Posted on 01/24/2012 12:06:01 AM PST by LibWhacker
Something like that would probably be addressed via treaty. It might have to be in a truly enemy country (North Korea?) in which case you wouldn’t trust them with your data any further than you can throw them.
In the early days, PGP was open source. It was practically impossible for anyone to insert a back door; too many cryptologists and programmers would’ve seen it and raised the alarm. Now that Symantec owns it . . . who knows?
Oops, sorry, databoss. My last comment was meant for Loyal Sedition.
What do they do to journalists who refuse to give up sources? Jail them.
I would just give them a wrong passphrase. When it doesn't work, say, well, that is what I thought it was. At least shift the burden of proof of whether you are lying or not to them. But I stopped using PGP in email ages ago - figured it would flag me for this kind of problem.
Still available open source without the bells and whistles. www.gnupg.org/
Another interesting thing about this case is just how far encryption technology has advanced (as in, advanced in what is available to ordinary citizens and not just military cyphers working on cryptography). There used to be a time that having a 'password' meant nothing, and for the vast majority of people that still applies. However, nowadays it is possible to get a proper encryption program that can make it very difficult for someone to access your files (they can still do so, but it would be quite the task for the vast majority of entities that would be seeking to do so). Hence this case.
I wonder if some FReeper knows how far the technology available to the public has gone. With more and more information being stored in the Cloud one can expect such technology to get better.
If you own a safe, do you have to provide the combination for it to the government if they demand it?
If you don’t provide it can they legally put you in jail as a result. This is no different.
If past law doesn’t allow forcing the combination out of you by threat of jail then this will fail in the supreme court because it is no different.
You can simply encrypt the same file multiple times using different passwords each time. To undo it you have to use the right passwords in the right order. With good encryption without back doors and then piling on the layers it would be essentially impossible to undo it without the key information.
I think it is more about severe crime versus non crimes for me in this issue.
The solution: using TrueCrypt or any similar program, encrypt the entire drive, and then (still using the encryption program) create a “hidden” encrypted volume on the drive for things you don’t want just anyone to find. “Decrypting” merely means you have given the “key” to the processor so it can interpret the encrypted data on the drive. The drive is not suddenly readable to all. The “hidden” volume will look the same as empty space on the drive. Since it is indistinguishable from empty space, there is no way for the government to prove you have anything hidden on the drive.
This should, in theory, work. However, there is always the possibility that the government holds “back doors” to the publicly available encryption algorithms that will allow them to detect any double-encrypted files. Also, this will not guard against them “unwinding” the encryption, though whether that would reveal any hidden volumes might be debatable.
Truecrypt is open source, so the the possibility of back doors is just about non-existent. It sounds like you are suggesting they may have cracked the encryption, which may well be possible. Also, while I know they say the inner volume appears as empty space I don’t put a whole bunch of faith in that. The FAQ on that is here, in case anyone is interested:
http://www.truecrypt.org/docs/?s=plausible-deniability
What’s worse is that this isn’t some lib activist judge. This guy was appointed by W.
Thanks. I figured Symantec probably wouldn allow anyone to maintain open source versions. I guess Zimmerman must’ve stipulated otherwise when he sold it, which is a good thing; I won’t have to fall back on the ancient versions I downloaded in the early 90s. For now, I don’t use PGP. I’ve never been able to get a single one of my friends or relatives to show the least bit of interest (yet they still lick the flap shut on their snail mail).
>> I guess Zimmerman mustve stipulated otherwise when he sold it
Yeah, exactly. My understanding is he insisted on that.
That is true....
The biggest practical problem here would be keeping the harmless “decoy” up to date. You would have to web surf entertainment sites, play games, etc. and that eats up time, and has to be done all the time. Now if the computer could be made to show operating systems running in both the decoy and the hidden volume simultaneously, keeping the decoy up to date would be easier, but that probably creates other problems.
Wow, thanks.
This subject came up yesterday when my 16 yr old daughter was amazed that a woman got 5 years probation (yes, she does scan the news sites-which I am proud of! She is particularly political-which I am also proud of, heee) for SPANKING, not beating (no bruises), but SPANKING her child and the judge said “We don’t spank in this day and age...”
She said, so what do we do when the judicial branch oversteps it’s authority. What other branch deals with them. My 16 year old is a wildfire and doesn’t hesitate to tell you that her fear of the ‘whooping’ she would get tamed her a lot of times in her younger days. Thank GOD she outgrew most of it. Now she just needs to outgrow her mouth, but still... not so bad. Her brains makes up for most of it. ;o)
I did not have answer (but also... PROUD!) Maybe you guys can help me with this?
We need the format button called decrypt.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.