Pretty Good Pornography
December 15, 2007 3:18 PM   Subscribe

I don't recall.
posted by cytherea at 3:22 PM on December 15, 2007

This is a very weak decision. If no agents had seen the files, then a fifth amendment defense is much stronger.

I suspect this one will get overruled and set a very bad precedent.
posted by eriko at 3:32 PM on December 15, 2007

Hunh. I...hunh.

If they can actually work the sneaky immunity trick as mentioned in the CNET article, then this ruling doesn't seem that jarring, but I must be missing something.
posted by Sticherbeast at 3:38 PM on December 15, 2007

There's an interesting analysis and discussion of the issue here. And for MeFi, before things get out of hand, I'll quote from that post:

Given that this post might be of interest to a non-lawyer crowd, I should add an important point that will be obvious to the lawyers but not obvious to the computer crowd: This opinion does not really settle the legal issue. It's only an opinion by one judge, and that judge isn't even a "real" federal District Court judge. The opinion is only the decision of one Magistrate Judge, who is sort of an assistant judge in the federal system. If you want to make an analogy to science, this is like one professor's hypothesis rather than an experimental or theoretical proof. So while it's the first case on the issue, it may be wrong (as I tend to think it is) and probably won't be the final word either way.

posted by Partial Law at 3:38 PM on December 15, 2007 [1 favorite]

Meanwhile in the U.K. they have the RIP act, which requires people hand over Crypto keys, and can actually force you to keep silent about your involvement in an investigation.
posted by delmoi at 3:39 PM on December 15, 2007

Fingerprints, blood samples, or your appearance in a lineup represent something you are, a key is something you have, a pgp key is something you know. Maybe that's the difference, not being forced to communicate information.
posted by scheptech at 3:40 PM on December 15, 2007

Compare and contrast with the UK's "We thought of it before the Americans, now bend over and take your government's will" RIP Act.

Enacted a year before the 11th September attacks, but only recently activating the encryption key clause, us Brits can be compelled to turn over encryption keys (or a plaintext version of encrypted files) under the penalty of a 2-5 year jail sentence. So, take care not to forget your password.

Oh, and hope you never get sent an electronic file filled with random data by a stranger, because then you'll have to prove that a) it's not encrypted data and/or b) you don't have the key for it. Good luck on that one.
posted by Nice Guy Mike at 3:41 PM on December 15, 2007 [2 favorites]

Also worth noting:

An officer opened the laptop, accessed the files without a password or passphrase, and allegedly discovered "thousands of images of adult pornography and animation depicting adult and child pornography."

The alleged child-porn allegedly includes no children.
posted by Western Infidels at 3:41 PM on December 15, 2007 [6 favorites]

Bah, should have previewed.

Also, should have been "you may have to prove", not "you'll have to prove".
posted by Nice Guy Mike at 3:43 PM on December 15, 2007

Correct, Western Infidels. And even this Supreme Court has held that kiddie porn without the real kiddies is not kiddie porn. (Ashcroft v. Free Speech Coalition, 535 U.S. 234 (2002))
posted by The Bellman at 3:51 PM on December 15, 2007

From my cold, dead sockpuppet.
posted by Poolio at 3:53 PM on December 15, 2007

crypto key? i can't even remember where i put my car keys!
posted by bruce at 3:54 PM on December 15, 2007

"Boucher was read his Miranda rights, waived them, and allegedly told the customs agents that he may have downloaded child pornography."

Encryption can not help if you are not smart enough to shut the fuck up when being arrested.
posted by a robot made out of meat at 4:07 PM on December 15, 2007 [5 favorites]

Even though the UK law seems quite bad, I don't know if debating the legality of withholding your encryption keys is all that relevant. After all, in the US, what do you get, slapped with some sort of content of court ruling? What's the punishment for that? And in the UK, 2-5 years?

I'm sure there are many crimes where giving up your keys would result in much harsher penalties than that. After all, just because it's illegal to not give up your keys, doesn't mean you have to do it. You just have to face the consequences. If those consequences are more agreeable than the consequences of giving up your keys, you just don't give them up.
posted by Joakim Ziegler at 4:07 PM on December 15, 2007

Um, that should be "contempt", obviously. I'm dumb.
posted by Joakim Ziegler at 4:46 PM on December 15, 2007

Joakim Ziegler: the whole point of this ruling, in particular, is that the court actually can't force you to turn over keys. So, if you don't want to turn them over you don't have too.

Also, if I'm remembering this right, Keven Mintnik had a lot of encrypted data when he was arrested, and he was never forced to turn over his data, but also the government claimed that they didn't need to give him those files back. They would only return plain text, and if he wanted to the data returned, he would have to give them the keys.
posted by delmoi at 4:51 PM on December 15, 2007

delmoi: Yes, I know that. But my point is that for encryption that protects evidence of serious crimes, it doesn't matter that much anyway, since it's preferable to just refuse to give up your keys no matter what.

I didn't know about the Mitnick thing, what did they base that on? Could they do the same with a physical object whose function they didn't understand? If he didn't want to explain it to them, they didn't have to give it back? Anyway, just goes to show that you should keep network backups of your encrypted stuff, I guess. If it's really important, there probably isn't too much of it to make that a hassle, and if it's encrypted, you don't have to worry about copying it over the network and storing it on servers you don't control.
posted by Joakim Ziegler at 4:56 PM on December 15, 2007

Agreed or not, fingerprints and blood samples are indicators of something you are, keys to a safe are something you have, but giving up a safe combination or a password involves something you say, so the Fifth Amendment applies.

Obviously, I'm not a lawyer, but that seems like it follows from the initial premise. It won't last, of course. Heavens forfend that we keep some level of privacy.
posted by adipocere at 5:04 PM on December 15, 2007

What would happen if you use something really self incriminatory as your PGP password? Something like:

"I confess to killing JFK"
"I have a meth lab in my basement"
"I have stolen over 400 credit card and social security numbers"
"I used to enjoy going to Michael Vick's parties"

In the case a court forces you to provide these passphrases, would the legal system collapse upon itself right then and there?
posted by omegar at 5:06 PM on December 15, 2007 [6 favorites]

A decent write-up (from CNET of all places)...

Huh? In my opinion CNET does a fine job reporting news regarding technology, its role in society, legal issues, etc.
posted by ericb at 5:12 PM on December 15, 2007

omegar: presumably the passphrase would not be admissible but the plaintext would. The law is not stumped that easily. Not usually, anyway.
posted by jedicus at 5:14 PM on December 15, 2007

omegar, I like that.
posted by blacklite at 5:17 PM on December 15, 2007

Omegar: Sorry, no go. The government made it clear that they'd be happy for the suspect to enter his password without them watching. So it wouldn't matter if his password was, itself, incriminating because they would still have no idea what his password was after he entered it.
posted by Justinian at 5:23 PM on December 15, 2007

Nice Guy Mike said: hope you never get sent an electronic file filled with random data by a stranger

Yep, and that nicely illustrates the idea that it may be possible to deny the existence of encrypted data. In crypto circles his is sometimes called "repudiation" or "(plausible) deniability." There are a couple of interesting practical examples:

One strategy is to make producing forgeries so easy you can claim embarrassing messages are in fact fraudulent. And back that claim up with a mathematical proof. This is the approach favored by Off-the-Record Messaging. It's a way to create an encrypted connection on top of existing IM networks. Messages can be faked -- by anyone -- and fakes are indistinguishable from real messages. (I've tried it out myself -- it's easy to use.)

Another approach is to have more than one key, and only give up the key that protects stuff that's legal. You'll need to be able to hide the existence of the second key and the data it protects. A layering mechanism I first ran across in the cleverly-named Rubberhose cryptosystem was extended and combined with other techniques in the open source Steganographic Filesystem (StegFS). Clever mathematicians have designed this layering scheme so that it's not mathematically possible to determine whether there is more than one layer in existence. (In StegFS and related systems, it's necessary to be very, very careful so as not to accidentally reveal the existence of hidden layers via your computer's normal logging, tracing, command histories and the like.)

As an aside, stuff like this is what prevents me from becoming engulfed with despair at the fact that my vote doesn't count in America's broken democracy. I rest a bit easier knowing mathematicians and software developers have got my back. Time and time again, political problems are solved not by political activism or the scrutiny of the press, but by angry, sweaty nerds toiling away in the pale glow of a computer monitor, building disruptive tools and technologies that change our society for the better simply by the virtue of their existing.
posted by sdodd at 5:25 PM on December 15, 2007 [12 favorites]

I think the ruling is a very sound one. I scanned the magistrate judge's ruling, and his reasoning seems to be that merely providing the password can be incriminating; i.e., the fact that you know the password can be taken to be an incriminating fact; and the Fifth Amendment protects you from having to reveal whether or not you know the password.

The argument that having to provide the password is non-testimonial, and therefore unprotected by the privilege against self-incrimination, is kind of like saying that being forced to show where the body of your victim is, is not protected by the privilege against self-incrimination, because it's showing something, not saying something.
posted by jayder at 5:29 PM on December 15, 2007

Off the Record has a number of very interesting properties that might sound downright magical if you've never studied crypto.
posted by Rictic at 5:40 PM on December 15, 2007

The guy seemed cooperative enough when first confronted, and even acknowleged having porn on his laptop. He didn't even bother to deny that there might be child porn in the mix of the downloads. Further, he waived Miranda and turned over his laptop on the spot. All that sounds pretty innocent to me.

(Enter stage left), LAWYERS. All of a sudden we have a fifth amendement case that will bring this guy more "stage" than he could have imagined in his wildest teen fantasy.

(Enter stage right), a literal, inexperienced judge.

Uh oh. "We got trouble, right here in River City." This is going to be some show, but it sure is not going to be a musical.
posted by LiveLurker at 5:41 PM on December 15, 2007

I don't believe that Microsoft does not have a backdoor for that, I just don't
posted by matteo at 6:31 PM on December 15, 2007

This is a most interesting case and the outcome is by no means predictable.
posted by caddis at 6:32 PM on December 15, 2007

(the obvious alternative is to use the PATRIOT Act to try this guy as a terrorist, then just waterboard him and he'll probably give up the password; or he'll drown, making a trial redundant)
posted by matteo at 6:34 PM on December 15, 2007 [1 favorite]

You are right, caddis. But what IS predictable is that by the time this case is resolved, the orginal "players" will have given up their stage AND their lives to bloodsuckers that multiply faster than NYC cockroaches.
posted by LiveLurker at 6:46 PM on December 15, 2007

then just waterboard him and he'll probably give up the password;

No, he will.

This is one area were torture works, because you can instantly confirm the data. If I want your passphrase, I'll beat it out of you. You will tell me what it is, and I will know when you have.

Period. In the trades, it's known as "rubber hose cryptanalysis," and it's very effective. I keep beating on you until I can read every bit on the disk, and I know you're lying if I can't.

This is why PGP is the *stupidest* encryption ever when it comes to dealing with a hostile government. It positively links sender to recipient, and you can bet that your evil government will use this to roll up resistance networks.

Stenography is critical. If you want to communicate privately, it is critical that governments and such do not know that communications are occuring. Otherwise, they will, quite literally, beat the keys out of you.
posted by eriko at 6:52 PM on December 15, 2007 [2 favorites]

Just checking, but we can still waterboard the pass phrase out of him, right?
posted by Crash at 7:01 PM on December 15, 2007

^cockroaches
posted by LiveLurker at 7:41 PM on December 15, 2007

Also worth noting:
An officer opened the laptop, accessed the files without a password or passphrase, and allegedly discovered "thousands of images of adult pornography and animation depicting adult and child pornography."
The alleged child-porn allegedly includes no children.

From the decision :
"When Agent Curtis arrived, he examined the computer and found a file named
“2yo getting raped during diaper change.” Agent Curtis was unable to open the file to
view it. However, Agent Curtis determined that the file had been opened on December
11, 2006. He continued to investigate and found thousands of images of adult
pornography and animation depicting adult and child pornography.
Agent Curtis then read Boucher his Miranda rights. Boucher waived his rights in
writing and agreed to speak to Agent Curtis. Agent Curtis asked Boucher about the file
“2yo getting raped during diaper change.” Boucher stated that he downloads many
pornographic files from online newsgroups onto a desktop computer at home and then
transfers them to his laptop. Boucher also stated that he sometimes unknowingly
downloads images that contain child pornography but deletes them when he realizes their
contents. (...) Agent Curtis then asked Boucher to leave the room and continued to examine
drive Z. He located several images and videos of child pornography in drive Z. After
consulting with the United States Attorney's office, Agent Curtis arrested Boucher. He
then seized the laptop, after shutting it down."
posted by iviken at 8:01 PM on December 15, 2007

What do you think, iviken? Thousands of images or several?

"He (Agent Curtis) continued to investigate and found thousands of images of adult
pornography and animation depicting adult and child pornography."

and later,

"He (Agent Curtis) located several images and videos of child pornography in drive Z".
posted by LiveLurker at 8:23 PM on December 15, 2007

Doesn't really matter, since each one is a count.
posted by smackfu at 9:10 PM on December 15, 2007

My point was that the court decision does not back up a claim that "the alleged child-porn allegedly includes no children":

1) The child pornography found later during the search ("He [agent Curtis] located several images and videos of child pornography in drive Z.") is not described as animations.
2) Sebastien Boucher claimed that he downloaded various pornography and later deleted allegedly unwanted child pornography.
3) Boucher did not explain the contents of the file "“2yo getting raped during diaper change", that was accessed on December 11, 2006. The arrest was December 17, 2006.
4) Also from the decision: "Agent Curtis located many adult pornographic files and one video entitled “preteen bondage.” Agent Curtis viewed the video and observed what appeared to be a
preteen girl masturbating."
5) Boucher and his lawyers has not made a claim, unlike in some other child pornography cases, that the material was "virtual child pornography" and not pictures of real children.

See also this Wired article regarding the "Child Obscenity and Pornography Prevention Act of 2002":

"The one Republican who voted against the bill, Ron Paul (R-Texas), said the legislation would divert efforts to crack down on real child porn. COPPA "may reduce law enforcement's ability to investigate and prosecute legitimate cases of child pornography by redirecting law enforcement resources to investigate and prosecute 'virtual' pornography," Paul said before Wednesday's vote.
But conservatives say virtual child porn can lead to exploitation of real children."
posted by iviken at 9:12 PM on December 15, 2007 [1 favorite]

0003 3902 3043 3953 3963 4961 3096 4754 4674 4675 1012 3630 2464 3763 4758 4729 5743 4620 3569 4620 4637 2344 4663 8053 5798 7093 4567 8095 4586 6933 6796 7694 5676 6899 6434 6789 0356 7943 6984 6896 4365 4680 0985 2580 9764 3568 8974 3579 9653 4670 8634 4567 7357 9035 6803 2589 7903 3578 9615 6935 4790 3679 5853 5693 4706 4697 3568 4685 3790 8532 2690 9765...


yeah, it's "just random numbers" but does the justice department know that?
posted by fuq at 10:53 PM on December 15, 2007

I am still of the mind that the NSA cracked PGP's RSA long ago, but (obviously) they keep that a secret.
Any notice of some minor government agency, such as a County DA's office, suddenly "breaking" any type of encryption will cause the word to fly. And within 24 hours no one will be using that encryption any more.
posted by Zangal at 11:26 PM on December 15, 2007

I am still of the mind that the NSA cracked PGP's RSA long ago, but (obviously) they keep that a secret.

Some secret. Unless you are using a one-time pad, there is (for the most part) no encryption that the NSA cannot break. Pretty good ain't good enough. Secrecy and anonymity on the web is a total fiction, but I'm happy so many people think there is. It's fly paper for fools.

As a libertarian, I agree with the ruling and hope the court turns the files over the NSA who will provide the key and the evidence to prosecute this person.
posted by three blind mice at 12:30 AM on December 16, 2007

I'm just disturbed that in a post about child porn, the title is "Pretty Good Pornography". Ew.
posted by robcorr at 12:32 AM on December 16, 2007

sdodd: In case you're familiar with Truecrypt, do you know if it has disadvantages, compared to Rubberhose?
posted by Anything at 12:33 AM on December 16, 2007

there is (for the most part) no encryption that the NSA cannot break. Secrecy and anonymity on the web is a total fiction

Yes, it is. And always has been. You think the great-unwashed would ever get their grubby little hands on military-proof encryption?

But that doesn't make programs like PGP useless. Most people (and by that I mean 99.9%) only want to keep their pornfolios safe from their wife/gf or send the occasional ripped software to a friend. And PGP, Steganos et al are fine for that.
posted by bobbyelliott at 4:09 AM on December 16, 2007

What reason do we have to believe that someone has cracked PGP? By my admittedly basic understanding, modern encryption schemes are based on some pretty serious and sound mathematics - if someone has managed to find a way through, surely it's just as likely to be a mathematician who goes public, as a secretive government agency? I always beleived brute-force was the only way, and I doubt they would bother devoting what computing power they have to breaking a 2048-bit key just for some child porn...I'm sure the perp would be long dead and decayed before they got a fraction of the way through the keyspace.
posted by Jimbob at 5:11 AM on December 16, 2007

only want to keep their pornfolios safe from their wife/gf

"Bobby, why is that HOMERIC HYMNS folder password protected? It's the only password protected one in our computer"

"Because I don't want ninja Ancient Greek scholars to break in to our house, murder us in our sleep, hack into our computer, and steal my original research".

"O.K., goodnight"

"'Night"
posted by matteo at 5:16 AM on December 16, 2007 [3 favorites]

Whether a file being accessed on December 11th has any significance probably depends on what exactly they mean by "accessed". If they just mean that the access date on the file is December 11th, there are all sorts of things that could modify the access date (starting with creating the file in the first place, and followed by virus scans, etc).

Also, from what I've read child pornography is a standard peril of automatically downloading pornography from Usenet newsgroups, since people post it to groups where it really doesn't belong. I've never actually used the Usenet binary groups, so I can't verify how true this is.
posted by makomk at 6:17 AM on December 16, 2007

Hey Anything, you asked about Truecrypt. Rubberhose is no longer maintained, so you don't want to use it.

Spookily enough, *yesterday's* edition of Bruce Schneier's monthly crypto newsletter contains an essay covering exactly this topic: How to Secure Your Computer, Disks, and Portable Drives. He recommends PGP's Whole Disk Encryption, and Schneier's reputation in such matters is as unimpeachable as it gets.

He goes on to say, "many people like the open-source and free program, TrueCrypt. I know nothing about it." I haven't used either solution, but if I were looking for whole disk encryption, I'd give TrueCrypt a try. TrueCrypt was designed for deniability. And the fact that it's Free Software makes it arguably easier for the cryptography community to ensure its security. If you run Linux, I'd take a look at StegFS.

I'd love it if OS vendors would ship with steganographic encryption installed and running by default. That way anybody who uses it can just say, "Oh, I don't use it; it's installed by default."
posted by sdodd at 8:02 AM on December 16, 2007

Every time I hear about government spying, or now with this computer password nonsense, I can't help but think about how bored the NSA would be with the contents of my computer.

"There seem to be a lot of pictures of cats. And webcomics. Very... incriminating... webcomics. OOOOH! Civ IV! JACKPOT!"
posted by grapefruitmoon at 8:06 AM on December 16, 2007

This PGP issue was also mentioned in the comments about FISA and telecom amnesty in Glenn Greenwald's article today.
posted by jaronson at 8:22 AM on December 16, 2007

Zangal said: I am still of the mind that the NSA cracked PGP's RSA long ago, but (obviously) they keep that a secret.

If you had said that about MD5 or SHA-1, I'd be inclined to agree. But RSA? I personally don't think so. Although I'm hesitant to start a cryptography discussion on MetaFilter, lemme briefly suggest two reasons why it's unlikely NSA has broken RSA.

First, one of NSA's most historically important mandates has been to improve the quality of American encryption. Why? Well, for example, they're tasked with protecting American companies from international corporate espionage. And the Defense Department uses a lot of off-the-shelf crypto in sensitive and unclassified areas; it's important that be as high-quality as possible. I can provide specific examples of times when NSA has acted to make public cryptosystems stronger. Off the top of my head:

NSA researched, developed, and then donated to Linux the SELinux mandatory access control system, by all accounts dramatically improving the security of your average Linux installation. Also, NSA did a good job with the AES selection process. I think if you were to poll crypto researchers, they'd generally agree Rijndael was the right choice to succeed DES (and the cypher's authors weren't even American!). And, of course, much has been written about NSA's role in the standardization of DES. In cooperation with the designers, they made changes to the DES S-boxes that strengthened DES against differential cryptanalysis -- even though academic cryptography community didn't know such an attack even existed until two decades later.

(I don't want to come off like an NSA cheerleader. It's also possible to point to examples of NSA working to put back doors in publicly deployed cryptosystems and generally behaving in a questionable manner.)

The second reason it's unlikely NSA has broken RSA is, well, math. RSA is based on what is generally agreed to be a difficult mathematical problem: factoring large prime numbers. There's no reason to believe NSA has found an easy way to do that. And modern implementations use ridiculously long keys. The notion of brute-forcing RSA... well, brute-force factoring is impossible. To quote an introduction to asymmetric cyphers, "In public-key cryptosystems based on the problem of factoring, numbers are of size 10^300 and this would require trying all primes up to 10^150 and there are about 10^147 such prime numbers according to the prime number theorem. This far exceeds the number of atoms in the universe, and is unlikely to be enumerated by any effort." (Emphasis mine.)
posted by sdodd at 9:20 AM on December 16, 2007 [1 favorite]

Ah, I meant to add this disclaimer: I am not a mathematician, and you should never take cryptography advice from anyone who hasn't published at least one attack against a widely-deployed cryptosystem.
posted by sdodd at 9:26 AM on December 16, 2007

You don't have to believe that NSA has figured out the great number theory challenges of our era to think that they have a usable attack on the most popular implementation of a good method. Programs are never perfect. Also, I'm not a big RSA fan for things that I want to be secret forever. The gods of physics willing, one day Shor's algorithm will blow away factorization like dust.
posted by a robot made out of meat at 9:59 AM on December 16, 2007 [1 favorite]

there is (for the most part) no encryption that the NSA cannot break.

I call shennaigians on this one. 2048 bit keys, elgaml instead of rsa, etc. Good luck with this one, but Im sure its a myth that the NSA wants you to believe. They do have the power to take all your stuff by using various laws that abuse public trust and can do a neat little search for unencrypted public keys left in a cache or by analyzing your other passwords and seeing if there might be a relationship. stealing all your shit and looking at it falls into the category of 'rubber hose cryptoanalysis' not 'genius NSA reseachers with lots of cpu power.'

You think the great-unwashed would ever get their grubby little hands on military-proof encryption?

Err, whats militiary grade? Is Private Pyle doing maths that the public doesnt know about. Public key/private key, RSA, etc is exactly what the government uses. We use 'military grade' stuff everyday.
posted by damn dirty ape at 10:53 AM on December 16, 2007

I don't think there's any reason to suppose that anyone, the NSA included, has a truly practical way to attack any of the common strong crypto systems.

The past couple of decades have seen the NSA and other intelligence agencies re-orient themselves around large-scale signals intelligence and traffic analysis (ECHELON et al.) rather than crypto-cracking. The most obvious explanation is that they knew full well that the day would come when they would be unable to crack common freely and commercially available crypto systems. Trolling for clues in plaintext on a massive scale is the only realistic option available to them.

Like any other sort of lock, crypto doesn't have to be completely unbreakable to be valuable to its user. Suppose the NSA had a football field full of computers that could break one encrypted laptop per year. What use would that really be?
posted by Western Infidels at 10:59 AM on December 16, 2007

a robot made out of meat said: [NSA has] a usable attack on the most popular implementation[...] Programs are never perfect.

I agree completely, and moreover, that will always be true -- no matter the mathematics. (Moral: use only the most heavily scrutinized, mature cryptosystems.)
posted by sdodd at 12:48 PM on December 16, 2007

Nice Guy Mike writes "Brits can be compelled to turn over encryption keys (or a plaintext version of encrypted files) under the penalty of a 2-5 year jail sentence."

This is why a layered approach like that available in TrueCrypt is desirable.
posted by Mitheral at 5:57 PM on December 16, 2007