Judge orders woman to give up password to hard drive

Originally posted by THE_PROFESSIONAL
reply to post by OccamsRazor04

 

Here is your problem, if someone gets a warrant, what are they looking for? Do they already have evidence? You can get a warrant for the key for the lock but not the combination.

You make a good point. Is the password a key, or a combination. It actually fits both descriptions I think, but is neither. I believe much like a persons private dwelling, the court has the right to compel, so long as evidence for the search is provided, a person to provide access.

They may not be entitled to the password (removing any testimonial information), but they are entitled to access (which is what the key provides). I do not have the right to deny access to my personal home to law enforcement officers in possession of the proper warrant, and I should not be able to deny them access to my computer, so long as they provide the proper warrant.

reply to post by noxvita83


That is not a court cost, that is the cost involved in aquiring evidence by law enforcement. This will be coming out of your taxes my friend.

reply to post by Reaper2137


The 5th precludes a judge from ordering a person to give up the combination to a safe. Just an FYI.

reply to post by paraphi

I would feel exactly the same no matter what the crime ..you are presuming guilt of the accused I am defending the 5th amendment..why don't we make confession mandatory? That would speed things along and help the prosecution. Would save lots of money too

Peace

Update:

www.newtechobserver.com...

www.wired.com...

“They must have used or found successful one of the passwords the co-defendant provided them,” Fricosu’s attorney, Philip Dubois, said in a telephone interview Wednesday.

So her husband either ratted her out on possible passwords or the government stumbled onto a password that she used for other things (eg email)..

Note it was not cracked, she just did not use a good enough password.

Lesson: Do not share your passwords with anyone and make good passwords that you do not resuse.

Originally posted by scotsdavy1
Can she not just say that she forgot her password? I have so many passwords it is getting beyond a joke these days....

Exactly. If that were me I'd just say that I have the early stages of Alzheimer's. Although I'm 24, so I doubt anybody would believe me lol.

Edit: I forgot to mention, if law enforcement ever wants to look at your hard drive and you're pretty sure that they will get a warrant, just microwave it. I'm not even kidding. That will destroy every piece of data that it contains.

Originally posted by Xaphan
Edit: I forgot to mention, if law enforcement ever wants to look at your hard drive and you're pretty sure that they will get a warrant, just microwave it. I'm not even kidding. That will destroy every piece of data that it contains.

edit on 21-5-2012 by Xaphan because: (no reason given)

Whoops. I should update this with one safety precaution:

If you ever have to resort to microwaving your hard drive, do it outside. Plug your microwave into one of the outdoor outlets on the side of your house, or in your garage with the garage door open, because doing this will most likely create some really noxious smoke/fumes that could be devastating to your health if inhaled. If you don't have outlets outside I suppose you could just feed an extension cord through a window or whatever. Just don't do it indoors, and don't stand anywhere near it. Set it for a good ten minutes or so and walk away quickly. Keep in mind that this will also destroy your microwave.

I'm pretty sure you dont need a password to view the contents of someone's hard drive. If there is material on that drive which needs to be seen to determine the outcome of this trial, then it's an obstruction of justice not to allow cops to see that material for starters, and secondly they should have no problems cracking the thing open to see what's on there.

reply to post by Lazyninja


Apparently your Ninja skills need some brush up.
It is rather easy to encrypt a hard drive and require a password.

You cannot be compelled to provide evidence against yourself thats not obstruction of justice its a civil right.

If you have the time take a hammer and whack it a few dozen times. Drilling thru it with a electric drill a couple of times works too. And if you want to add insult to this urinate on the drive and then place it in the garbage can.

Let them try getting data from that.

I think giving a password up is self-incrimination.

I don't think they should require that. Seems unconstitutional to me. I don't care what the judge says.
I don't think you should have to give up your spouses either.

I had a business grade Lenovo laptop once. The coolest feature about it was it had a secure hdd.

That is, the hdd was by default, encrypted by the hard drives own electronics. You had to input a hdd unlock password before the machine would even boot up. No password, the drive wouldn't even spin up. Wrong password, the data on it remained encrypted. The only way law enforcement could have gained access to it, was to seize the machine while it was powered on and operational.

Sad thing was, it got stolen by a local meth-head. We all know who stole it, just can't prove it.

As for steganography, police are well aware of it. In the UK, if they raid, you'd better supply 2 passwords. One for the outer volume, one for the hidden volume. In the UK, its an offence to fail to supply a valid password, punishable by 6 months in jail (which can be repeated until you finally give it up). Its also an offence to destroy the data. "Willful destruction of evidence".You;d have a hard time convincing a ccourt that it wasn't evidence, since you destroyed it.

Pretty much the only valid defence in the UK, is "I've forotten it, guv, sorry sir. I'd had a few to many bevvies that night".

Also, truecrypt had a flaw at one time, don't know if it still does. It cached the passwords in RAM, and they could be extracted by forensics from the RAM. RAM chips, if handled correctly, retain the last data written to them for up to 30 minutes of being powered down. They have to be kept cold (below -20C), very cold, but it gives them time to whip them out of your machine, and remount them in another machine where the passwords can be extracted.

This phenomenon has been known for years, but only really studied since 2002, its called "Data Remanence in RAM".

reply to post by ntech


A modern digital forensics lab would extract the data off that, before breakfast. Sorry. They would just unscrew the platters from the spindle, remount them in a special machine which can extract the data from any undamaged surfaces. True, they wouldn't get all the data, but they'd get a large amount of it.

Only secure way of physically destroying the data, is to grind the platters into dust.

Silly civilian...Just shut up and do what your told!!!

This is the world we live in today.

reply to post by BMorris

Or the easiest way: Just go 20 miles out into the woods and bury it a few feet deep. They would have no way of knowing where it was.