How would this go down in the UK?

tntcoder said:
If you have a decent forensic expert, there's a very high chance he will find it proof of its existence these days. Certainly not worth relying on.
Click to expand...

Hardly, the best theoretical experts in encryption like bruce schneier have been unable to break it, you honestly think the local bobby using encase is going to find it?

Anyway it's excellent to see that in the USA peoples rights are protected, unlike this country.
 
Energize said:
Hardly, the best theoretical experts in encryption like bruce schneier have been unable to break it, you honestly think the local bobby using encase is going to find it?

Anyway it's excellent to see that in the USA peoples rights are protected, unlike this country.
Click to expand...

Especially if they're not looking for it. The whole point of the hidden partition is you open the non-hidden one, and show that the contents are clean. There would be no reason to expect there was anything more to be found. As far as they're concerned, you have complied with the order to open the encrypted volume.

Another thing TrueCrypt has is a keyfile system. Where instead of (or as well as) a password, you use a file. This file could be an image, a document, whatever, up to 1MB in size. Would it be a valid defence to say you lost the keyfile? Like it was being kept on a USB stick which you lost? Because I actually did lose a USB stick once which had a keyfile on it, and I lost a lot of porn that day. :p
 
J.B said:
To me the author seemed like an idiot. Guilty or not, mistake or not he still seemed like an arrogant so and so!

Its a tough subject though, if you are completly innocent then you have a right to privacy but if you are guilty....

I think we have it right with the RIPA to be honest. Alright some privacy is compromised but they must have good reason to invoke the act in the first place.
Click to expand...

Actually there's very very little oversight on how the law is used, it can be called on by local councils (anyone of 'service manager' grade or higher can authorise it) rather than the police, and yet the penalties for refusing remain the same. Councils have been using it to check on people suspected of fly tipping, standard littering or even failing to pick up dog poo. In 2007 there were 12,494 uses of the act by local councils to initiate electronic surveillance of people, including monitoring their email and attempting to access their PCs under the act. I've not found numbers for 2009-10 but you can bet it's increased significantly. :)
 
Energize said:
Hardly, the best theoretical experts in encryption like bruce schneier have been unable to break it, you honestly think the local bobby using encase is going to find it?

Anyway it's excellent to see that in the USA peoples rights are protected, unlike this country.
Click to expand...

See this paper as an example: http://www.usenix.org/events/hotsec08/tech/full_papers/czeskis/czeskis_html/ it isn't about breaking the actual deniability, as yes that can be shown mathematically to be provably secure. Information Leakage however is a serious problem, ensuring everything is contained solely within the hidden area isn't an easy task. People make mistakes, and yes encase will pick up such leaked information under certain usage scenarios.

Only said I wouldn't want to rely on it, your local cops may or may not be able to detect it, but plausible deniability while awesome from the mathematical viewpoint is full of holes in the real world IMO.

Still better than nothing though i guess :)
 
Last edited:
But if you genuinely don't know them (say you made a true crypt volume years ago to hide porn or something when you where younger ast home or just to mess around and learn it), get arrested on suspicion of something and they search your computer they can't find any evidence of the crime (ie you actually are innocent) and bang 2-5 years for not remembering every password you've ever used.
 
Energize said:
Hardly, the best theoretical experts in encryption like bruce schneier have been unable to break it, you honestly think the local bobby using encase is going to find it?

Anyway it's excellent to see that in the USA peoples rights are protected, unlike this country.
Click to expand...

Breaking the entire encryption is one thing, if you know what your looking for (i.e. JPEG headers) and have an idea of what kind of encryption is used tho its within the realm of possibility to break selective data out of encrypted volumes - depending on the encryption tho it might not be worth the time and resources required for your average criminal case - yes not something your local bobby is gonna do but there are people who do such services for the security services, SOCA, etc. in the UK so I'd assume the FBI has similiar services.

Its an order of magnitude less of a task to break encryption when you have an idea of what your looking for, especially if you know roughly what algorithm is used, its when you don't know anything about the possible data stored inside that it becomes inordinately difficult.
 
Last edited:
Tefal said:
But if you genuinely don't know them (say you made a true crypt volume years ago to hide porn or something when you where younger ast home or just to mess around and learn it), get arrested on suspicion of something and they search your computer they can't find any evidence of the crime (ie you actually are innocent) and bang 2-5 years for not remembering every password you've ever used.
Click to expand...

Yer that's interesting. I would like to know how that would be approached legally. I'm guessing they must have to have some kind of evidence other than just suspicion to throw the book at you for claiming you forgot the keys.
 
Tefal said:
But if you genuinely don't know them (say you made a true crypt volume years ago to hide porn or something when you where younger ast home or just to mess around and learn it), get arrested on suspicion of something and they search your computer they can't find any evidence of the crime (ie you actually are innocent) and bang 2-5 years for not remembering every password you've ever used.
Click to expand...

Could you honestly get imprisonment if you forget a password?

I've forgotten many passwords in my years of using computers/internet. In most cases, there is usually a facility to retrieve passwords by answering a few security questions (usually the password is reset). However, if the password is known to you and no one else, should you forget your password, there is absolutely no other way to retrieve it. In such a case, surely you can't be punished for "forgetting" your password?
 
sunama said:
Could you honestly get imprisonment if you forget a password?

I've forgotten many passwords in my years of using computers/internet. In most cases, there is usually a facility to retrieve passwords by answering a few security questions (usually the password is reset). However, if the password is known to you and no one else, should you forget your password, there is absolutely no other way to retrieve it. In such a case, surely you can't be punished for "forgetting" your password?
Click to expand...

yes, because you can't prove you forgot it and aren't just saying you have to avoid handing it over.
 
SlyReaper said:
From the article, it sounded like he didn't deliberately download child porn, just downloaded a file which, unknown to him, contained child porn. Obviously, you want to take that with a pinch of salt considering the source, but that can happen.

TrueCrypt has a useful feature which you can use in case you are forced to reveal your password. You can create a hidden partition inside the main encrypted partition. Basically, you enter your main password to decrypt the main volume (which can contain all your normal porn), and if you use your super-top-secret password, it opens a smaller encrypted partition (which contains the stuff you really really really don't want anyone to see). And because of the way TrueCrypt deals with volume headers and whatnot, there's no way to prove there's a hidden partition in there. It just looks like random bits, which you would expect.
Click to expand...

Speaking from experience here? :D
 
It should be innocent until proven guilty but our government are a bunch of lobbying sell-outs, if it wasn't for the Bill of Rights then US law would probably be just as bad.
 
Tefal said:
Britain's laws in regards to Computer related things pretty much leave "innocent until proven guilty" at the door.
Click to expand...

Unfortunately very true and it doesn't help that most appear to have been written without any recourse to what's technically possible.

In this case it's particularly nasty as it violates the principle that you can't be forced to incriminate yourself which was once upon a time a principle of our legal system.
 
xJcBx said:
I don't know wether this is a good thing or a bad thing.. Encryption is suposed to be for hiding things from bad people, not for the bad people to hide things :l

Although it shows how much of a good program it is and how I think i'm going to invest in it for my external HDD now.
Click to expand...

Erm.... why...

Not the smartest thing to say considering the material this is associated with encrypting.
 
You must log in or register to reply here.
Back
Top Bottom