[144339] in cryptography@c2.net mail archive
Re: Judge orders defendant to decrypt PGP-protected laptop
daemon@ATHENA.MIT.EDU (=?UTF-8?Q?Ivan_Krsti=C4=87?=)
Wed Mar 4 10:11:10 2009
Cc: cryptography@metzdowd.com
From: =?UTF-8?Q?Ivan_Krsti=C4=87?= <krstic@solarsail.hcs.harvard.edu>
To: Perry E. Metzger <perry@piermont.com>
In-Reply-To: <87prgygosa.fsf@snark.cb.piermont.com>
Date: Tue, 3 Mar 2009 21:33:23 -0500
On Mar 3, 2009, at 6:38 PM, Perry E. Metzger wrote:
> So, the court is not going to pay the least attention to your
> elaborate claims that you just like storing the output of your random
> number generator on a large chunk of your hard drive. They really
> don't give a damn about claims like that. Actually they do
> care. They'll be pissed off that you're wasting their time.
You miss the point.
Re-read the link I provided that explains how TrueCrypt implements =20
hidden volumes. A hidden TrueCrypt volume is *completely =20
indistinguishable* from empty space in a regular TrueCrypt volume. =20
That's what makes it hidden!
As I implied in the 2004 message in the context of political =20
dissidents, a good use for hidden volumes isn't to distract your =20
prosecutor with kittens and sunsets. That's just plain stupid, =20
regardless of whether you're dealing with a US judge or someone whose =20=
preferred method of communication involves a pair of pliers and a =20
blowtorch.
The idea is to present an alternative but *plausible* set of =20
information that's far less incriminating than the real deal, such as =20=
only mildly illegal material or legal material that the owner would =20
still plausibly wish to keep secret for social reasons. I gave you a =20
concrete example: hardcore or fetish porn (legal, but plausibly not =20
the kind of thing whose possession you wish to advertise) provided to =20=
investigators to mask a secret volume with kiddie porn.
If you give me the benefit of the doubt for having a reasonable =20
general grasp of the legal system and not thinking the judge is an =20
automaton or an idiot, can you explain to me how you think the judge =20
can meet the burden of proof for contempt in this instance? Surely you =20=
don't wish to say that anyone using encryption can be held in contempt =20=
on the _chance_ they're not divulging all the information; what, then, =20=
is the other explanation?
--
Ivan Krsti=C4=87 <krstic@solarsail.hcs.harvard.edu> | http://radian.org
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
