based on reasonably solid evindece, cops couldn't go on a fishing trip through there, there would already be reasonable grounds.

Think about this from the perspective of this person's victims, don't make Fricosu the victim here.
posted by wilful at 9:33 PM on July 11, 2011

I heard on a radio story that you can be legally compelled to produce the key to a (physical) safe, but not the combination, if it's a combination lock. It made me go "What?"

Anybody know anything about that?
posted by rtha at 9:39 PM on July 11, 2011

Should a criminal be allowed to lock away evidence? A gun, a knife, kept in a safe?


This is addressed in TFA. Did you RTFA?

Think about this from the perspective of this person's victims, don't make Fricosu the victim here.

Think about this from the perspective of being innocent until proven guilty.
posted by hermitosis at 9:39 PM on July 11, 2011 [44 favorites]

If you're going with TrueCrypt's hidden volumes, make sure you read and mind their precautions/requirements page about it. It's not just as simple as "click, click, now no one can ever prove it!"
posted by introp at 9:40 PM on July 11, 2011 [1 favorite]

And oh hey, it's in NPR link.
posted by rtha at 9:42 PM on July 11, 2011

> Take the technology out of this and now imagine we are talking about a locked file cabinet.

Prosecutors tend to view PGP passphrases as akin to someone possessing a key to a safe filled with incriminating documents. That person can, in general, be legally compelled to hand over the key. Other examples include the U.S. Supreme Court saying that defendants can be forced to provide fingerprints, blood samples, or voice recordings.

Despite the modern aspects of computer technology, I don't see any difference between being forced to produce the contents of your computer and the contents of your safe. Whether access to the information involves giving up a password or the location of a mechanical key the effect on the rights of the individual would seem to be exactly the same.
posted by three blind mice at 9:42 PM on July 11, 2011 [2 favorites]

I'm a defense attorney type of... I don't know how to classify myself right now, but let's say Defense Attorney Type.

If I were a judge, I'd have to rule against this woman. Sorry.

The Fifth Amendment is sacred and exists to protect the state from taking away a defendant's soul, so to speak. What she is doing is obstruction of justice.

If not for the digital world, the analogous system would be that she has a really, really kick-ass safe. Assuming for this moment that she's been engaged in fraud, and that she hid all evidence of this inside a safe, and that safe is almost certainly, from an outside perspective, where any evidence would be hidden.

Legally, does it make sense that the evidence should remain hidden under constitutional grounds based on how secure the safe is? Of course not. The law could give a damn how secure the safe is. And that's how it should be.

Now, a sufficiently secure encryption system cannot be brute-forced even with the fully-resourced power of the sun behind it. (According to Bruce Schneier, anyway, who knows a lot more about encryption than me or almost anyone else.) Claiming this to be a Fifth Amendment privilege is claiming that as long as an alleged criminal used 256-Hex (or whatever) they are basically off-limits. This would be absurd precedent.

There is a very clear difference between being compelled to testify against oneself and not being permitted to hide away evidence.
posted by Navelgazer at 9:42 PM on July 11, 2011 [22 favorites]

The right to not self-incriminate is a pretty hard area of law. Basically, you're hiding evidence. Should a criminal be allowed to lock away evidence? A gun, a knife, kept in a safe?

It's actually not a hard area of law at all. It's in the constitution.
posted by verb at 9:44 PM on July 11, 2011

can be treated as analogous to physical 'keys' and demanded by prosecutors - essentially stripping away the right to remain silent

If prosecutors had the right to get into a filing cabinet or locked wall safe with paper versions of the same documents by demanding the key or forcing it open, then nothing has really changed, and nobody's right have been abridged, really. If she wanted security, she should have worked harder for it - storing her data on removable media and hiding it somewhere, or suchlike. This is more of a 4th amendment issue than a 5th amendment one, in my view, and her files are no more deserving of protection for being stored digitally than in printed form.
posted by anigbrowl at 9:44 PM on July 11, 2011 [5 favorites]

Despite the modern aspects of computer technology, I don't see any difference between being forced to produce the contents of your computer and the contents of your safe.

The article also says that one cannot be forced to turn over the combination to a combination lock. Is a password more similar to a key or a code?
posted by milestogo at 9:44 PM on July 11, 2011 [1 favorite]

It's actually not a hard area of law at all. It's in the constitution.

Surprise! Constitutional jurisprudence is hard!
posted by The World Famous at 9:46 PM on July 11, 2011 [19 favorites]

Surprise! Constitutional jurisprudence is hard!

Clearly, you don't know any fundamentalists.
posted by verb at 9:47 PM on July 11, 2011 [8 favorites]

Actually, the safe is a bad analogy. What if they found old school encrypted files in the safe, can they make me explain how to decrypt it?

One the other hand, the password just information in her head, just like her name or what she had for dinner yesterday. She would not have to respond to any of those questions. In this sense "tell us your password" and "where's the body" are similar questions.
posted by doctor_negative at 9:47 PM on July 11, 2011 [24 favorites]

Clearly, you don't know any fundamentalists.

Are you one, or do you agree with me?
posted by The World Famous at 9:47 PM on July 11, 2011 [2 favorites]

It seems like admitting that you know the password would be a form of self incrimination.
posted by wierdo at 9:48 PM on July 11, 2011 [6 favorites]

The law makes a very clear distinction between a physical thing (key, padlock, etc.) and a thought (combination, etc.).

Every time someone brings up the "this is like a locked safe" argument, present the parallel: this is like she wrote all her paperwork in a personal code. Can the state compel her to reveal her code scheme?
posted by introp at 9:48 PM on July 11, 2011 [14 favorites]

Think about this from the perspective of being innocent until proven guilty.

You're being unnecessarily aggressive, and a dill. The perspective you offer is the one on offer in the articles I "fucking" read. With a groupmind response here.


It's actually not a hard area of law at all. It's in the constitution.

verb, I don't beleive you, prove it.

Oh and you can have a go too if you like, The "World" Famous.
posted by wilful at 9:49 PM on July 11, 2011

you're hiding evidence. Should a criminal be allowed to lock away evidence? A gun, a knife, kept in a safe?

It's actually not a hard area of law at all. It's in the constitution.

Its incredibly difficult. Look up the cases. You don't need to be a lawyer to get a grip on the complexity.
posted by Ironmouth at 9:51 PM on July 11, 2011 [2 favorites]

Oh and you can have a go too if you like, The "World" Famous.

A go at what? And why the quotes? Who are you quoting?
posted by The World Famous at 9:51 PM on July 11, 2011 [7 favorites]

Every time someone brings up the "this is like a locked safe" argument, present the parallel: this is like she wrote all her paperwork in a personal code. Can the state compel her to reveal her code scheme?

That's an excellent presentation of the two opposing views here. Thanks for presenting it.
posted by Tell Me No Lies at 9:52 PM on July 11, 2011 [3 favorites]

I don't really see "locked filing cabinet" as a good analogy. In fact, I don't really see a need for an analogy at all. One can literally write encrypted information with pen and paper - the same information that could be stored encrypted on a hard drive.

If the government arrests me and seizes my papers -- my literal papers -- that they do not understand, am I legally compelled to help them figure it out? No matter whether if so or if not, what does the form that they are stored in -- handwritten paper or tiny magnets -- have to do with anything, really?
posted by Flunkie at 9:53 PM on July 11, 2011 [34 favorites]

Imagine a scenario where a suspect burned some papers. After an investigation, the police maintain that the evidence of the crime was in those papers and it was destruction of evidence. They demand that the suspect unburn the papers and turn them over. What's the legal situation here?

The analogy is something in real life wrt. passwords. It happens regularly, that I cannot write down a password, though I can through muscle memory enter it at the ATM. Or if asked for a website password, I can't give it, but through muscle memory I can type it in. Further - there are circumstances, where I simply blank out on a password, especially if it's one I have not used in a while, even if I've used it months ago on a daily basis. And further, sometimes under pressure, you can block out in your memory the password and truly be helpless.

Are the cops now going to hold me responsible because under pressure I forgot/blocked the password? And an investigation is huge pressure. This seems highly unfair.
posted by VikingSword at 9:53 PM on July 11, 2011 [11 favorites]

Also, see this lovely presentation from DefCon earlier this year by a lawyer, who knows the actual law, who shows that the situation is nuanced and the law is a patchwork of sometimes-conflicting decisions in various jurisdictions.
posted by introp at 9:53 PM on July 11, 2011 [11 favorites]

The fifth amendment prevents the government from compelling self-incrimination.

"I decline to answer your question on the grounds that the answer may serve to incriminate me."

She has every constitutional right to not tell them her password. The government, in the analogy of the safe or the filing cabinet, has the right to try to crack the safe (or come at it with a blowtorch).

If they want the data that's encrypted, they are free to attempt to crack it. She has the right to remain silent.
posted by chimaera at 9:55 PM on July 11, 2011 [13 favorites]

Its incredibly difficult. Look up the cases. You don't need to be a lawyer to get a grip on the complexity.

This is correct. Though I also don't think you need to be a lawyer to understand why this defense would never, ever be permitted under constitutional precedent. And as complicated as the law can be, it only takes a few words for the courts to make it crystal clear on matters such as this.

Writ Large: Physical locks can be broken. This kind of lock cannot be broken. The purpose of the fifth amendment is not to impede law enforcement nor to create loopholes for safe-keeping of evidence. Courts will be permitted to compel defendants to give up their passwords. Those who refuse may be cited for contempt. In the contempt proceedings, juries will determine the subject of fact as to whether the defendant simply forgot the password.
posted by Navelgazer at 9:59 PM on July 11, 2011 [2 favorites]

I'm no lawyer, but I'm pretty sure the government would compel you to open the safe if it was unbreakable. Self incrimination has limits, for instance as I understand it if the crime involves others you don't have a right not to incriminate them.

Imagine a home security system so good the police could never get in without your permission, is there no such thing as a legal search warrant anymore?
posted by furiousxgeorge at 9:59 PM on July 11, 2011

And yeah, I'm actually kind of a fundamentalist on constitutional freedoms.

(I'm not a Scalia-type originalist, I'm more of a [small-L] libertarian maximalist in that the government must show overwhelming need to perform any act that gets close to affecting the free exercise of one's rights.)
posted by chimaera at 9:59 PM on July 11, 2011

If you use TrueCrypt, you're going to need to play a turtles all the way down style of game involving multiple nested "hidden" volumes.

Basically, a hidden volume is detectable within an error margin that's high enough that straight-up deniability is implausible, so the best way to get away with it would be to have a a fake volume with other hidden volumes inside it. I would only bother with this for a very, very small amount of data, and I'd keep it hidden in a large sea of other files, or embedded in the ID3 tags of an mp3 or something like that.
posted by feloniousmonk at 9:59 PM on July 11, 2011 [2 favorites]

It seems to me that the right analogy is not, "Give us the key." It's, "Where is the key?" One is the production of a physical object, the other is the production of potentially incriminating information. However, it is also distinguishable from some other examples cited in this thread, such as, "Help us figure out your encrypted writings." There's a difference between asking for the one singular "key" (physical or digital) that unlocks the (physical or digital) file cabinet containing the documents, and asking for help interpreting the individual documents themselves.

I don't deign to know what this means in terms of present 5th Amendment jurisprudence but if we're going to be making these analogies it's helpful to be precise about them.
posted by dixiecupdrinking at 10:01 PM on July 11, 2011 [3 favorites]

Every time someone brings up the "this is like a locked safe" argument, present the parallel: this is like she wrote all her paperwork in a personal code. Can the state compel her to reveal her code scheme?

It is not. If she had a pile of encrypted paperwork, one might be frustrated without the code scheme but one would be able to reverse-engineer a good deal of it by looking at everything from the age of the paper and ink to the length and form of each encrypted document (ie, the same techniques that codebreakers use). Unless the scheme was unusually sophisticated, this might still yield enough information to to demonstrate a pattern of activity correlated with the defendant's suspected criminal behavior - thin evidence to be sure, but patience is an investigator's friend.

When the laptop or disk volume is password protected, then the whole thing is inside a locked box, preventing even the most rudimentary documentary analysis. On the other hand, if important documents were stored in a safe but no key or combination was forthcoming, with patience and effort the safe itself could be opened and the contents extracted and analyzed.
posted by anigbrowl at 10:01 PM on July 11, 2011

>>It's actually not a hard area of law at all. It's in the constitution.

verb, I don't beleive you, prove it.

You know, I'm happy to concede that there is a lot of complexity over what constitutes 'being forced to testify against one's self' versus 'turning over evidence that is in your possession.' But please keep track of the country that the case is happening in. The United States Constitution is the one involved in this case.


Its incredibly difficult. Look up the cases. You don't need to be a lawyer to get a grip on the complexity.

If I misunderstood the original poster's question, then I apologize -- it seemed that they were calling into question the existence of the defendant's Fifth Amendment protections, presupposing their guilt to justify their conclusion, and then linking to a copy of the Australian constitution when called on it.

I'm fairly confident that no matter how complex the issue is, The Fifth Amendment to the Constitution does, in fact, exist.
posted by verb at 10:05 PM on July 11, 2011 [2 favorites]

I also think it's worth a mention that the very attention this question (which is pretty specific and involves distinctions one might fairly call pedantic) is getting represents the American justice system at its best.
posted by dixiecupdrinking at 10:07 PM on July 11, 2011 [4 favorites]

One thing I've never understood about TrueCrypt's supposed plausible deniability via hidden volumes:

What does the hidden volume look like externally? I mean, I understand it looks like random data, but either:

(1) It looks like a file with random data, or

(2) It looks like an unused area of the disk with random data, or

(3) It doesn't look like anything - i.e. TrueCrypt hides it existence from the OS.

In the first case, "no, really, it's just a big file with random data" doesn't seem like it would do much to convince bad guys that you're not hiding a TrueCrypt volume.

In the second case, what's to keep it from being accidentally overwritten while it's not mounted? Obviously the answer is either "nothing" or "TrueCrypt"; the former doesn't seem like somewhere you'd want to put your data, since you're risking it being overwritten every time you use the unhidden volume, and the latter seems like plausible deniability completely goes out the window when the bad guy installs a simple program to see how much of the disk TrueCrypt will allow him to write data to.

In the third case, you have the same problems as the second case, plus the fact that the disk size as reported by the OS (under the influence of TrueCrypt) can easily be compared to the actual disk size as known from the model number and such. So again, plausible deniability is out the window - "You have a 200 GB hard drive, only 150 GB of it is visible, and you have TrueCrypt on it. Gee, maybe you have a hidden volume."
posted by Flunkie at 10:10 PM on July 11, 2011

sure verb, as long as you keep track of the fact that we're thankfully not all US citizens, and the legal issues exist outside of your bubble. Nowhere did I identify that this is a unique case that could only be considered in your jurisdiction. But I am used to the fact that many US mefites are completely blithe to the idea that there's a fully functioning world out there.
posted by wilful at 10:10 PM on July 11, 2011 [1 favorite]

I also think it's worth a mention that the very attention this question (which is pretty specific and involves distinctions one might fairly call pedantic) is getting represents the American justice system at its best.

Its not pedantic--this is the real world. No angels on the head of a pin. Almost nothing in the law is pedantic, becaus real people's rights are being trampled on.
posted by Ironmouth at 10:10 PM on July 11, 2011 [3 favorites]

But I am used to the fact that many US mefites are completely blithe to the idea that there's a fully functioning world out there.

There are better ways to deal with that than to make an oblique fuss about it in a thread and take weird potshots at other users. Please cut it out, or if you really need to talk about it go to metatalk.
posted by cortex at 10:14 PM on July 11, 2011 [19 favorites]

My understanding is that you can set it up to look like either 1 or 2, with the attendant problems you described. I think it's genuinely only plausibly deniable if you are assuming the other person is totally uninformed, unless the volume is so small that you're holding your bank passwords and that's it. I don't see how you could plausibly have an entire OS hidden on your machine. You might be able to have an entire OS with several other OSes inside it and maybe one of those has a much smaller hidden drive and that's where you keep your data, but that's not deniability, that's just hoping they'll stop looking and be satisfied with having found nothing, at some point.
posted by feloniousmonk at 10:15 PM on July 11, 2011

Er, that was in reply to Flunkie.
posted by feloniousmonk at 10:15 PM on July 11, 2011

Nowhere did I identify that this is a unique case that could only be considered in your jurisdiction.

You are aware, that we are talking about a case in Colorado, USA? Non-US precedent is not relevant, here.
posted by chimaera at 10:15 PM on July 11, 2011 [9 favorites]

I think the entire field of steganography and related techniques where an attempt is made to hide data even when ostensibly giving up a password, has always been developed under the shadow of rubber hosing. This latest development, is simply the government rubber hosing. The cat and mouse games will continue.
posted by VikingSword at 10:16 PM on July 11, 2011 [3 favorites]

I wouldn't even say rights are being trampled on here (at least not established rights.) People can be compelled to give over tons of things in discovery which they'd need to prove relevance for in an actual trial. For this to be totally kosher, yes, it needs to be via subpoena and obviously not at the orders of law enforcement officers. But that's really all you're going to need. A few things will still be privileged, but the defendant's attorney will be there to see to that.
posted by Navelgazer at 10:17 PM on July 11, 2011

Think about it this way. Revealing the password is admitting that the computer, USB disk, or whatever is in fact yours. That is a potentially incriminating admission.
posted by wierdo at 10:19 PM on July 11, 2011 [6 favorites]

anigbrowl: "It is not. If she had a pile of encrypted paperwork, one might be frustrated without the code scheme but one would be able to reverse-engineer a good deal of it by looking at everything from the age of the paper and ink to the length and form of each encrypted document (ie, the same techniques that codebreakers use). Unless the scheme was unusually sophisticated, this might still yield enough information to to demonstrate a pattern of activity correlated with the defendant's suspected criminal behavior - thin evidence to be sure, but patience is an investigator's friend."

You're failing to note the difference between possible and legal. We can travel down the rats-nest of examples or we can mind the fact that the state cannot legally compel you to be a witness against yourself. We can concoct ever-more-complicated schemes with regard to my throw-out example physical paperwork and a mind-held code ("let's say she completely destroys all her paperwork every evening and re-writes it in a new hand with no obvious sectioning, divisions, etc.") until I shout "reductio ad absurdum" and you shout "beyond the limits of absurdity": the woman's brain is a computer, the paperwork her hard drive, and her encryption key is still in her memory.

The courts will, in all likelihood, not decide this case on this pure logical exercise. My original post was merely to point out that for every neat, simple argument that the passphrase parallels a physical key (physical evidence, which is not protected by the Fifth Amendment), there is an equally neat, simple argument that the passphrase parallels a combination to a safe (testimony, which is protected).
posted by introp at 10:21 PM on July 11, 2011 [3 favorites]

for every neat, simple argument that the passphrase parallels a physical key...

See, I'm totally not able to give credence to that. If it were written down, it's physical evidence (subject to search and seizure). If the only place the information exists is in her mind, it's testimony (and protected from self-incrimination.

The physical evidence analogy fails because there is simply nothing physical to examine, except the contents of her mind itself, which enjoys complete protection.
posted by chimaera at 10:25 PM on July 11, 2011 [2 favorites]

Since wilful mentioned what the law is in Australia, here's the relevant section of the Commonwealth Crimes Act (the states have their own analogous powers):

3LA   Person with knowledge of a computer or a computer system to assist access etc.

(1) A constable may apply to a magistrate for an order requiring a specified person to provide any information or assistance that is reasonable and necessary to allow a constable to do one or more of the following:

(a) access data held in, or accessible from, a computer or data storage device that:

(i) is on warrant premises; or

(ii) has been moved under subsection 3K(2) and is at a place for examination or processing; or

(iii) has been seized under this Division;

(b) copy data held in, or accessible from, a computer, or data storage device, described in paragraph (a) to another data storage device;

(c) convert into documentary form or another form intelligible to a constable:

(i) data held in, or accessible from, a computer, or data storage device, described in paragraph (a); or

(ii) data held in a data storage device to which the data was copied as described in paragraph (b); or

(iii) data held in a data storage device removed from warrant premises under subsection 3L(1A).

[...]

(5) A person commits an offence if the person fails to comply with the order.

Penalty for contravention of this subsection: Imprisonment for 2 years.

Presented for context.
posted by robcorr at 10:26 PM on July 11, 2011 [1 favorite]

"It is more important that innocence be protected than it is that guilt be punished, for guilt and crimes are so frequent in this world that they cannot all be punished. But if innocence itself is brought to the bar and condemned, perhaps to die, then the citizen will say, "whether I do good or whether I do evil is immaterial, for innocence itself is no protection," and if such an idea as that were to take hold in the mind of the citizen that would be the end of security whatsoever."

John Adams
posted by Freen at 10:27 PM on July 11, 2011 [55 favorites]

For those asking about TrueCrypt's plausible deniability scheme (hidden volumes), the idea is this:
1. make a big encrypted file ("c:\foo.bin") with passphrase X; decrypting it will show the first few blocks to be a directory table, etc., and TrueCrypt can use that to have the OS present you a new drive letter (volume). Put a file in there "first" for an example.
2. at the very end of that encrypted data file foo.bin, place another directory table encrypted with passphrase Y
3. if you ask TrueCrypt to "open" the encrypted volume with passphrase X, it tries it, sees valid decrypted data and, voila, you have your new drive letter. You see the file "first" in there.
4. if you ask TrueCrypt to "open" the encrypted volume with passphrase Y, it tries the first block where things ought to be, realizes the data is garbage (doesn't look like a directory table!) so it goes ahead and tries decrypting the last bit of the data with that passphrase. It sees valid directory data now and goes ahead and treats that as what the OS needs and, voila, there's your new drive letter. Put a file "second" here for an example.

Provided that TrueCrypt is smart enough, in case 4, to always write new encrypted file stuff near the end of the encrypted volume file, then you can continue to decrypt the volume with "X" and see your original "first" file. Now, you have to be very careful if you use the "X" volume to not write too much; it doesn't know the rest of the volume file is important, so you could trash your "second." But you never mount "X", really, unless someone demands your encryption keys.

You: "okay, officer, it's X"
Officer: "Wait the heck. This is just a file named first which is a Justin Beber video. Where's all the records of your illegal activity? Give me the REAL encryption key!"
You: "Officer, you must be confused. That's the only key there is! Lo, I must keep my love of Justin Beber videos safe!"

Of course, this is all grossly simplified, and TrueCrypt hidden volumes are still vulnerable to some very specific attacks and analysis, but if you're interested in that much, see the TrueCrypt site and start there.
posted by introp at 10:34 PM on July 11, 2011 [13 favorites]

What does the hidden volume look like externally?

There's a helpful illustration on the hidden volume page. Basically when you make a Truecrypt volume you specify a size (say, 5Gb) and it creates an encrypted volume of exactly that size. You use the volume like any other drive when it's mounted, and you can have other, smaller encrypted volumes nested on it.

So if you're compelled to enter a password, you can do so. Investigators will then see a volume with some files on it, and what looks like empty space (random bits) filling up the rest of the space up to the size you specified when you created it. They can't know if there's another hidden volume (or six of them) somewhere in those random bits.

It's more complicated than that, and there are vulnerabilities, but I really can't imagine anyone other than Jack Bauer and Chloe getting through to whatever data one is really determined to hide.
posted by Thoughtcrime at 10:34 PM on July 11, 2011

There would be a violation of the 5th amendment basically any time an accused is forced to use the contents of their mind against themselves, this includes passwords, combinations, personal codes, algorithms only they understand, rare tribal languages, etc. I doubt the courts will reverse their ruling about safe combinations, which seemingly applies here rather transparently.

There were presumably requirements for financial record keeping. If those records aren't available, then Ms. Fricosu could be convicted of violating those laws. Are those lighter sentences than the fraud charges? Probably. Investigators might still piece together enough the fraud conviction though, meaning she'd do time for both charges. Isn't this when they work out some plea bargain?
posted by jeffburdges at 10:35 PM on July 11, 2011 [4 favorites]

Its not pedantic--this is the real world. No angels on the head of a pin. Almost nothing in the law is pedantic, becaus real people's rights are being trampled on.

Well. Maybe pedantic is the wrong word (and more disparaging than I mean), but I think that there are a lot of people who would think that the "is this more like this dissimilar thing or that dissimilar thing" analogizing that goes into the deciding of these issues is hair-splitting and overly academic. Personally, I think it's fantastic, but, more essentially I'm struck at times by how the law is one of the few refuges in American life where intensive, rigorous thought on small, precise matters actually does have a material impact on the lives of real people, and this is one of those times.

Or I don't know, maybe I'm drunk, hard to say.
posted by dixiecupdrinking at 10:36 PM on July 11, 2011

Oh FFS. Couldn't you find a story by someone besides Declan Mccullagh? What a troll. I blame him for the presidency of George W. Bush. He started the "Al Gore invented the Internet" meme.
posted by charlie don't surf at 10:38 PM on July 11, 2011 [5 favorites]

Metafilter: maybe drunk; hard to say.
posted by introp at 10:40 PM on July 11, 2011 [1 favorite]

feloniousmonk: Basically, a hidden volume is detectable within an error margin that's high enough that straight-up deniability is implausible

Do you have any source for this? Because you're basically saying hidden volumes are completely broken, and I can't find anything that substantiates that claim.

(Ordinary Truecrypt files are "sort of" detectable in that they look exactly like big files full of random data, which would otherwise be hard to explain. But hidden volumes are placed in the free space of an outer volume, which Truecrypt randomizes whether or not there's any hidden data.)
posted by teraflop at 10:40 PM on July 11, 2011

In fact, steganography differs greatly from plausible deniability, aka rubber hose cryptography. Steganography is about hiding important data, encrypted or not, inside less important unencrypted data. A plausible deniability scheme encrypts data in various layers that hide the 'depth' of the encryption.

An initial layer holds unimportant data, another holds potentially sensitive data, yet another even more sensitive data, etc, but some layers hold nothing but random noise. Ideally, an attacker won't know the difference between the different degrees of sensitivity nor how much space was allocated to randomness.

See MaruTukku.
posted by jeffburdges at 10:46 PM on July 11, 2011

The "if you were innocent, you'd have nothing to hide" argument rears its head, in a big way.

You are aware, I assume, that if you are innocent, you have no right to invoke the Fifth Amendment. You may not invoke without a good-faith belief that your testimony could incriminate you.
posted by Ironmouth at 10:47 PM on July 11, 2011 [2 favorites]

Also, if you are engaging in plausible deniablilty, you aren't invoking the Fifth. You're lying to the court.
posted by Ironmouth at 10:49 PM on July 11, 2011 [3 favorites]

You are aware, I assume, that if you are innocent, you have no right to invoke the Fifth Amendment. You may not invoke without a good-faith belief that your testimony could incriminate you.

Which brings us back to the question of whether a phrase that you've memorized would be evidence or testimony, doesn't it?
posted by verb at 10:51 PM on July 11, 2011 [1 favorite]

You may not invoke without a good-faith belief that your testimony could incriminate you.

That's not my understanding of the amendment -- the principle behind the bill of rights is that it specifies limitations on what the government can do, not limitations on what a person can do.

In this case, the fact that they are asking you a question the answer to which MAY incriminate you (even if you're totally innocent, but there exists an answer -- true or not -- that is incriminating) you have the right to decline answering the question.

The 5th amendment isn't just for people who are guilty to not incriminate themselves, but to allow any person (even the innocent) the right NOT to answer a question that could have incriminating answers.
posted by chimaera at 10:53 PM on July 11, 2011 [9 favorites]

teraflop, it's from TrueCrypt's site: "There are methods to find files or devices containing random data (such as TrueCrypt volumes)."

What I'm saying is that I don't buy "this random data that looks like a TrueCrypt volume totally isn't one" as plausible deniability. They claim that it is. To me, as a technical person, if I said to you "show me your encrypted data" and you said "I don't have any" but you have a file that could be a TrueCrypt volume, I wouldn't believe you don't have one.

I probably am not articulating this very well as it's been a long day, but ultimately, the deniability only seems to make sense in a case where someone isn't already aware that you have encrypted something that's illegal.
posted by feloniousmonk at 10:55 PM on July 11, 2011

In fact, steganography differs greatly from plausible deniability, aka rubber hose cryptography. Steganography is about hiding important data, encrypted or not, inside less important unencrypted data. A plausible deniability scheme encrypts data in various layers that hide the 'depth' of the encryption.

Actually, steganography is a broad term that also encompasses plausible deniability:

"In cryptography and steganography, deniable encryption is encryption that allows its users to convincingly deny that the data is encrypted, or that they are able to decrypt it[citation needed]. Such convincing denials may or may not be genuine. For example, although suspicions might exist that the data is encrypted, it may be impossible to prove it without the cooperation of the users. If the data is encrypted, the users genuinely may not be able to decrypt it. Deniable encryption serves to undermine an attacker's confidence either that data is encrypted, or that the person in possession of it can decrypt it and provide the associated plaintext."
posted by VikingSword at 10:55 PM on July 11, 2011

Otherwise, anyone invoking the 5th amendment would be presumed to be hiding guilt, legally.

I know that in the eyes of the public the invocation of the 5th is tantamount to an admission of guilt, but legally, innocent OR guilty, you have the right not to provide testimony regarding yourself.
posted by chimaera at 10:56 PM on July 11, 2011 [3 favorites]

There is more information on the Rubberhose/MaruTukku site and the original StegFS paper lays out the early history fairly concisely. Yes, rubberhose cryptography technically falls under the heading of stenography, as your hiding encrypted data alongside other encrypted data, but the algorithms are very different in practice.
posted by jeffburdges at 11:00 PM on July 11, 2011

Also, if you are engaging in plausible deniablilty, you aren't invoking the Fifth. You're lying to the court.

In order to stop it from exercising powers it does not actually have.
posted by one more dead town's last parade at 11:05 PM on July 11, 2011 [2 favorites]

feloniousmonk, you're misunderstanding. Yes, it's pretty obvious that the encrypted volume is an encrypted volume, but there's no way to tell how many encrypted volumes are nested within it. A 5Gb encrypted file can have one 100Kb text file on it and the rest just random bits. Or it could have 50 hidden volumes taking up 4Gb total, and the file law enforcement is looking for is hidden on volume number 26.
posted by Thoughtcrime at 11:06 PM on July 11, 2011

I totally get that, but at that point you're not relying on deniability, you're relying on them giving up having found nothing. I have a hard time imagining a lot of circumstances where that happens. It seems that it's really only plausible that I find nothing of interest if I don't understand what TrueCrypt is.
posted by feloniousmonk at 11:09 PM on July 11, 2011

However, this would totally prevent you from getting snagged in some trawling operation, so if that's the goal, I see no issue with it, but if the circumstances are you're being arrested for some computer related crime and have had your disks seized as part of that, and they're looking for something specific, I don't buy it.
posted by feloniousmonk at 11:11 PM on July 11, 2011

Here's the distinction people are looking for: Juries determine matters of fact. Judges determine matters of law.

Thus, a judge may compel a witness to provide evidence for discovery, though may also bar that evidence from trial. Responding to a subpoena with "well, it's password encrypted, so hah!" isn't going to get you anywhere. Because the contents within are likely relevant as a matter of law and that's all that matters at that stage.

This is different from talking to a cop. The cop is a likely material witness for the state. He deals in matters of fact. Anything you say to him or her can (and will, as they say) be used against you. Thus, such statements (if they are made in custodial circumstances) are testimonial. Because while it is presumed that the defendant will not be on the witness stand (due to the Fifth Amendment) it is presumed that the cop will be, and thanks to the party-opponent exception to hearsay evidence, they are free to repeat whatever you've said to them.

The Judge is not. If a judge ever said that they'd seen something in evidence, there would be an immediate mistrial. If a judge repeated something that a defendant said to him or her outside of the jury, there would be an immediate mistrial. For this reason, statements made to the judge, outside of the jury, are not testimonial. And if the prosecution brought the in, well, there'd be a mistrial.

Thus, the judge can determine whether the contents of your computer are likely to be relevant or lead to other relevant evidence. The judge can later deem those contents to be inadmissible. None of this involves testimony, because the judge is not the trier of fact.

Thus, the state may compel you to give up the password, but not bring up the fact that you told them your password at trial.

It's tricky, but that's how it is (or will be, very shortly.)
posted by Navelgazer at 11:11 PM on July 11, 2011 [18 favorites]

You guys are going the totally wrong direction with this plausible deniability argument. There are better ways to get around this problem of demanding your password.

I remember a proposal by Woz for location based encryption. Your laptop drive could only be decrypted in a specific location. The GPS coordinates were part of the key. Don't want a customs agent to decrypt your laptop at the border? Make it so it will only decrypt in a secret location (other than your home) at your destination. They can find all the data volumes they like, they will never decrypt it.

And I could think of other strategies. Use a time lock. Make it so your data can only be unlocked during a 10 second window, once a day. They'd have to know the time window was there, and constantly input the key all day long for 24 hours. Make it more even harder, use a long key that takes more than 10 seconds to input. Sure, they could demand the time as part of the key, but how would they ever know the time (or GPS location) was part of the key? Let them have your password. It won't do them any good.
posted by charlie don't surf at 11:17 PM on July 11, 2011 [10 favorites]

If it doesn't decrypt, then they'll assume you're lying about the password and the judge will hold you in contempt. Otherwise, you could just give them a fake password or say, "I don't recall."
posted by stavrogin at 11:28 PM on July 11, 2011 [2 favorites]

feloniousmonk, what would you do if you were a judge? Keep the suspect in jail for contempt even after he's given you the password to unlock the master volume just because you didn't find the incriminating evidence you "know" is on there? You have no way of knowing that there's another hidden volume somewhere on it.

I've got a Truecrypt volume that doesn't have any hidden volumes on it, it just has financial documents on it (tax returns, account information/passwords, etc.). But most of the volume is empty space. Reading your argument frightens me, because if a judge felt the same as you I might find myself in a jail cell indefinitely because they have a hunch there's something illegal in all those random bits.

Charlie don't surf, while those methods might work, I don't see how they're any better.
posted by Thoughtcrime at 11:29 PM on July 11, 2011 [1 favorite]

No, you really don't understand, feloniousmonk. You'll make sure they find stuff alright, bank account details, porn, sex videos with old lovers, evidence of adultery, evidence of mild tax evasion, etc. It'll get pretty juicy alright, but they'll never know whether another deeper layer exists because all that random noise might contain more encrypted information. And you could never prove that deeper layers don't exist yourself.

You could easily script trying all times of the day, or all likely latitudes and longitudes, charlie. Who says the OS accurately reports the location or time? You might try xoring your password with data produced by servers located in jurisdictions and/or hidden behind I2p or Tor hidden service urls. All those secret servers could verify various characteristics like the time of day or the originating IP address.
posted by jeffburdges at 11:32 PM on July 11, 2011

The deeper layers, well, that's up to the prosecution's skill to discover. They probably won't. If they do, they'll still be able to get the subpoena to uncover it, most likely.
posted by Navelgazer at 11:35 PM on July 11, 2011

Ironmouth: "Also, if you are engaging in plausible deniablilty, you aren't invoking the Fifth. You're lying to the court."

I've been told and advised that anything I might say to an authority figure might incriminate me; I've been given the impression that invoking the 5th at the beginning of a hostile interview is kosher.

At the end of the day everyone is guilt of something, aren't they?

This applies to data as well; while you won't find my membership card for a terrorist group, I might have an mp3 file on my computer I can't locate the original disc for.

It seems the important time to 'invoke' is when you ask for an lawyer; even lawyers do this when in the custody of the police. I've never been in custody, but I have friends that swear criminal lawyer fees were their best investment in their future.
posted by el io at 11:35 PM on July 11, 2011 [2 favorites]

el io: again, this is where it gets tricky, partially because in this case you (if you are the defendant) are NOT the one speaking. Your fifth amendment rights refer to testimony. What your lawyer is doing is on your behalf, and considered to be "you" legally, but is not testimonial. And the "jury" and the "court" are different things here. Saying nothing to the jury is protected. Most cases of Plausible Deniability would, in fact, by perjurous.
posted by Navelgazer at 11:40 PM on July 11, 2011 [1 favorite]

Ironmouth: You are aware, I assume, that if you are innocent, you have no right to invoke the Fifth Amendment. You may not invoke without a good-faith belief that your testimony could incriminate you.

Sorry, IANAL, but this can't be true. I thought one of the bedrock principles of the 5th Amendment is that you can't be forced to testify against yourself, and that when someone invokes the 5th the judge traditionally takes pains to inform the jury that taking the fifth is by no means an admission of guilt.

I believe Ironmouth presents as a lawyer here, but this just doesn't seem true. If you could only invoke the 5th if you were guilty or had reason to believe your testimony would incriminate you... wouldn't the fifth have no meaning? How on earth would the courts determine a valid invocation of the fifth, when the guilt or innocence of the defendent is the very reason the court exists?

Then again I'm maybe drunk, so it's hard to say...
posted by hincandenza at 11:42 PM on July 11, 2011 [5 favorites]

I do understand it, I'm saying that while I admit that it is possible that I fail to find what I'm looking for, I don't find it plausible. If I don't find what I am after on your encrypted volume, you may not have it, but since it's also possible that it's just further encrypted, I don't find it plausible that you aren't doing so, knowing that this is a publicly stated feature of the application that encrypted the initial volume. Once you open the door, I don't see why I wouldn't have the expectation that you've used all of the features of the app.

Honestly, from a legal perspective, I don't know what the correct course of action would be. I think this is an incredibly thorny issue.

I just wanted to throw it out there that, as someone who writes software for a living (although admittedly not this type of software) I don't find the plausible deniability argument viable.
posted by feloniousmonk at 11:44 PM on July 11, 2011

I am also unaware of any Good Faith provisions with the Fifth Amendment, and I'm a (not quite) lawyer myself. I don't know what that's about.
posted by Navelgazer at 11:45 PM on July 11, 2011

My understanding is that one of the most important reasons not to speak to hostile cops (sure, tell them what you saw at the car accident you witnessed) is that if you are innocent of anything you might be suspected of doing, any incorrect (intentionally, or flusteringly so) statement you might give, if held untrue in any way, could be seen as obstructing justice; lying to the cops is against the law.

The cops are allowed to mislead you, according to my understanding of the situation.

I'm happy to hear from more lawyers in this thread.
posted by el io at 11:52 PM on July 11, 2011

You are aware, I assume, that if you are innocent, you have no right to invoke the Fifth Amendment. You may not invoke without a good-faith belief that your testimony could incriminate you.

In what area of law do you practice?
posted by dirigibleman at 11:55 PM on July 11, 2011

el io. That is correct.
posted by Navelgazer at 11:55 PM on July 11, 2011

Ohio v Reiner (2001) 532 US 17:

This Court has never held, however, that the privilege is unavailable to those who claim innocence. To the contrary, the Court has emphasized that one of the Fifth Amendment's basic functions is to protect innocent persons who might otherwise be ensnared by ambiguous circumstances.

posted by robcorr at 11:59 PM on July 11, 2011 [12 favorites]

(and generally has logical reasons for what he says so wait for him to wake up for an explanation)
posted by furiousxgeorge at 12:05 AM on July 12, 2011 [1 favorite]

So there you go. Still not the distinction. It's a matter of what is testimonial and what is not. If a judge subpoenas the contents of your computer, it is not testimonial, and it makes no difference whether you encrypted it or not.
posted by Navelgazer at 12:07 AM on July 12, 2011

If a judge subpoenas the contents of your computer, it is not testimonial, and it makes no difference whether you encrypted it or not.

Exactly. Because the order is not to hand over your physical computer, but to produce to the court, in intelligible form, the information contained in the computer.
posted by robcorr at 12:11 AM on July 12, 2011

Public interests will be harmed ... ... a concession to her and potential criminals (be it in child exploitation, national security, terrorism, financial crimes or drug trafficking cases) that encrypting all inculpatory digital evidence will serve to defeat the efforts of law enforcement officers ...

I *love* how it's written up; they're not doing this because of the long nose of the law -- No! They're doing it to keep public interests from being harmed!

These mopes always pull out National Security! and Terrorism! and Child Exploitation! and (drum roll) Drug Trafficking! when they are trying to scare us into willingly accepting giving up more of our rights. It's utterly predictable, it'd be very funny except for the fact that it's not funny at all.

They bring out the biggest scary guns to shoot at gullible idiots watching the six pm news, knowing that if they jump up and down and bark about National Security! and Terrorism! and Child Exploitation! and Drug Trafficking! that people won't stop for a moment and consider that all this woman is being charged with -- and we don't have the slightest idea if she's guilty of course -- all she is being charged with is trying to hose a few bucks out of a few banks. Big deal. Go after someone/something important, go after the scum who have given those banks all the money needed to pay lawyers to keep throwing people out of the houses that this woman is then trying to squeeze her part out of also.

Totally different tangent here -- if it's a fairly small file, can't files be hidden in .jpg image files? I'm pretty sure I remember reading about that somewhere...
posted by dancestoblue at 12:32 AM on July 12, 2011 [1 favorite]

Woah,

Fell asleep there--and had a nightmare. Woke up to check this. I'm discussing inferences that the jury may draw here and when one has the right to claim the fifth.

In a civil trial, a jury may infer that the testimony of one who invokes the fifth may be adverse to a litigant and a jury instruction to that extent may be procured. In a criminal trial, the defense is entitled to a jury instruction that a failure to testify based on the fifth should not be used as evidence of guilt. However Carter holds, and every defense lawyer knows, that a judge may not control the actual inferences a jury takes and that a jury may actually make that inference anyway. This is why a defense attorney takes the decision to not testify strongly--a great many jurors are likely to assume that the person is guilty and can and will disregard such a jury instruction all the time.

Ok, back to my nightmare.
posted by Ironmouth at 12:54 AM on July 12, 2011 [3 favorites]

In the modern encryption realm, the password is not a combination, it's a hybrid key/combination than unlocks a mathematical algorithm that opens the lock.

Think of it this way: If you swallow a key, the cops just wait until you crap it out in jail and open the safe.

Here, they are simply doing the same thing, except they are saying "you keep the combination, just crap out the keys already, m'kay?"
posted by roboton666 at 12:54 AM on July 12, 2011

Well, clearly she shouldn't have used "I killed Cayley" as her pass phrase. Think ahead people.

Anyway, you should definitely use hidden volume crypto, (trivia: the first software to implement this was the rubber hose file system written by none other then Julian Assange et al.)

That way, the attackers will have no way of knowing and certainly not proving, that you decrypted the 'true' version. You can also keep blocks of random data sitting around, there shouldn't be any way of knowing if they are encrypted file systems or not.
posted by delmoi at 1:05 AM on July 12, 2011 [2 favorites]

Ironmouth, and I ask you seriously here because I trust that you have greater knowledge than I do, how does the fifth amendment apply to a civil trial in any way whatsoever? Like, at all?
posted by Navelgazer at 1:22 AM on July 12, 2011

Prosecutors haven't charged D because it's abundantly clear that there is a reasonable doubt about his guilt. P (the victim) sues D for damages, but need only show a preponderance of the evidence that D did the dirty deed. D may be deposed or testify, but need not admit to any criminal act for P's suit to succeed.

A similar case is how OJ Simpson was acquitted of criminal charges but then lost the civil suits brought by the families of the victims - although that differs slightly in that once acquitted, OJ could not be tried again for the same criminal offense.
posted by anigbrowl at 1:46 AM on July 12, 2011 [1 favorite]

I had this theory once that someone should come up with software that would provide a sort of encryption wherein you would enter one password and it would give you your real data--and if you entered another password it would give you a lot of really embarrassing but legal pornography.

Which of course would be less useful if people knew you could do that, I suppose. But I can't think of much else that would be easily explained away as something you wanted to encrypt in case of your parents/spouse/whatever acquiring your computer in the event of your untimely death/illness/kidnapping/whatever.
posted by gracedissolved at 2:16 AM on July 12, 2011 [1 favorite]

You could try a combination of biometric, timelock and GPS related jiggery-pokery that requires you to physically be in another country to unlock it.

"Yes officer, it can only be unlocked after a thoroughly enjoyable holiday for two weeks in the Bahamas. In fact, it also tests my blood alcohol level so pass us another beer."
posted by longbaugh at 3:18 AM on July 12, 2011 [3 favorites]

how does the fifth amendment apply to a civil trial in any way whatsoever? Like, at all?

When a witness in a civil trial is asked questions that would require him to admit to criminal conduct, the witness may exercise his fifth amendment rights. This is not at all uncommon. It can also be used when being asked to testify to Congress.
posted by Lame_username at 3:51 AM on July 12, 2011

If you could only invoke the 5th if you were guilty or had reason to believe your testimony would incriminate you... wouldn't the fifth have no meaning? How on earth would the courts determine a valid invocation of the fifth, when the guilt or innocence of the defendent is the very reason the court exists?

Pretty much. Bear in mind that the fifth amendment is the foundation of the Miranda right to remain silent during police questioning.

Also remember that it's possible for incriminating evidence to exist against an innocent person. If somebody who looks like me was captured on camera committing a murder, then for me to admit I was a block away at the time would tend to incriminate me, even if I really didn't do it.
posted by Holy Zarquon's Singing Fish at 4:10 AM on July 12, 2011 [1 favorite]

The "if you were innocent, you'd have nothing to hide" argument rears its head, in a big way.

You are aware, I assume, that if you are innocent, you have no right to invoke the Fifth Amendment. You may not invoke without a good-faith belief that your testimony could incriminate you.
posted by Ironmouth at 10:47 PM on July 11 [+] [!]

I'm not sure that's true, because the relevant phrase in the constitution is "nor shall be compelled in any criminal case to be a witness against himself".

It isn't a right that is constrained to the guilty. You don't take the fifth "on the grounds that it may tend to incriminate me", even though that's what everyone says. It is more simple than that, the words say that the accused has the right to not be compelled to testify.
posted by gjc at 4:37 AM on July 12, 2011 [4 favorites]

Let's name encryption schemes things like "DataSafe" and the GUI for them looks like a combination lock. Use a wheel mouse to turn the dial when you want to enter the combination. Just beat the courts over the head with the analogy.
posted by adipocere at 5:17 AM on July 12, 2011 [1 favorite]

lying to the cops is against the law

Is that true? My knowledge comes entirely from cop shows and detective novels, but one of the things they repeat is that is not true.
posted by yerfatma at 5:30 AM on July 12, 2011

Here's what I wonder, and what I suspect might be the outcome.

Scenario: You are accused of illegally downloaded some music.

Case1: You have a computer with an encrypted hard drive. The cops come a knockin' and take the laptop. They ask for the pass phrase, and you say no. Based on the "combination to a safe" theory, you can't be compelled to give up the passphrase.

Case2: After downloading the music, you start to feel paranoid and encrypt your laptop.

I'm betting that Case2 will become a loophole for the state. Where in Case1, you are doing your normal thing and not taking any actions out of the ordinary. In Case2, however, you are obstructing justice. You have functionally destroyed evidence.

(I'm looking at it from the shredding documents standpoint: if you routinely shred documents as the course of business, and have no reason to believe anyone wants those documents, you can't be held liable for destroying them. On the other hand, if you pull a George Bluth and call Kitty and tell her to start a shredding party when you see the Coast Guard boats coming, you will likely be found guilty of obstruction of justice. In other words, it comes down to intent.)

I am hoping the constitution prevails here. I think the point of the 4th and 5th amendments is to protect the citizens, innocent and guilty alike, from the government pushing them around and going on fishing expeditions. To be charged with a crime, there must exist probable cause. Which is some evidence that the person has done some illegal thing. It is nice, from the perspective of the State, if the accused happens to have retained some evidence of the crime that can be used against them. But that a threshold was created in the constitution that says that the state must be able to provide enough evidence to convict, regardless of the accused's cooperation. (Short of obstruction.)

So based on that, there oughtn't be a compelling reason to require citizens to give up passphrases. The state already must bear the burden of being able to convict the accused without any cooperation from them.
posted by gjc at 5:32 AM on July 12, 2011

lying to the cops is against the law

Is that true? My knowledge comes entirely from cop shows and detective novels, but one of the things they repeat is that is not true.

It's called "obstruction of justice" and/or "interfering with a police investigation," and yes, it's a crime.
posted by valkyryn at 5:37 AM on July 12, 2011

If you can only "take the fifth" if you have a belief that not doing so would incriminate you, then logically doing so would be an incrimination in itself.

And who could possibly judge if you did in fact have "a good-faith belief that your testimony could incriminate you?" To know that you'd have to be aware of what information was no being revealed.

As far as the original concept goes, I don't see it as analogous to a key. It's knowledge.

Imagine I'm a serial killer and have disposed of the bodies and a gun which would incriminate me in random places... The knowledge I have of where those bodies and gun are is protected. I can't be compelled to reveal that information.

In this case the files in the encrypted volume could be like those dead bodies. Or a smoking gun. She shouldn't be able to be compelled to reveal the 'location' of that evidence.
posted by sycophant at 5:38 AM on July 12, 2011

Here's the distinction: she's being asked to provide her password. She thinks she shouldn't have to, because the information it would reveal, she believes, might incriminate her.

But her knowledge of the password itself is not incriminating* so she does not incriminate herself by revealing it. Ergo, she can be forced to do that under penalty of being held in contempt.

*Though one can easily imagine a set of facts where it would, e.g. only three people know the password, and one of them killed the victim, so knowing the password is a Very Bad Thing, etc.
posted by valkyryn at 5:39 AM on July 12, 2011

Flunkie : (2) It looks like an unused area of the disk with random data

This (combined with 3, to some degree, in that it doesn't look like a partition table until you successfully decrypt it).


"You have a 200 GB hard drive, only 150 GB of it is visible, and you have TrueCrypt on it. Gee, maybe you have a hidden volume."

And there, you've nailed the real failure of not only TrueCrypt, but any hidden-volume configuration - Why the hell do you have a huge drive with so much unallocated space?

On the bright side, this has become more plausible recently, thanks to the growing popularity of "short stroking", which basically means throwing away half of your HDD to improve its seek performance. That won't apply to either volumes-in-a-file or to SSD/flash media, but to real physical spinning-disc HDDs, you could plausibly hide a second encrypted partition in the unused space (and, interestingly enough, still get the short-stroking benefit as long as you only access the encrypted data on occasion).

But yeah, even given the possibility of short-stroking, if you handed me a disk and I found anything more than one cylinder-boundary's worth of unallocated space, and it didn't contain all zeros, you can bet the farm that I'd throw every steganography-detection tool available at it.
posted by pla at 5:40 AM on July 12, 2011

If you can only "take the fifth" if you have a belief that not doing so would incriminate you, then logically doing so would be an incrimination in itself.

Logically, yes. Legally, no. Taking the Fifth cannot be used as evidence of guilt or even to imply guilt. It's as if the question was never asked.

Theoretically anyway. It still makes you look bad. But if there isn't enough evidence to convict you anyway, taking the Fifth won't tip the scales.
posted by valkyryn at 5:40 AM on July 12, 2011

lying to the cops is against the law

Is that true? My knowledge comes entirely from cop shows and detective novels, but one of the things they repeat is that is not true.
posted by yerfatma at 5:30 AM on July 12 [+] [!]

Lying to the police most certainly IS against the law. It is in the same category of obstruction of justice. You have the right to not speak or not admit to anything, but you don't have the right to lie.

(The exception to this is that you are free to say you aren't guilty of the charges, I'm pretty sure.)

That's where plausible deniability gets sticky. If you cannot be proven wrong and will not break under stress, you can get away with it.
posted by gjc at 5:43 AM on July 12, 2011

valkyryn : Though one can easily imagine a set of facts where it would, e.g. only three people know the password, and one of them killed the victim, so knowing the password is a Very Bad Thing, etc.

Hmm... Excellent point! I wonder if that could make a realistic defense - "One of the X people living in this house own the potentially-illegal contents of that encrypted volume. Knowing the password would strongly implicate me as that owner. Therefore, I cannot reveal even whether or not I know the password without incriminating myself."

Meh... Sounds great logically, but law does not equal logic.
posted by pla at 5:44 AM on July 12, 2011

Here's the distinction: she's being asked to provide her password. She thinks she shouldn't have to, because the information it would reveal, she believes, might incriminate her.

But her knowledge of the password itself is not incriminating* so she does not incriminate herself by revealing it. Ergo, she can be forced to do that under penalty of being held in contempt.

*Though one can easily imagine a set of facts where it would, e.g. only three people know the password, and one of them killed the victim, so knowing the password is a Very Bad Thing, etc.

Sorry, it doesn't work that way. The Fifth Amendment doesn't say a thing about the information having to be incriminating. What it says is that a criminal defendant does not have to testify- period. The contents of their brain are outside the scope of the case. As sycophant said earlier, if you make the Fifth Amendment the privilege solely of the guilty, you negate its entire effect.

Also, your logic doesn't work at all. If that password would lead them to potentially incriminating material, she would be incriminating herself by revealing the password.
posted by fifthrider at 5:47 AM on July 12, 2011

Logically, yes. Legally, no. Taking the Fifth cannot be used as evidence of guilt or even to imply guilt. It's as if the question was never asked.

Theoretically anyway. It still makes you look bad. But if there isn't enough evidence to convict you anyway, taking the Fifth won't tip the scales.

Indeed, perception is always an issue. In this case, for example, who can read it and not think "yeah, obviously there's some pretty damning information in there"...

But the statement was that only those who had something to protect could use it. As if it would be an offense in itself to claim the protections of the Fifth Amendment if there was actually no incrimination likely.

Given the perceptions it's probably reasonable that only people who having something to hide should use it, but there's no reason others couldn't.

Similarly if a cop ask in they can search your car - you can say now, but that's likely to make things go badly. It's probably easier to say yes if you do not in fact have anything to hide.
posted by sycophant at 5:48 AM on July 12, 2011 [1 favorite]

Meh... Sounds great logically, but law does not equal logic.

Actually, the law is mostly logical, it's just that it is very arcane and there is so much of it that it starts to get circular. And reality isn't logical. More importantly, one doesn't have to justify their assertion of 5th amendment rights. "I refuse to testify based on my 5th amendment right to not be compelled to be a witness against myself."
posted by gjc at 5:50 AM on July 12, 2011

[Revising my last post-]

On the same grounds, (namely, that she doesn't have to testify against herself, and stipulating that there must be a significant chance of incrimination negates the whole point,) she doesn't have to reveal that she knows the password, either.
posted by fifthrider at 5:53 AM on July 12, 2011

And there, you've nailed the real failure of not only TrueCrypt, but any hidden-volume configuration - Why the hell do you have a huge drive with so much unallocated space?

That's only if you set it up that way. Encrypting the whole drive solves that problem. As does using file containers within the filesystem. "Blueray.iso" or "old_hard_drive.gho" are perfectly normal files that might exist on a computer. Files that big get corrupted all the time...
posted by gjc at 5:54 AM on July 12, 2011

But her knowledge of the password itself is not incriminating* so she does not incriminate herself by revealing it. Ergo, she can be forced to do that under penalty of being held in contempt.

Not true. Revealing the password clearly demonstrates that she has control over the contents of the encryption container.

"Is this your laptop?"
"I'm not going to answer that on the grounds it may incriminate me"
"Okay then, what's the password to this file?"
"Oh, that's password123"

Clearly then she'd be incriminating herself with respect to anything found in that file and, even more broadly, anything else on the computer.
posted by sycophant at 5:56 AM on July 12, 2011 [1 favorite]

The amount of time being wasted in this thread on complete misunderstandings of TrueCrypt is staggering. Please, if you don't know what the fuck you're talking about, at least go read up on it before typing out paragraphs of uninformed text.
posted by odinsdream at 5:56 AM on July 12, 2011 [2 favorites]

Similarly if a cop ask in they can search your car - you can say now, but that's likely to make things go badly. It's probably easier to say yes if you do not in fact have anything to hide.
posted by sycophant at 5:48 AM on July 12 [+] [!]

Sadly, technicalities work both ways.
posted by gjc at 5:57 AM on July 12, 2011

Similarly if a cop ask in they can search your car - you can say now, but that's likely to make things go badly. It's probably easier to say yes if you do not in fact have anything to hide.

This is so very untrue.
posted by odinsdream at 5:57 AM on July 12, 2011 [1 favorite]

gjc : More importantly, one doesn't have to justify their assertion of 5th amendment rights. "I refuse to testify based on my 5th amendment right to not be compelled to be a witness against myself."

Tell that to Judith Miller.


That's only if you set it up that way. Encrypting the whole drive solves that problem.

Yes and no. Have you ever defragged your HDD and noticed the "before" graph of where all your files live? Real filesystems don't write selectively to the front of the partition, carefully avoiding any activity in the last 85% of it. But true, you at least wouldn't have a large block of suspiciously nonzero "unused" space on the drive.


As does using file containers within the filesystem. "Blueray.iso" or "old_hard_drive.gho" are perfectly normal files that might exist on a computer. Files that big get corrupted all the time...

Again, yes and no... Absolutely true, I've had more than one huge file go bad on me during a slow network transfer (particularly over wireless). But I wouldn't then just leave 100GB of garbage wasting space on my system, I'd do what I could to repair it, and then delete it if unsuccessful.


I suppose the real issue here involves what you want to hide. If just a few megs of incriminating photos, account numbers, emails, then yeah, you can successfully hide them just about anywhere. If you don't feel entirely safe that the DOJ won't randomly decide to start cracking down on CD ripping tomorrow, you might want to hide everything. And there, you run into problems.
posted by pla at 6:04 AM on July 12, 2011

This is so very untrue.

It shouldn't be true, but I think in many circumstances it is. People interpret a failure to comply as suspicious.

When I was a teenager I was hanging around with a friend who had been smoking. A cop approached us and said he'd had a report that a couple of kids might be smoking weed (neither of us was). He asked my friend if he could search his bag, my friend said yes. He found nothing. He asked me, I said "no, I do not want you to search my bag." He declared that my unwillingness to consent to a search was suspicious, and then invoked his rights, under legislation, to search me up the "reasonable suspicion" that I was in possession of controlled drugs.

I was not. However he, and by this time a few other officers, continued to harass us for another 10 minutes. Had I just said yes then I imagine we'd have just been able to carry on with no more trouble.
posted by sycophant at 6:04 AM on July 12, 2011 [1 favorite]

The amount of time being wasted in this thread on complete misunderstandings of TrueCrypt is staggering. Please, if you don't know what the fuck you're talking about, at least go read up on it before typing out paragraphs of uninformed text.
posted by odinsdream at 5:56 AM on July 12 [+] [!]

You have not made a point. What do you have an issue with?


Similarly if a cop ask in they can search your car - you can say now, but that's likely to make things go badly. It's probably easier to say yes if you do not in fact have anything to hide.

This is so very untrue.
posted by odinsdream at 5:57 AM on July 12 [+] [!]

The OP said "probably easier", nothing more. Which is, in fact, true. It is probable that it would be easier to let them search, knowing they will find nothing, than it is to make a stand and deal with all of the unpleasantness that can come from that.

You see, a right is something you are free to exercise or not. I have the right to *choose* whether I allow the search or not.
posted by gjc at 6:05 AM on July 12, 2011 [1 favorite]

this area of law is ridiculous - none of the words being used mean what anyone would assume they mean.

from the article: "No U.S. appeals court appears to have ruled on whether [the order to provide the password] would be legal or not under the U.S. Constitution's Fifth Amendment, which broadly protects Americans' right to remain silent."

this is the problem, we have these "rights," but the courts just keep determining the extent to which they do not apply. and eventually they come to mean nothing.

Think about it this way. Revealing the password is admitting that the computer, USB disk, or whatever is in fact yours. That is a potentially incriminating admission.

you're not "revealing the password" in front of a jury in a courtroom. the fact that the data was encrypted and you were compelled to provide the password will never be mentioned in your criminal trial. thus i cannot see how "revealing the password" would be considered "testimonial" and thus protected. i think it should be protected, but i don't see how the Supreme Court will protect it. as far as proving ownership, that will be done without submission of the fact that you knew the password.

The physical evidence analogy fails because there is simply nothing physical to examine, except the contents of her mind itself, which enjoys complete protection.

I cannot imagine this distinction will continue to hold. United States v. Doe (1987) appears to indicate in dicta that the fifth amendment issue is whether or not there is an attempt to force the defendant to "disclose the contents of his own mind." But those contents will still need to be "testimonial" to be protected. (So the cops can't ask you to explain how certain documents break the law or whatever, or ask you to provide only those documents that break the law, but they can ask you to provide all documents and make the determination themselves). If this is going to end well for criminal defendants, the SC is going to need to turn away from this "testimonial" line of cases and just outright say that criminal defendants cannot be compelled to provide any evidence against themselves (see the concurrence from Hubbell). The remainder of my post is just random quotes (in sequence) from the Supreme Court case I believe to be directly on point (United States vs. Hubbell (2000)). The text of the case is here: http://caselaw.lp.findlaw.com/scripts/getcase.pl?navby=CASE&court=US&vol=530&page=27

The term "privilege against self-incrimination" is not an entirely accurate description of a person's constitutional protection against being "compelled in any criminal case to be a witness against himself."

The word "witness" in the constitutional text limits the relevant category of compelled incriminating communications to those that are "testimonial" in character.

More relevant to this case is the settled proposition that a person may be required to produce specific documents even though they contain incriminating assertions of fact or belief because the creation of those documents was not "compelled" within the meaning of the privilege.

On the other hand, we have also made it clear that the act of producing documents in response to a subpoena may have a compelled testimonial aspect.

Compelled testimony that communicates information that may "lead to incriminating evidence" is privileged even if the information itself is not inculpatory.

It was unquestionably necessary for respondent to make extensive use of "the contents of his own mind" in identifying the hundreds of documents responsive to the requests in the subpoena.

BUT FROM THE HUBBELL CONCURRENCE: The Fifth Amendment provides that "[n]o person ... shall be compelled in any criminal case to be a witness against himself." The key word at issue in this case is "witness." The Court's opinion, relying on prior cases, essentially defines "witness" as a person who provides testimony, and thus restricts the Fifth Amendment's ban to only those communications "that are `testimonial' in character." Ante, at 6. None of this Court's cases, however, has undertaken an analysis of the meaning of the term ["witness"] at the time of the founding. A review of that period reveals substantial support for the view that the term "witness" meant a person who gives or furnishes evidence, a broader meaning than that which our case law currently ascribes to the term. If this is so, a person who responds to a subpoena duces tecum would be just as much a "witness" as a person who responds to a subpoena ad testificandum.
posted by lulz at 6:07 AM on July 12, 2011 [1 favorite]

gjc : More importantly, one doesn't have to justify their assertion of 5th amendment rights. "I refuse to testify based on my 5th amendment right to not be compelled to be a witness against myself."

Tell that to Judith Miller.

She wasn't being compelled to be a witness against herself, she was being compelled to be a witness against someone else. Which she does not have the right to refuse. (Or at least, she has the right to refuse and accept the consequences of that refusal.)
posted by gjc at 6:08 AM on July 12, 2011

"He declared that my unwillingness to consent to a search was suspicious"

This is very illegal (in my limited understanding of 4th amendment issues).
posted by bashos_frog at 6:09 AM on July 12, 2011

Two-factor authentication is a common security practice requiring both something you have (a physical key) and something you know (a password) to gain access to a system. Anyone who's ever had to attach an RSA/SecurID fob to their keychain will be familiar with this.

It would seem that the legal system also makes this distinction, in that you can be compelled to surrender something you have (a safe key), but not something you know (a safe combination). So the question for the court will be which category a password falls into. In my mind, it is obviously "something you know".

It's all sort of ridiculous, though, because it's easy to convert between a physical key and a password. The safe combination precedent, if it stands, will just cause everyone to invest in passwords instead of keys. With safes, it was no big deal because you can just cut them open. Hard disks not so much.
posted by qxntpqbbbqxl at 6:10 AM on July 12, 2011 [1 favorite]

It's an interesting question. Currently, they can compel you to hand over the PGP key, but if you haven't written down the password, they cannot compel you to reveal it. The tactic of 'We don't want the key (testimony), we want the evidence (files) unencrypted' is really the point of the question. Password protected encryption keys, with the password kept in your head, definitely blur the line between the key that opens the safe and the combination that does so. The law, it seems, isn't ready for two factor authentication -- can the police compel you to deliver up your SecureID fob, but then not compel you to give up the PIN?
posted by eriko at 6:11 AM on July 12, 2011

There are compelling arguments on both sides here. But, for my money, the John Adams quote puts the idea of the 5th amendment in a clearer light for me. The intention of the Constitution is to make life difficult for the government; not to make them impotent, but certainly to make them jump through hoops when interfering in personal lives.

My feeling is this: if the government's case depends solely on what's on that computer, then maybe their case is not compelling enough.
posted by Benny Andajetz at 6:14 AM on July 12, 2011 [3 favorites]

physical evidence was seized. If I understand it, a password is not a physical item and cannot be seized. Cannot the authorites search the computer without the password?
posted by clavdivs at 6:16 AM on July 12, 2011

...can the police compel you to deliver up your SecureID fob, but then not compel you to give up the PIN?

In a word, yes. You can't lie, but you don't have to say anything to help them, either.
posted by fifthrider at 6:17 AM on July 12, 2011

Cannot the authorites search the computer without the password?

Oh absolutely. They're just going to be searching for a while.
That said, of course, there's never been any way to search inside someone's head (save for torture, which is naturally corrosive to a free state) either, which is just as it should be.
posted by fifthrider at 6:21 AM on July 12, 2011

That's only if you set it up that way. Encrypting the whole drive solves that problem.

Yes and no. Have you ever defragged your HDD and noticed the "before" graph of where all your files live? Real filesystems don't write selectively to the front of the partition, carefully avoiding any activity in the last 85% of it. But true, you at least wouldn't have a large block of suspiciously nonzero "unused" space on the drive.

That's true for a hidden container. I meant primary encryption, where you need to enter the passphrase before the OS will boot.

Although, there is probably a way to have a functionally hidden container, and have it work most of the time. You have a small-ish file on the filesystem that is the "fat" for the hidden container, and only use unallocated blocks for the bulk storage. You'd probably have to use some kind of data duplication, like a quasi-RAID at the block level, so that all the encrypted blocks are redundant. You have your magic-crypt program hook itself into the OS and have it act as a sort of "sweeper" (like in curling) that watches the OS for writes, and moves the encrypted blocks around to get out of the way of OS writes and maintain redundancy. You'd manually launch the driver, with a password, right after booting up. If the computer gets into unauthorized hands, they won't launch the driver and your data *might* get messed up, but more importantly, there is little to no evidence of anything funny going on.
posted by gjc at 6:23 AM on July 12, 2011 [1 favorite]

I remember a proposal by Woz for location based encryption. Your laptop drive could only be decrypted in a specific location. The GPS coordinates were part of the key.

Easy to break. Find out how the GPS receiver sends in the coordinates (in most cases, NEMA sentences) and send in the one that "move" the laptop to where it will decrypt. If they've been following you because you were a suspect, they just put in somewhere you repeatedly showed up at and used the notebook.

Or, fancier, is to have a box that you can spoof GPS signals with to do the work.

Make it so your data can only be unlocked during a 10 second window, once a day.

Easy to break -- change the clock. If it's using an external clock, make that clock source lie.

Remember: A good crypto system is unbreakable if the attacker knows *everything* about the system and its use *except* the key.
posted by eriko at 6:23 AM on July 12, 2011

Remember: A good crypto system is unbreakable if the attacker knows *everything* about the system and its use *except* the key.

I believe the S.O.P. is three very simple steps: 1. Who are you? 2. What do you know? 3. What do you have?
posted by Benny Andajetz at 6:28 AM on July 12, 2011

What it says is that a criminal defendant does not have to testify- period.

The question then is whether a password constitutes "testimony."

There's a good argument, which has been made above, that it does not.
posted by valkyryn at 6:29 AM on July 12, 2011

lulz: your analysis seems right, but I think the answer comes down to this. In a criminal (or civil, I assume) case, everything comes down to the trial, and everything must be sworn to and testified in. If a hard drive is evidence, you'd need someone to testify that "pursuant to a warrant, I seized the hard drive in question, and this here is that hard drive". Or, in the case of an admission of guilt, someone would have to say "yes, I heard so-and-so say that".

Since it is pretty well established that allowing the police to force someone to answer questions is functionally equivalent to forcing them to testify, so would be allowing the police to force someone to reveal a password.
posted by gjc at 6:32 AM on July 12, 2011

Another fun way to drive this thing right into the Fifth is making your passphrase itself incriminating. "Your Honor, my passphrase is 'IBlewUpTheHornerBuilding'."
posted by adipocere at 6:35 AM on July 12, 2011

Everyone who claims that it's identical to providing the key to a safe simply doesn't understand how encryption works.

I'm sorry, but it's true.

If I put some documents in a safe, they're still there, regardless of whether or not the safe is locked.

If I encrypt some documents and delete the originals (or use something like TrueCrypt, where an unencrypted copy is never stored on disk in the first place), they no longer exist in a readable form to anyone but the keyholder. They literally don't exist anymore. This isn't the movies where the hero can somehow "bypass the encryption" and "retrieve" the files -- they aren't anywhere to be retrieved, and there's nothing to bypass. I can re-create those documents by combining the encrypted data -- which, on its own, is virtually no different than random noise -- with my key.

So really the question before us is this: should a citizen be forced to re-create incriminating evidence when demanded to by law enforcement or the courts?

Personally, I think that's a pretty clear-cut Fifth Amendment issue, don't you?
posted by -1 at 6:39 AM on July 12, 2011 [6 favorites]

lying to the cops is against the law

Is that true?

As noted, yes, it is. Remember, however, that the police are under no restriction from lying to you. They do so routinely, and are never criticized for it. For that and other reasons, the best thing you can do when the cops start asking you questions is to assert your right to remain silent and get a lawyer involved. They cannot distort your statements if you didn't make any.
posted by Kirth Gerson at 6:40 AM on July 12, 2011

Another fun way to drive this thing right into the Fifth is making your passphrase itself incriminating. "Your Honor, my passphrase is 'IBlewUpTheHornerBuilding'."

Relevant
posted by fifthrider at 6:41 AM on July 12, 2011 [1 favorite]

Since it is pretty well established that allowing the police to force someone to answer questions is functionally equivalent to forcing them to testify, so would be allowing the police to force someone to reveal a password.

Really unconvinced by that. Forcing a suspect to unlock a safe is basically the same thing, as the police may simply as "Where is the key?" That's a question that needs to be answered, and a judge can issue such an order.
posted by valkyryn at 6:45 AM on July 12, 2011

Remember: A good crypto system is unbreakable if the attacker knows *everything* about the system and its use *except* the key.

True, but in those situations the attacker does know the key. The ease of acquiring said key just shows why an esoteric system of hoops to jump through before you can release the data is usually inferior to just using a strong encryption setup with a good key.
posted by Holy Zarquon's Singing Fish at 6:46 AM on July 12, 2011

Everyone who claims that it's identical to providing the key to a safe simply doesn't understand how encryption works.

I'm sorry, but it's true.

Everyone who thinks that electronic encryption specifically and the internet in general somehow presents a new, untested, and largely unregulated realm for the law simply doesn't understand how the law works.

I'm sorry, but it's true.

The legal system is generally under the assumption that making something electronic is of absolutely zero legal significance. It may pose technical issues, but the basic response to those is basically to order the tech guys to do their thing.

In short, the fact that a suspect has chosen to encrypt her files doesn't matter at all. If they're the kind of things that she could be forced to produce in hard copy, they're the kind of things she can be forced to produce electronically.

End of story.
posted by valkyryn at 6:48 AM on July 12, 2011 [6 favorites]

Really unconvinced by that. Forcing a suspect to unlock a safe is basically the same thing, as the police may simply as "Where is the key?" That's a question that needs to be answered, and a judge can issue such an order.

Not to the defendant they can't. Imagine if you were on trial for murder and the judge ordered you to tell him where the body was. How would you answer that?
posted by fifthrider at 6:48 AM on July 12, 2011

Bad analogy. She's not on trial for owning the computer.
posted by Holy Zarquon's Singing Fish at 6:58 AM on July 12, 2011

If I've learned anything from this thread, it's that anyone, on any side of this issue, who says "This is a simple issue: the answer is [blah]," is incorrect.
posted by rtha at 7:06 AM on July 12, 2011 [4 favorites]

What is needed is an encryption system that supports two different passwords/encryption keys. The first key decrypts the data as usual and let's you access it. The second key is of the same form and size as the first, but is generated based on the first key. When the second key is applied to the encrypted data, it destroys it.

So when they ask for the key, you give them the second one, and they destroy the data themselves.
posted by Pastabagel at 7:12 AM on July 12, 2011

Not to the defendant they can't. Imagine if you were on trial for murder and the judge ordered you to tell him where the body was. How would you answer that?

Knowing the location of the body, something the police do not have in their possession, is different than being ordered to unlock files that the police do have in their possession. The type of lock is irrelevant.
posted by valkyryn at 7:12 AM on July 12, 2011

Bad analogy. She's not on trial for owning the computer.

Not a bad analogy at all. Both involve information that the may or may not know that could potentially incriminate them. In neither case can the court prove that the defendant knows this information, either. You can't force a defendant to speak. There's no wiggle room there.

Here's another one for you to chew on: why is it that we don't charge people for perjury every time they are found guilty after pleading innocence? Answer: defendants have no obligation to testify under oath against their case.
posted by fifthrider at 7:12 AM on July 12, 2011

So when they ask for the key, you give them the second one, and they destroy the data themselves.

That would actually be a crime.
posted by valkyryn at 7:13 AM on July 12, 2011

Knowing the location of the body, something the police do not have in their possession, is different than being ordered to unlock files that the police do have in their possession. The type of lock is irrelevant.

This whole "lock" analogy is deeply flawed. The police don't have copies of your files. They have an algorithm that makes copies of your files using a piece of information that you have memorized. You are under no obligation to turn over the contents of your mind.
posted by fifthrider at 7:16 AM on July 12, 2011 [1 favorite]

It's not a key, it's a description of how the locksmith should build the key. You can't compel someone to share a description of something, especially if it incriminates them.

What if she genuinely forgot the password?
posted by East Manitoba Regional Junior Kabaddi Champion '94 at 7:17 AM on July 12, 2011

You can't force a defendant to speak. There's no wiggle room there.

Right. And the First Amendment is an absolute bar on the ability of the government to restrict expressive conduct, right?

Wrong. No constitutional protections are absolute, as they all implicate not only other rights, but critical functions of government. You can't yell "Fire!" in a crowded theater. You can be penalized for engaging in libel or slander. You can't produce child pornography. You can't transmit classified information. All of these are "speech," and none of them are protected by the First Amendment.

Similarly, the general rule is that defendants cannot be forced to testify. But the right is not absolute to the point that they cannot be compelled to provide any information at all. They can be forced to provide a DNA sample, fingerprints, a urine sample, etc. They can be forced to submit to examinations, both physical and psychological, and don't that one require speech. They can be deprived of personal property, such as keys, and said property can be used in the investigation of the case.

And they can probably be forced to reveal passwords to electronic devices the police have in their possession. Can they be forced to reveal the location of said devices? No, the cops have to come up with that on their own. But I see no reason why the Fifth Amendment should preclude a demand for the password.

why is it that we don't charge people for perjury every time they are found guilty after pleading innocence? Answer: defendants have no obligation to testify under oath against their case.

No, that isn't the answer. The answer is that we've recognized an exception to the perjury doctrine for maintaining one's innocence.
posted by valkyryn at 7:20 AM on July 12, 2011

The police don't have copies of your files. They have an algorithm that makes copies of your files using a piece of information that you have memorized.

You fail to grasp the concept of "constructive possession".

What you describe is possession.
posted by valkyryn at 7:23 AM on July 12, 2011

Not a bad analogy at all. Both involve information that the may or may not know that could potentially incriminate them.

In the murder case, whether you know the location of the body has not been proven. That is the entire point of the trial. Here we have a computer that you do in fact own, which makes it a much lower bar to clear to convince the court that you have the key.

(All of this assumes that the "key" analogy controls, instead of the "combination" analogy. Otherwise there's no debate, and what fun is that?)
posted by Holy Zarquon's Singing Fish at 7:25 AM on July 12, 2011

What if providing the key would incriminate you but not for what you're accused?

For example, say you're accused of a murder that you did not commit. However, your encrypted partition contains evidence you cheated on your taxes.

What if by providing the key you are breaking the law?

Again, you're accused of a murder you did not commit. However your encrypted partition would illegally disclose other people's information protected by, e.g., client/attorney or doctor/patient privilege or state secrets?.
posted by digitalprimate at 7:30 AM on July 12, 2011

Again, if the police arrest me and seize my papers, which I have written in cipher, am I legally obligated to tell them how to break the code?

I imagine that there might even be judicial precedent on this, perhaps even from the nineteenth century. And I don't really see how it being written down on paper or stored on a hard drive makes a difference.

To be clear, I am not rhetorically asserting something. I am genuinely asking that question.
posted by Flunkie at 7:34 AM on July 12, 2011

Can any lawyerly types confirm this quote from the article:

You can be compelled, according to Supreme Court precedent, to turn over the key to a safe. But you can't be compelled to turn over the passphrase or, that is, the combination to the safe.

If keys are not protected but combinations are then it would seem a pass phrase is protected. If, for instance, you were to use a flashdrive as a key then that would be different but if the Supreme Court has already ruled you can't be compelled to give up whats in your head (a combination) how is a password any different?

On another point, this is a laptop password which I'm assuming means either a bios password or a Windows password, aren't both of those beatable schemes?
posted by Bonzai at 7:35 AM on July 12, 2011

I think the really interesting thing is the relevance of the combination lock analogy. In my mind this issue with people using that to argue against being compelled to deliver the password is a physical combination lock can be worked around - it can be forced open. A better analogy is being forced to reveal a cipher.

(but then couldn't they force the third party creator to reveal that given it is not self-incriminating)

anywhoo interesting as hell, and I gotta agree with rtha. Anyone who says its simple or obvious isn't paying attention.


What if providing the key would incriminate you but not for what you're accused?


I thought a warrant only allowed for examination of materials related to the crime you are accused of?
posted by JPD at 7:37 AM on July 12, 2011

valkyryn That would actually be a crime.

Sure, but they'd have to prove it happened. The way I'd do it is I'd have the incriminating data and a bunch of porn and when I enter in the second password it deletes the incriminating data and leaves the porn (thus providing me with a reason for having encrypted data in the first place).

Of course, if they actually go and scan the hard disk they would likely be able to determine that something was deleted and then I'd be in real trouble.

So, yeah. Don't do that.
posted by It's Never Lurgi at 7:37 AM on July 12, 2011

So it comes down to this being a discovery thing, not a testimony thing? Is that right?

Discussions about the law can be so frustrating on metafilter. Between the activist laymen and the disingenuous lawyers, it's so hard to get a good understanding of how this stuff actually works. All the vocal commenters are much more invested in winning the argument than conveying nuance.
posted by ryanrs at 7:37 AM on July 12, 2011

Isn't the whole encrypted laptop a complete red herring?

If you're being investigated, the government can say: Give us all your financial records or be held in contempt of court.

It doesn't matter if the records are locked in a safe, hidden under your bed, in a filing cabinet in London, or encrypted on a laptop. You have to hand them your financial records or be held in contempt.

Or so I thought. Is that wrong?
posted by straight at 7:42 AM on July 12, 2011

Let's reframe this: They have the encrypted data, you have the key.

On one hand, Group A says the the defendant shouldn't have to turn over the key on 5th amendment grounds.

Group B says it's like a locked filing cabinet, for which the law says you can be compelled to turn over the key.

To Group A: if it actually was a locked filing cabinet, and you refused to turn over the key, or lost it, the cops could break into it right? So if we are talking about encryption, the equivalent would be giving the cops the authority to try to crack your encryption password. Are you okay with this?

I can see you smiling oh-so-cleverly, because you know that with the right encryption, it could take literally a billion years to crack it, right?

I hope you enjoy sitting in jail, without bail, pending trial while they crack your AES256 password. They may never convict you of the crime, they may never even try you, but that doesn't mean you get to walk away either.

6th Amendment, meet 5th Amendment.
posted by Pastabagel at 7:44 AM on July 12, 2011 [1 favorite]

The password was a random 64 character string of on a piece of paper by the computer. The police entered that into evidence, right?
posted by ryoshu at 7:48 AM on July 12, 2011 [1 favorite]

Pastabagel, that reads to me like "Group A says one thing. Group B says another. To Group A: Let's take as an assumption from here on that Group B is right. Are you OK with that?"
posted by Flunkie at 7:51 AM on July 12, 2011 [4 favorites]

You fail to grasp the concept of "constructive possession".

What you describe is possession.

No, I'm afraid you've got that backwards as well. For as long as the police don't have the encryption key, they don't have the ability to take control of the data 'stored inside' that 'vault'- PGP is, to the best of our knowledge, unbreakable. Therefore, they don't have possession of anything. In fact, there isn't anything, strictly speaking to possess: the data they have can be treated as an otherwise meaningless mnemonic device for remembering information that you yourself know- albeit an extremely complex one. In a sense, by memorizing her password, Ms. Fricosu has memorized her files.
posted by fifthrider at 7:52 AM on July 12, 2011

In a sense, by memorizing her password, Ms. Fricosu has memorized her files.

If you tried to make that argument in court, I think the judicial response would be "Don't be silly."

Which is what I'm tempted to say here. You're so caught up with the technical side of things that you're forgetting that the legal system just doesn't give a damn. The legal system is doing everything in its power to make the kind of distinctions you're trying to draw go away completely.
posted by valkyryn at 7:55 AM on July 12, 2011

The frustrating part of these conversations is that the comments seem to be come from three very different places: (1) the judge camp (or more accurately the judge/congressman camp) who want to discuss what the law should be; (2) the lawyer camp, who want to discuss what he law is; and (3) the criminal camp, who want to discuss how to game the law. And there is so little cross-over between them.

A lawyerly question: if there is a 5th Amendment issue here, could the idea of providing limited immunity to avoid those claims for the password, as mentioned in first link in the post, work? Could the prosecution grant immunity for the password without offering immunity for the contents protected by the password?
posted by rtimmel at 8:00 AM on July 12, 2011

fifthrider, I think he meant not that the police have constructive possession but that Ms. Fricosu has constructive possession.

Constructive possession appears to be a legal term for, Yeah, yeah, technically you don't "have" the files, but actually, you do have them, so hand them over.
posted by straight at 8:00 AM on July 12, 2011

The legal system is doing everything in its power to make the kind of distinctions you're trying to draw go away completely.

Sure, they're trying. And, considering how royally hosed our current SCOTUS is, they might just make some blanket judgment and obliterate the Fifth Amendment in the process. But the mere fact that they could do that doesn't make it right. Courts make wrong calls all the time- look at Bowers v. Hardwick or Dred Scott v. Sandford, for instance. And as much as it pains me to make a slippery slope argument, one seems almost warranted here: if you decide that courts can indeed make defendants testify on information that they know that could harm them, then how exactly can the Fifth Amendment continue to function?
posted by fifthrider at 8:03 AM on July 12, 2011 [1 favorite]

if you decide that courts can indeed make defendants testify on information that they know that could harm them,

I thought the whole "not fifth amendment" argument was predicated on the court not considering a password "testimony"
posted by JPD at 8:07 AM on July 12, 2011

I'm curious about the hidden volume and the law. Let's stipulate that the law has the right to compel the password, just for the sake of discussion. The law has found your lovely 50 GB .tc file full of apparently random crap. You have an extra hidden volume. You're reasonably clever, so the main volume has materials which are marginally legal or perhaps very embarassing, so that it would appear there was a reason to encrypt it.

1) What proof do they need to prove it is an encrypted volume and not something else?

2) Lets say you have been observed using the encrypted volume, so they can prove (well enough) that it is encrypted. They compel you to produce "the password". You provide the main one and remain silent about the other. Is this perjury (legally, not ethically or the like)?

3) If they ask, "Are there hidden volumes in this volume", are you compelled to answer?

4) If you have been keeping this volume off-site and disavow ownership and access, how can you be compelled to give the password? I suppose this goes to (1); if you claim it isn't yours, then having the password would incriminate you. So I presume they have to have reasonable proof it was yours. The judge makes that determination?
posted by Bovine Love at 8:08 AM on July 12, 2011

It's a lottery which way this is going to come out.

The law and the Constitution do not speak clearly enough to decide. Case law has fallen on both sides of the issue. Legal formalism has failed: there is no answer just lying around in plain sight, nor can it be found by logic and/or analogy.

So it becomes a political, not a legal question. If it goes all the way to a Supreme Court decision, it just becomes a question of how the votes fall. Given the current court, I'd hazard a guess that state power will trump individual rights.

I used to believe in legal formalism until I went through a five year case that ended up in the state supreme court. And when push came to shove, it was a political decision of state power over public accountability. If it's a cut-and-dried situation, formalism works. The rest of the time, it's just an exercise in political power.

This situation is one of the latter.
posted by warbaby at 8:10 AM on July 12, 2011 [1 favorite]

I'm curious about the hidden volume and the law.

Pretty much every statement you're having them solicit would count, at least under traditional definitions, as testimony. If there are criminal charges against you, you don't have to answer those kinds of questions. If there aren't criminal charges against you, they likewise have no way of compelling you to reveal that information.

A more interesting case is if the data is relevant to someone else's trial, and you've been subpoenaed. In that case, you could still plead the Fifth regarding the contents, but you would most likely have to reveal the documents relevant to the case with the guarantee that they couldn't be used against you.
posted by fifthrider at 8:13 AM on July 12, 2011

fifthrider: it's very simple, they'll just redefine "testify" so they get the result they want. Happens all the time.
posted by warbaby at 8:14 AM on July 12, 2011

@warbaby-

Sadly, that's exactly what I'm expecting to happen. I'm just hoping that I'll get to be there when they overturn whatever dumbass ruling comes out of the Roberts court.
posted by fifthrider at 8:15 AM on July 12, 2011

The legal system is doing everything in its power to make the kind of distinctions you're trying to draw go away completely.

He's completely correct about this. The courts are trying very hard to extend laws from the physical realm into the digital realm, and this is a generally good idea wherever possible if one would like to avoid the vagaries of creating two different systems of law and then another system to govern their intersection, but should the metaphor be stretched too far, it will break. Some things digital are different.
posted by adipocere at 8:17 AM on July 12, 2011

In short:

The encrypted data is not the issue-- it is the password, which is a form of knowledge, which hitherto has been protected by court precedent and practice. Compelling access to thoughts and memories is a power that has been denied to governments for reasons that should be obvious-- it could be used to make thought control legal, for instance, should such a technology ever become feasible.

Ultimately what the encrypted partition resembles metaphorically is not at issue. What is is that this case has the power to declare the contents of minds the property of the government, and that should not, in any good society, be permissible.
posted by fifthrider at 8:24 AM on July 12, 2011 [1 favorite]

it is the password, which is a form of knowledge, which hitherto has been protected by court precedent and practice.

There's been one district level case on that, and it's been massively controversial.
posted by valkyryn at 8:25 AM on July 12, 2011

I had this theory once that someone should come up with software that would provide a sort of encryption wherein you would enter one password and it would give you your real data--and if you entered another password it would give you a lot of really embarrassing but legal pornography.

Which of course would be less useful if people knew you could do that, I suppose. But I can't think of much else that would be easily explained away as something you wanted to encrypt in case of your parents/spouse/whatever acquiring your computer in the event of your untimely death/illness/kidnapping/whatever.

Yeah, that's hidden volume encryption.

lying to the cops is against the law

Is that true? My knowledge comes entirely from cop shows and detective novels, but one of the things they repeat is that is not true.

Ask Martha Stewart.

And there, you've nailed the real failure of not only TrueCrypt, but any hidden-volume configuration - Why the hell do you have a huge drive with so much unallocated space?

Well, that's why you make sure you're 'real' volume is much smaller then your fake one. Also, it doesn't show up as unallocated, it shows up as empty. Which means that if you enter the fake password, and add some data, the hidden volume gets destroyed. You have to enable 'protect hidden volume' and enter the hidden volume password in order to safely use the outer volume.

TrueCrypt acts as a driver for the disk. It can put data wherever it wants, and even if you don't have a hidden volume TC will put data at the beginning of the disk, and fill it up.

---

As far as the legal thing, the arguments on both sides are ridiculous. Judges aren't computers, they'll just do whatever the hell they feel like doing. One of the reasons I hate "argument by analogy" is that you can never get a perfectly capturing analogy. So the fact that a cryptographic key is "like" the key to a safe is totally irrelevant. All that matters is how the judge, and ultimately the supreme court, feel about it. Supreme court justices disagree with each other all the time, so it's clearly not deterministic.

And if you look at the Gitmo stuff, the government has no problem breaking the law anyway, so what does it matter?

That's why hidden volumes exist. Use them, problem solved.
posted by delmoi at 8:27 AM on July 12, 2011 [1 favorite]

What if the passphrase itself consists of a potentially self-incriminating statement? "IBURIEDHOFFA" for instance.
posted by SpaceBass at 8:28 AM on July 12, 2011

And there, you've nailed the real failure of not only TrueCrypt, but any hidden-volume configuration - Why the hell do you have a huge drive with so much unallocated space?

I'm going to install Ubuntu in it. Really. Some day. Seriously.
posted by benito.strauss at 8:28 AM on July 12, 2011 [2 favorites]

I was referring to knowledge in general, not to passwords specifically. And there's plenty of precedent on a defendant's right to remain silent under questioning: Griffin v. California, for instance, or Miranda v. Arizona.

You, meanwhile, are no doubt referring to US v. Boucher, in which the defendant was dumb enough to show the police part of the data in question, then relock the vault. The ruling in that case dealt not with whether the court can force a defendant to reveal a passphrase, but rather whether the defendant, having once revealed information, can 'put it back in the bag,' so to speak. The court ruled that he self-incriminated willingly the first time, and therefore would not incriminate himself further by putting the whole vault into the record.
posted by fifthrider at 8:35 AM on July 12, 2011

(Referring, of course, to "There's been one district level case on that, and it's been massively controversial.")
posted by fifthrider at 8:36 AM on July 12, 2011

pla writes "Why the hell do you have a huge drive with so much unallocated space?"

Two reasons immdiately come to mind mostly because I've done both myself:

1) you are reserving space for an additional OS. So I take my 1TB drive and when I'm installing windows I partition it into 4 chunks. One for windows, one for data for windows and two blank partitions for additional OSs.

2) you are using a bit level disk copier like Ghost and are using the tool to push the image to two different hard drive sizes. I had this problem because I had a large installed base of 20 Fujitsu drives which had factory defects causing them to fail well within the warranty period (IE:10-18 months of a 2 year warranties). Fujitsu replaced those drives with 40GB drives so I had a mix of 20GB and 40GB drives in my labs. To make things simple we created images on the 20GB systems and had 20GB of unallocated space on the 40GB systems.

Really if you have a lot more space than you are going to use in the near future (like the 640GB data drive I have coming for my laptop when I currently only have 160 GB) I see no good reason to completely allocate the disk. Especially now that windows can dynamically extend the disk. It locks you into a partition scheme for no benefit.
.
straight writes "Isn't the whole encrypted laptop a complete red herring?"If you're being investigated, the government can say: Give us all your financial records or be held in contempt of court. "

That's an interesting question. Can the government say: Give us all your child porn or be held in contempt of court? In the former the data is evidence of the crime and in the latter the data is the crime.

Pastabagel writes "I hope you enjoy sitting in jail, without bail, pending trial while they crack your AES256 password. They may never convict you of the crime, they may never even try you, but that doesn't mean you get to walk away either. "

Don't you have the right to a speedy trial or are you essentially convicted of contempt of court in this case?
posted by Mitheral at 8:56 AM on July 12, 2011

Failure to comply with a court's order to turn over evidence means you are in contempt of court; you will remain in prison until you comply with the court's order. Since you hold the keys to your own cell, the rules of due process do not apply. That is to say: you can remain in jail indefinitely.
posted by introp at 9:00 AM on July 12, 2011

That's an interesting question. Can the government say: Give us all your child porn or be held in contempt of court? In the former the data is evidence of the crime and in the latter the data is the crime.

I don't think the government can say "Give us all your child porn" but I think they can say, "Give us all the images on your computer" or even "Give us the contents of your hard drive" because we have reason to believe they may contain evidence of a crime.

I really don't understand the issue here. Courts demand documents all the time from people and businesses, and whether they're password-protected is never an issue.
posted by straight at 9:11 AM on July 12, 2011

I really don't understand the issue here. Courts demand documents all the time from people and businesses, and whether they're password-protected is never an issue.

Encryption makes the documents unreadable unless the defendant deciphers them. If a person invented a language and wrote potentially incriminating documents in that language, could the court compel the defendant to translate the documents?
posted by ryoshu at 9:16 AM on July 12, 2011

I really don't understand the issue here. Courts demand documents all the time from people and businesses, and whether they're password-protected is never an issue.

In the case of businesses, at least, US v. Kordel limits Fifth Amendment protection to actual people- "natural persons." As a result, businesses can be fairly routinely forced to turn over documents and encryption keys. In other cases, they demand the documents from individuals who aren't serving as the defendant in the case, in which case the subpoena extends not just to the documents themselves but also to the necessity that such individuals testify.

When you're the defendant, however, under the Fifth Amendment, you don't have to testify against yourself. Therefore, there shouldn't be any way to force you to reveal your passwords.
posted by fifthrider at 9:17 AM on July 12, 2011 [1 favorite]

@ryoshu-

Exactly. They couldn't, because that would involve testimony on the means of translation/decryption.

Unless, of course, warbaby's fears come true. (Which is a distinct possibility, God help us.)
posted by fifthrider at 9:19 AM on July 12, 2011

Failure to comply with a court's order to turn over evidence means you are in contempt of court; you will remain in prison until you comply with the court's order. Since you hold the keys to your own cell, the rules of due process do not apply. That is to say: you can remain in jail indefinitely.

What if you don't have the evidence they think you do? Suppose I'm an innocent person, and I use truecrypt. The court says "Hey, hand over this evidence we believe you have. Unlock that volume." I do so, and the evidence isn't there, because I don't have it in the first place. Can the court then say, "Truecrypt supports hidden volumes. You must have used one, because what we're looking for isn't here. Open it."? Can I then be jailed forever for contempt of court for failing to provide evidence I don't have?

I'm genuinely curious how this works, because it sounds like just using encryption with plausible deniability means you're probably more screwed if you're innocent than if you're guilty.
posted by mrgoat at 9:19 AM on July 12, 2011 [3 favorites]

Strictly from the defendant's perspective, isn't the perfect response merely to say, "I do not know the password"?

Unless there is compelling evidence against that (which could be difficult given the vicissitudes of the mind), it seems airtight. In other words, the following points are entirely plausible:

(1) The person actually does not know the password, and never did. OR
(2) The person has temporarily forgotten the password. They may have known it at one time. They may remember it later, but right now at the time of questioning, they do not know it. They are naturally forgetful, nervous, or any number of reasons that piece of information is no longer with them.

The prosecution would have to prove that the defendant did know the password at the time they were questioned, which would be nearly impossible without some other form of evidence (e.g. something showing that the defendant decrypted the files using the password near the time they were questioned).
posted by scelerat at 9:21 AM on July 12, 2011

Can I then be jailed forever for contempt of court for failing to provide evidence I don't have?

Probably, if you drew the wrong judge. This guy sat for 7 years and the only thing that stopped the contempt sentence was the Appeals Court removing the trial judge. This guy sat for 9 years for refusing to produce supposed overseas assests during his divorce case. He said he lost them in a business deal. Kind of analogous to the hidden volume being discussed, hard to produce assest or evidence you don't have. If the judge "knows" you have them, you might sit for 5 or 10 years while your habeas petition meanders through the legal system.
posted by T.D. Strange at 9:28 AM on July 12, 2011 [3 favorites]

mrgoat: "What if you don't have the evidence they think you do? Suppose I'm an innocent person, and I use truecrypt. The court says "Hey, hand over this evidence we believe you have. Unlock that volume." I do so, and the evidence isn't there, because I don't have it in the first place. Can the court then say, "Truecrypt supports hidden volumes. You must have used one, because what we're looking for isn't here. Open it."? Can I then be jailed forever for contempt of court for failing to provide evidence I don't have?"

Since contempt of court is usually a civil (not criminal) issue, the burden of proof is fairly low. Basically, if there's more than a 50% chance that you did the thing in question then you're guilty. So yes, you can be jailed for failing to provide evidence that you don't have if the majority of the other evidence supports that you do have it.

With respect to being screwed if you use TrueCrypt's hidden volumes... well, that's something that's never been tried up high. The aim in such a situation would be to work hard to ensure the preponderance of evidence indicates there's nothing hidden: never talk to anyone about the hidden volume (or even that you know it can be done), etc.
posted by introp at 10:11 AM on July 12, 2011

With respect to being screwed if you use TrueCrypt's hidden volumes... well, that's something that's never been tried up high. The aim in such a situation would be to work hard to ensure the preponderance of evidence indicates there's nothing hidden: never talk to anyone about the hidden volume (or even that you know it can be done), etc.

Uh oh. Mods, could you please delete all records of this thread? Thanks.
posted by Thoughtcrime at 10:13 AM on July 12, 2011 [3 favorites]

Another method I like to use for casual "encryption" is storing things in a tar.bz2 file, and renaming the file extension as .mp3 - click on it, and it will play in a media player, just as a series of scratching, squeeks and blips. So you name it "Aphex Twin" and no one knows the difference.
posted by Marisa Stole the Precious Thing at 10:50 AM on July 12, 2011 [8 favorites]

Another method I like to use for casual "encryption" is storing things in a tar.bz2 file, and renaming the file extension as .mp3 - click on it, and it will play in a media player, just as a series of scratching, squeeks and blips. So you name it "Aphex Twin" and no one knows the difference.

Seriously, it seems like you could store a huge amount of text files, accounting data, or even some image files that way. Are there tools that can easily pick out such files from among a folder of thousands of .mp3 files?
posted by straight at 11:22 AM on July 12, 2011

Yes. In any vanilla Linux distro, type "file foo.mp3" and it'll spot, within milliseconds, that it is a bzip2 file. Run it with "-z" and it'll even spot the tarball inside it.

One of the first things you do when taking apart a hard drive image is look for "hidden in plain sight" files like this, and it is trivial to automate.
posted by introp at 11:24 AM on July 12, 2011

> This guy sat for 7 years... This guy sat for 9 years...

Wow, those are some ungrammatical wikipedia articles... Scary stories, though.
posted by Coventry at 11:32 AM on July 12, 2011

I don't know if it was posted already, but this DEFCON 17 talk by Tyler Pitchford is somewhat relevant.
posted by hellphish at 11:32 AM on July 12, 2011

Well for casual fun on windows,

copy /b bootycall.jpeg+secret.zip

Will tack secret.zip onto the end of bootycall.jpeg. Double click, browse, file id, etc the file and you'll get some booty call. Load it into a smart de-zipper like 7-zip, you'll get your secret.zip file. Stops casual poking around and distracts the viewer.
posted by Bovine Love at 11:39 AM on July 12, 2011 [2 favorites]

Tangential: I've long wondered if it would be hard to make a sort of "run-time encryption" from existing files, rather than an encrypted volume. I know this counts as steganography, so I assume someone has already had this idea. And it doesn't sidestep the legal issues presented here, but it seems like a form of encryption that would be invisible as encryption.

For example, lots of us may have gigabytes of mp3 files, nothing too odd about that (possibly violating copyright, but that's a separate issue). If I the user wanted to encrypt a file of say ~5-6MB in size, couldn't I mentally just remember a list of songs and a passphrase, and then have a small bitmask file?

So let's say I remember my passphrase as "BURNINHELLRIAA" and that I can make my song list by using all the songs from "Queen's Greatest Hits Volume II", sorted in reverse alphabetical order. My fictional program loads up each song in turn, using it as a bitmask of the last song, and at the end has a gibberish file in memory that's ~5-6MB in size (an optimization might be to have the fictional program pick songs that will most closely match the target file in terms of bit mask). Next I point it to a bit mask file and type in my passphrase, which is used as a hash of some sort to tweak the bit mask, laying it on my gibberish file and producing in memory the end file I wanted to encrypt.

Heck, if I was specifically using mp3s I could potentially spread the bitmask itself among the mp3s that were used to generate the bitmask in an unused field in the mp3 header (since mp3s are good about allowing expandable headers without touching the bulk of the data, which is the mp3 itself).

The thinking being that there is no encrypted file in existence at all on the drive, especially if the bitmask is baked into the various mp3s. Unless you thought to look for it, you wouldn't even suspect anything amiss from the mp3 files, and there'd be no data to grab or request decryption without the user's knowledge of "First, load these songs, in this order...". The mnemonic for loading songs could be completely arbitrary, including "songs I rated 4 stars with references to fruit in order of publication date", etc.

I'm not sure if this is a workable form of encryption, and from a legal perspective this might not matter- as someone noted above, the courts/law could just declare you required to incriminate yourself, since no one actually considers the Constitution to be of any value or meaning in the US anymore- but I think it offers an example of where technology does change things. Unlike safes and encrypted paper codes, there is no hidden volume/encrypted file to be asked to unlock, since it only exists if you combine normal files in just the right way- normal files that are completely usable as-is.
posted by hincandenza at 11:47 AM on July 12, 2011

straight, there are plenty of problems that will determine the type of a file based on the content, ignoring the extension completely. I could whip up something for you in a few minutes.

OTOH, it's easy enough to strip most of the header information from some compressed/encrypted file formats. Do that and rename the data "SETI 4.5.2010-4.6.2010" and you have something that essentially looks like white noise and a plausible story for why you have it. You should probably arrange to have a bunch of Hubble photos and other space porn lying around your hard drive just to establish your geek cred.
posted by It's Never Lurgi at 12:31 PM on July 12, 2011

As an aside, there are ways to choose passwords that make them possible to forget using mental exercises, much like the memory exercises used by memory champions, but in reverse.

You'll simply tell the court you no longer remember the password, which is true. You'd also lose the ability to plead bargain or turn states evidence however, which seem vastly more valuable.
posted by jeffburdges at 1:46 PM on July 12, 2011

I'd imagine that people will simply start using more plausible deniability systems, like MaruTukku. There will always be vastly more people hiding their extra-marital affairs, porn, etc. than crimes anyways, effectively preventing password disclosure.

There is an old plausible deniability system that works vaguely like that, hincandenza. Catch : You can't use existing files. You must decompose your mp3 into files containing random noise. There is one password that'll reconstruct your mp3 from the noise and one password that'll reconstruct the hidden data, but most passwords yield more random garbage.
posted by jeffburdges at 1:46 PM on July 12, 2011

I'm a defense attorney type of... I don't know how to classify myself right now law talkin' guy[/Lionel Hutz]

Happy to help.
posted by Gelatin at 2:29 PM on July 12, 2011

Yes. In any vanilla Linux distro, type "file foo.mp3" and it'll spot, within milliseconds, that it is a bzip2 file. Run it with "-z" and it'll even spot the tarball inside it.

But how hard would it be to make an encryption program that outputs files that say, "I'm an mp3" to those kinds of programs? I'd think that once you get past the metadata the bulk of the data representing the music would look kind of random, or would at least vary in a somewhat random-looking way from other music.
posted by straight at 3:24 PM on July 12, 2011

straight : But how hard would it be to make an encryption program that outputs files that say, "I'm an mp3" to those kinds of programs?

Trivial. Talkin' fifteen minutes' work for any format I already know (and a few hours if I don't).

But you wouldn't want to go for a highly structured format like MP3... You'd want to use a raw media format with a simple header... Something like an uncompressed AVI. Split your data out into "frames" of a few megs each, add a valid header, and bam, you have a perfectly valid 500GB video of 1080p white noise. You could even load it up in Windows Media Player (or whatever favorite player you prefer) and enjoy the snow.

Of course, that goes back to the issue of "why"... When you have a third of your HDD taken up by a single file containing apparently nothing but static, that in itself would raise some eyebrows.

Now, if you had a few gigs spread across a sizable por... er... "home video collection", you could probably escape notice. But this goes back to my earlier comment about the ease of hiding a few megs vs a few TB.
posted by pla at 3:50 PM on July 12, 2011

Yeah, when I say "casual encryption" I mean hiding shit from my friends who might be using my machine; not the feds.
posted by Marisa Stole the Precious Thing at 5:29 PM on July 12, 2011

I think providing a passphrase or code to decrypt the data will amount to providing access to the evidence, but not as testimony or the actual evidence itself. Consequently, I think that not providing the access code would be similar to not providing the combination to a safe. The critical difference is that with most safes, they can probably find a way to get it open; you can delay the authorities by not giving up the combination, but they will mostly likely find a way in. With encrypted information, "getting it open" is near impossible (at least as far as I understand it), so if a person refuses to cooperate, I think they would likely be held in contempt.
posted by KillaSeal at 11:19 AM on July 13, 2011

And if they forget the password, what, they can just rot in prison for the rest of their lives? Or what happens if the container gets corrupted? Not to mention, how do you prove that there's actually an encrypted container on a device?

Even if you reject the notion that revealing the password is testimony (which, under current definitions of speech, it is,) an unlock-mandate could very easily lead to legally and ethically unacceptable Catch-22s.
posted by fifthrider at 1:11 PM on July 13, 2011

And if they forget the password, what, they can just rot in prison for the rest of their lives? Or what happens if the container gets corrupted? Not to mention, how do you prove that there's actually an encrypted container on a device?

I think that if someone states that they forgot the password, it would be treated differently than saying "I know the password, but I'm refusing to tell you/write it down/decrypt the drive." To me, the critical issue here is how the courts will view accessing (or unencrypting) the data. Since the password is the ONLY way to get to it (unlike a safe, which they would try to break into), if someone claims that they don't remember, I think that in a courtroom, they might try to prove otherwise. Kind of sounds like a loophole for someone to simply claim "I don't remember", but it worked pretty good for Reagan, didn't it? ( Yes, he had Alzheimer's Disease, but an argument can be made that he used that fact to his advantage).

As for the container getting corrupted, that would be like the safe somehow being destroyed, right? Now the evidence inside is also destroyed, so whoever wanted would be out of luck, right?

As for being able to prove the existence of an encrypted container on the device, in this particular case, the laptop was encrypted; I am assuming that they found it that way.

Either way, I can't wait to see what the ruling will be. I think it's a fascinating case that sounds simple, but is really complex, with good arguments both for and against.
posted by KillaSeal at 3:33 PM on July 13, 2011

There's a nice demonstration of easy home steganography over here.
posted by Obscure Reference at 6:08 AM on July 14, 2011