A Magistrate Judge in the U.S. District Court in Vermont has ruled that a man allegedly caught with child pornography on his laptop need not reveal his PGP password (yes, authorities shut down the laptop and now can't get at the alleged porn) pursuant to the Fifth Amendment's protections against self incrimination. The decision is here[PDF]. A decent write-up (from CNET of all places) is here. This appears to be the first decision ever to directly address this issue, and many commentators had thought it would come out differently. The major question is whether revealing one's PGP key is "testimonial" or not. According to the Supreme Court, giving up fingerprints or blood samples isn't, nor is standing for a lineup, nor is handing over the key to a safe, but if it's combination safe, well maybe that's different. Never let it be said that your Fifth Amendment rights are easy.
posted by The Bellman on Dec 15, 2007 - 57 comments

Anonymous weblogging could be the next big thing for those who want total anonymity online. Using the mixmaster remailer and GPG encryption you can have a truly impersonal weblog. (my thoughts inside)
posted by j.edwards on Apr 24, 2003 - 9 comments

Crypto guru getting blamed for his software. PGP writer Phil Zimmermann's hate mail goes a little something like this, "Phil -- I hope you can sleep at night with the blood of 5,000 people on your hands." If Phil is guilty of anything so is everyone who has ever used their credit card online, including Mr. Hate Mail.
posted by skallas on Sep 21, 2001 - 23 comments

Vulnerabiity in OpenPGP You don't even need to crack the key, just get hold of it, modify a few bytes, and presto, sign away from other persona. The issue here is signing, not encrypting. The implications are evident when you think of internet voting, tax filing, etc., but it is still a victory for open cryptography, where peer review can find serious flaws.
posted by pecus on Mar 22, 2001 - 2 comments

Wincent Colaiuta has seen and reviewed the new Mac OS but you can't read the review. He's encrypted the whole thing using PGP and he's not releasing the key until the OS is released. He says he's done this to avoid law suits from Apple.
I say he's begging for hits.
If he wanted to avoid lawsuits, he could just wait to publish the review...
posted by Jako on Mar 20, 2001 - 6 comments

Why Digital Signatures Are Not Signatures "When first invented in the 1970s, digital signatures made an amazing promise: better than a handwritten signature -- unforgeable and uncopyable -- on a document. Today, they are a fundamental component of business in cyberspace. And numerous laws, state and now federal, have codified digital signatures into law. These laws are a mistake." -- Bruce Schneier, November Crypto-Gram
posted by lagado on Nov 15, 2000 - 5 comments