Coffeehouse Thread

107 posts

Forum Read Only

This forum has been made read only by the site admins. No new threads or comments can be added.

Hand Over Your Keys Or Else.

Back to Forum: Coffeehouse
  • User profile image
    Dr Herbie

    Sorry Secret, I just don't get you distinction between illegal digital content and illegal physical content.

    If a person is suspected of being a pedophile the courts can issue a warrant to search that person's house.  If they find a locked strongbox, they can request that the suspect opens that strongbox to see if it contains illegal video tapes. If the suspect refuses to hand over the keys to the strongbox they can be charged.

    This new(ish) law means that the court can issue a warrant in the same way so that they can see into encrypted files to see if they contain illegal videos. If the suspect refuses to give the encryption keys they can be charged.


    What's the difference between the locked strongbox and the encrypted file?  The strongbox may not contain illegal videos, it might be the deeds to the suspects property, but the warrant covers checking the contents.  The encrypted file may not contain illegal video, it might be the suspects bank details, but the warrant covers checking the contents.

    I fail to see the difference in privacy issues, just because something is digital.

    Herbie

  • User profile image
    Secret​Software

    AndyC wrote:
    
    SecretSoftware wrote:
    

    Hence its not applicable here. Because an encrypted file is a totally closed system, that does not tell what its "locking" nor hints at it, where a reasonable expectation of privacy applies.

    Hence, its not applicable.


    So, as long as I keep the bodies in an airtight, sealed container, nobody can request a warrant to look into it because a reasonable expectation of privacy applies?

    That's useful to know.


    That is an extreme example, but its true. If the police does not know that there are bodies in your house , how can they get think to ask for search warrants, let alone to know that a murder or death (if natural) had happened at your house?

    See that argument here? I mean a police officer is not a telepathic Betazoid (as in star trek), to read your mind, they have to have partial evidence to use it to get a warrant to get more evidence that would support a case to trial in a fair legal system.

    That is from the technical prespective. In the real world, there are such things as volunteering information etc.., to help.

    But I am talking here from a purely technical prespective.

  • User profile image
    blowdart

    SecretSoftware wrote:
    
    No it does not. In the case of logging into site X, what ever X is, that information is not hidden, and if a computer hard drive is searched and a given file Y is encrypted in the hard drive of the computer that was used to login to a site X with , does not really show that file Y that is encrypted is related to logging into X (it could be a totally unrelated file that was sitting in the harddrive and might have been  created before loggin into site X). Logging (connecting to site X), is public information where there is no reasonable expectation of privacy (unless by agreements). Any network sniffer can be used to find that out at the LAN.


    Actually no; in the UK your surfing habits are private; the Data Protection laws take care of that and a warrant must be raised for the police to have access to it.

    You're obcessing over this single innocent file. Except that's not what we're talking about at all. We're talking about someone being expected to open their encrypted data on the basis that there is evidence against them. Just in the same way that search warrants are used. Why are you not complaining that a search warrant means the authorities could look in perfectly innocent rooms on the basis of a scream from somewhere in a house?

    SecretSoftware wrote:
    
    But I am talking about, a file, say an email, or a letter to your grandmother, or some kind of a legal document, that user X encrypt , how is the officer going to suspect that this encrypted file hold valuable national security information, or valuable evidence to a legal case as opposed to another file?


    But the warrant is not given on the basis of there being an encrypted file; it is given on the suspicion of wrong doing. In your scream example a warrant is not given because there's a multilated body in the basement, it's given on the basis of probability of discovery of illegal action.

    SecretSoftware wrote:
    
    See in the analogy you presented with the lock in a door, the officers cannot just pick and choose to get a warrant because of attribute X of the house (say color, or size).


    And you're still with the straw man arguement. You do not get warrants soley based on the existence of an encrypted file or transaction; you get it based on the balance of probability of illegal activity, and using encryption is *not* enough.

    SecretSoftware wrote:
    
    With a cryptographically generated file , there is no way to sniff information about what is being encrypted (or locked), hence how is the officer going to convince a judge to issue a search warrant for the encrypted (locked) file content ?


    One more time. THEY DON'T.

  • User profile image
    Secret​Software

    Dr Herbie wrote:
    Sorry Secret, I just don't get you distinction between illegal digital content and illegal physical content.

    If a person is suspected of being a pedophile the courts can issue a warrant to search that person's house.  If they find a locked strongbox, they can request that the suspect opens that strongbox to see if it contains illegal video tapes. If the suspect refuses to hand over the keys to the strongbox they can be charged.

    This new(ish) law means that the court can issue a warrant in the same way so that they can see into encrypted files to see if they contain illegal videos. If the suspect refuses to give the encryption keys they can be charged.


    What's the difference between the locked strongbox and the encrypted file?  The strongbox may not contain illegal videos, it might be the deeds to the suspects property, but the warrant covers checking the contents.  The encrypted file may not contain illegal video, it might be the suspects bank details, but the warrant covers checking the contents.

    I fail to see the difference in privacy issues, just because something is digital.

    Herbie


    how does suspicion arises in the first place?


    In a physical world, the system is not mathematically closed, in a digital world , things can be mathematically closed so that what is hidden remains hidden and nothing hints at what the nature of the hidden stuff is. So how are you going to suspect a person in the first place?

    I mean is it random search warrants? or is it warrants because something was "detected" and hence "suspected"?

    I know that argument" if you have nothing to hide, then why not let us see". And that is what you are using here. But the truth is, people use encryption to hide things, hence they do have something to hide. Every one has a secret.

    If someone is suspected to being a pedophile, then they certainly should be searched. But you cannot use this to apply universally. Suppose someone is not suspected of being a pedophile, and they have encrypted files in their hard drive, what criteria then do you get a warrant based on? Their skin color? race? how do you being the process of suspension?

    It certainly is not the case that all people who encrypt things, are bad people who  have bad motives, but there are bad people with bad motives who encrypt. So make laws to target the subset and not the whole, in a clear methodical rules that comprise the law.



  • User profile image
    Secret​Software

    blowdart wrote:
    
    SecretSoftware wrote:
    
    No it does not. In the case of logging into site X, what ever X is, that information is not hidden, and if a computer hard drive is searched and a given file Y is encrypted in the hard drive of the computer that was used to login to a site X with , does not really show that file Y that is encrypted is related to logging into X (it could be a totally unrelated file that was sitting in the harddrive and might have been  created before loggin into site X). Logging (connecting to site X), is public information where there is no reasonable expectation of privacy (unless by agreements). Any network sniffer can be used to find that out at the LAN.


    Actually no; in the UK your surfing habits are private; the Data Protection laws take care of that and a warrant must be raised for the police to have access to it.





    Ok,  but how does the police ask for a warrant , if the data are private to begin with?? I mean if your surfing habits are private because of the Data Protection Laws, then what basis upon which the police can suspect you of wrong doing?

    What gets the balance of probability started? what is it based on?

  • User profile image
    Dr Herbie

    SecretSoftware wrote:
    
    Dr Herbie wrote:
    Sorry Secret, I just don't get you distinction between illegal digital content and illegal physical content.

    If a person is suspected of being a pedophile the courts can issue a warrant to search that person's house.  If they find a locked strongbox, they can request that the suspect opens that strongbox to see if it contains illegal video tapes. If the suspect refuses to hand over the keys to the strongbox they can be charged.

    This new(ish) law means that the court can issue a warrant in the same way so that they can see into encrypted files to see if they contain illegal videos. If the suspect refuses to give the encryption keys they can be charged.


    What's the difference between the locked strongbox and the encrypted file?  The strongbox may not contain illegal videos, it might be the deeds to the suspects property, but the warrant covers checking the contents.  The encrypted file may not contain illegal video, it might be the suspects bank details, but the warrant covers checking the contents.

    I fail to see the difference in privacy issues, just because something is digital.

    Herbie


    how does suspicion arises in the first place?


    In a physical world, the system is not mathematically closed, in a digital world , things can be mathematically closed so that what is hidden remains hidden and nothing hits at what the nature of the hidden stuff is. So how are you going to suspect a person in the first place?

    I mean is it random search warrants? or is it warrants because something was "detected" and hence "suspected"?

    I know that argument" if you have nothing to hide, then why not let us see". And that is what you are using here. But the truth is, people use encryption to hide things, hence they do have something to hide. Every one has a secret.

    If someone is suspected to being a pedophile, then they certainly should be searched. But you cannot use this to apply universally. Suppose someone is not suspected of being a pedophile, and they have encrypted files in their hard drive, what criteria then do you get a warrant based on? Their skin color? race? how do you being the process of suspension?

    It certainly is not the case that all people who encrypt things, are bad have bad motives, but there are bad people with bad motives who encrypt. So make laws to target the subset and not the whole, in a clear methodical rules that comprise the law.





    I think this is a separate issue.  The new law only applies after suspicion has been reasonably argued, and a warrant obtained: if someone is an on-line pedophile and is smart enough to leave no traces whatsoever (other than the contents of the encrypted files on his hard-drive) then that person will never be suspected and will probably get away with it.

    However, most on-line criminals leave evidence (both on-line and in the physical world); like Blowdart's suggested list of reasons for suspicion (association with know pedophile, etc). This is what would generate suspicion, not the contents of the encrypted file. The contents of the encrypted file would only serve in the actual prosecution, not the issuing of the warrant.

    What is the purpose of encrypting files?  I may have personal information that I don't want the people who just burgled my house to see. However, if I were to be accused of illegal activities, I (personally) would be happy to demonstrate that the contents of the file were legal.  If I lost the encryption keys, I might even pay to have the encryption professionally cracked (just like I would pay a locksmith to open a door that I had lost the keys to) too demonstrate my innocence.

    I think you're crossing issues here.  If there were random searches of encrypted files, then I would not be happy.  But that's not what is happening.

    Herbie



  • User profile image
    blowdart

    SecretSoftware wrote:
    

    Ok,  but how does the police ask for a warrant , if the data are private to begin with?? I mean if your surfing habits are private because of the Data Protection Laws, then what basis upon which the police can suspect you of wrong doing?

    What gets the balance of probability started? what is it based on?



    Because, as I've said numerous times above it's based on other evidence gathered; balance of probabilities and all that. There's some leway given for surfing habits, there's an agency that aggregates surfing histories to known child p0rn sites, "donated" by the ISPs. As that's clear evidence of illegality it's not covered by the DPA and thus can be reported.

  • User profile image
    dahat

    SecretSoftware wrote:
    Why would anyone assist in their own rape? I mean that is like asking a woman who is about to get raped to assist the rapist.


    So rather than answer my points you compare this all to rape? Well played! Why answer reasoned arguments with more reasoned arguments when you can get into an emotional hissy fit!

    SecretSoftware wrote:
    There are very specific situations where the law has to win. But in Law we have something called:

    A person cannot testify or be compelled to testify against themselves. (that is why you have the right to remain silent, when you are being arrested).


    Actually it's commonly called the right against self-incrimination, and once again in this case it simply does not apply as by not complying with a legitmate search, you would potentially be guilty (at least) of obstructing justice here in the states, and violating this law over there.

    SecretSoftware wrote:
    If the UK is not a democracy then what is it doing over in IRAQ? are you saying that MR Blair is trying to give the IRAQI people something that his own country does not already enjoy?


    Since the early 1900's the term 'democracy' has come to have a loose meaning of ‘Americanism' (prior to that point it was considered a pretty dirty word) with regards to the general concept of the votes of the people in some way mattering... although even then the term is fundamentally flawed with regards to the British, Iraqi or even American system as it assumes direct control over the government by the people... which really only fully exists in a proper democracy or representative democracy.
     
    SecretSoftware wrote:
    If the US is not a democracy then what is the US exactly? A fascist republic?


    The United States at the Federal level is a constitutional republic.

    SecretSoftware wrote:
    I think you need to get out more, better yet ask around which country your living in. You might be surprised in to find out that your living in  some forest in the amazon.


    Bravo, because you cannot actually refute any point I have made, you break into personal attacks.

    SecretSoftware wrote:

    dahat wrote:
    

    More so, had you actually read the US Constitution... (you know, the little thing you claim has a section that makes "defaming a minority group of people's religious system" illegal) you'd run into something we call the 4th amendment which says:

    United States Constitution: Fourth Amendment wrote:
    The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.


    In short it means that at least in the US such a law would only be applicable with a warrant, which makes sense. As it is today in the US a judge can issue a warrant for the seizure of all PC's and data you own... but without the ability to decrypt the data, the seizure is almost worthless... making the requirement of surrendering of the keys logical... hell, refusing to turn over keys in such a case could be viewed similarly to actively preventing the execution of a search warrant and as your friend Andrew Mayer learned... it's good to follow the legal orders of the police.


    Read up on "HATE SPEECH, Character Assassination, Defamation Laws", these laws keep organizations like "The Anti-Defamation League" relevant in the Court systems.


    I'm quite familiar with them... care to point out the specific section of the constitution that defines ANY of what you just described?

    SecretSoftware wrote:
    LOL. Absence of evidence is not evidence of guilt. The onus of proof is on the prosecutes to show beyond a shadow of a doubt that evidence exists and it points in such and such direction.


    You are confusing the two levels of burden of proof. For a search simply a 'probable cause' is required, while for conviction requires evidence 'beyound a reasonable doubt'.

    SecretSoftware wrote:
    So , intimidating the public, will not work. Remember the public elect the leaders, and the leaders work as the public pleases.


    Once again you resort to a sensational emotional argument rather than discussing the facts. This has nothing to do with intimidation, this has to do with evidence collecting through existing legal processes.

    It's amazing to me that you are so worried about this but not about the fact that the government has the right to issue a search warrant and look through every single drawer, safe, cabinet and any other place you hold things in your house... all on probable cause.

    SecretSoftware wrote:
    Meanwhile, Encryption is the technology by which we maintain our right to privacy, and no one, I mean no one, can take that away.


    What you are advocating is anarchy... and given this sta

    SecretSoftware wrote:
    What should remain a secret, should remain just like that. The founding fathers made that point clear in the document entitled "The Constitution of the United States of America".


    Once again... would you please enlighten the class by pointing to EXACTLY where in the constitution it contains the phrase "What should remain a secret, should remain just like that" or any other supporting statements?

    You so often point to it and yet... I do not think even once you've ever quoted it, let alone done so in a way that supported your argument.

    SecretSoftware wrote:
    Now you can sing and dance to bend or redefine the laws as written, but that will not eat with the people of this republic.


    Given that democracy != republic... does this mean you admit that we are in fact not a democracy?

    SecretSoftware wrote:


    PS:
    Lastly, Do you suppord the existance of Israel even though it was founded using terror against British soldiers and local arabs who were serving in Palestine before 1948? Do you support groups like the Irgun

    Does that make you a terrorist supporting 9ner? I think yes.


    Wow... more personal attacks. Bravo!

    I guess that means then that you gave up on trying to find evidence to support your previous claim that I was a racist and instead decided to try to engage in a bit of tit for tat with a completely unrelated and off topic argument.

    How about you keep the conversation on topic... after all, you don't see me running around asking "Are you now or have you ever been a member of the communist party?"

    Want to ask that question? Fine, do it in the context of a thread on the creation of Israel, not one about your paranoia over privacy.

  • User profile image
    esoteric

    This is why I like nested encrypted partitions. There's no way (assuming the encryption holds) to prove that the nested partition exists. You can demand an encryption key for the master partition (file), but how do you know if there even is a nested partition? You don't.

  • User profile image
    dahat

    And now that I'm up and awake I can get back to responding to his rantings.

    SecretSoftware wrote:
    Secondly, The US Is a democracy. Its a democratic republic.


    Really? So the fact that just the word republic is used in things like... the pledge of alegance and the song The Battle Hymn of the Republic... they really just mean democratic republic?

    Care to point out a line in the US Constitution that says so? Or perhaps from a founding father? I'll save you the time, you'll find neither.

    Furthermore, if this country were in anyway a democracy (again, speaking only about the federal level), citizens would have the definite right to vote for their elected officials.   

    Guess what... they don't. That's right, there is no federal right to vote.

    Don't believe me? Again... find me that line in the Constitution or one of it's amendments (a common (and yet always unfulfilled) request from me I know).

    Sure, there are a few that say that you cannot deny someone the 'right' to vote based on sex or race... but it is not clear on what grants that right in the first place. Why? Because it's up to the states to decide (see Tenth Amendment).

    SecretSoftware wrote:
    And once you elect someone, you CAN impeach them if they violate the law.


    Private citizens cannot impeach, not even in the ballot box, that function is reserved for existing legislative bodies (as defined by the Constitution) and is limited to "The President, Vice President, and all civil officers of the United States"... which technically excludes Senators and Congressmen. Why? Why? Because as representatives of the states (and by extension the people), it is left to the individual sending state to recall them under that states own laws.

    SecretSoftware wrote:
    Previous presidents were impeached.

    Yes they were... just not by the masses. But given that so much of this thread has to do with a British law... care to give modern examples of a PM or sovereign being impeached by the people directly?

    SecretSoftware wrote:
    But back to the main topic, from a technological prespective , how can you enforce this law?

    See my previous comment.

    SecretSoftware wrote:
    Secondly, why are people OK with this law?

    Because it is simply a codification of what already implied by existing law, the right of the government with probable cause to search your person, papers and data.

    SecretSoftware wrote:
    if they are ok with it, then why have encryption at all? Ban cryptosystems all together.

    It's fascinating to me that you are also not accusing people who are ok with this law as also being against safes... because like your encrypted data, the government (with a warrant) has a right to access your safe... and should you refuse to open it or claim to have forgotten the combination... will cut it open.

    SecretSoftware wrote:
    Finally, if you are telling me that UK is not democratic, then what is the UK doing in iraq? STEALING OIL? or spreading democrasy by the barrel of the GUN?

    Do you ever get sick of using emotional non sequiturs?

    What are they (and the US) doing there? The short version is giving the Iraqi people something they haven't had in a very long time... some voice in the shape and direction of their government and the freedom from the kind of violence and oppression they'd known for so long.

    Note I said 'some voice', as even the parliamentary system they now have (as copied from the British), parliament and the PM are pretty insulated from the will/demands of the people. Remember, under the UK system, the people don't even indirectly cast a ballot for PM, it's up to the parliament to elect that person.

    SecretSoftware wrote:
    I mean you can't having both ways, THE QUEEN does not govern, she is just a historic figure, with no say in the affairs of Government.

    Apparently you've never heard of the mandate of heaven (granted its a Chinese concept, the underlying concept is still valid).

  • User profile image
    phreaks

    Bas wrote:
    Speaking of laws, I love how Godwin's Law came into effect in the very second sentence in this thread. I know we can make it the very first sentence, nay, the very first word in the next thread, if we all work together.


    The Bas law is that he is going to point out the Godwins's everytime.

    Perplexed

  • User profile image
    Dr Herbie

    phreaks wrote:
    
    Bas wrote:
    Speaking of laws, I love how Godwin's Law came into effect in the very second sentence in this thread. I know we can make it the very first sentence, nay, the very first word in the next thread, if we all work together.


    The Bas law is that he is going to point out the Godwins's everytime.



    Should Bas' law be a 'meta-Godwin' law -- as soon as Hitler or 'The Fascist party that is not to be named' are mentioned in a thread the likelihood of Godwin's law being claimed increases with each posting?

    Herbie

  • User profile image
    Bas

    phreaks wrote:
    
    Bas wrote:
    Speaking of laws, I love how Godwin's Law came into effect in the very second sentence in this thread. I know we can make it the very first sentence, nay, the very first word in the next thread, if we all work together.


    The Bas law is that he is going to point out the Godwins's everytime.



    Yeah, because that's twice now! Man, I'm a serial-Godwinner.

  • User profile image
    GoddersUK

    SecretSoftware wrote:
    But these laws are fundamentally illegal, because they break the law of privacy that exists in most democratic constitutions.


    I beleive that there isn't technicaly a constitution in the UK.

    SecretSoftware wrote:
    I want to know what would happen to a British citizen who has a file that is encrypted, and they lost the key to decrypt it? Is it fair to jail these people for something that they cannot decrypt?


    Plausible deniability.

    That's what makes this law such a waste of time.

  • User profile image
    ScanIAm

    Bas wrote:
    Speaking of laws, I love how Godwin's Law came into effect in the very second sentence in this thread. I know we can make it the very first sentence, nay, the very first word in the next thread, if we all work together.


    Hiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiitler!

  • User profile image
    Secret​Software

    I think you people, like dahat, and few others, are insane. If the USA is not a democracy then what is a democracy ? is China a democracy? Is Russia a democracy? Is Japan a democracy? If its not the USA then what is?

    I am begining to think that you are one of those Americans  who cant even point to the USA in a map, let alone know that it is a democracy.


    I might respond later on, once I have more time.Big Smile


    PS:
    You are trying to argue that we are some kind of sheep governed by the sheep herders, and that we dont have a say in what our government does. In such a case, and in the light of this new law, what is the definition of privacy? why do we have privacy laws then?

    See it does not make any sense anymore. These , as you argue, appointed officials, must be reading a different constitution than the one I have.

  • User profile image
    phreaks

    SecretSoftware wrote:
    I think you people, like dahat, and few others, are insane. If the USA is not a democracy then what is a democracy ? is China a democracy? Is Russia a democracy? Is Japan a democracy? If its not the USA then what is?

    I am begining to think that you are one of those Americans  who cant even point to the USA in a map, let alone know that it is a democracy.


    I might respond later on, once I have more time.


    PS:
    You are trying to argue that we are some kind of sheep governeed by the sheep herders, and that we dont have a say in what our government does. In such a case, and in the light of this new law, what is the definition of privacy? why do we have privacy laws then?

    See it does not make any sense anymore. These , as you argue, appointed officials, must be reading a different constitution than the one I have.


    America is a democracy, anyone that tries to argue differently clearly doesn't fully understand the terms they use.

    A Constitutional Republic (which the USA is) is an implementation of democracy.

  • User profile image
    Tom Servo

    TrueCrypt hidden volume, plausible deniability.

    The End.

Conversation locked

This conversation has been locked by the site admins. No new comments can be made.