MN: Encryption Software Evidence of Criminal Intent


PDA






Dave Markowitz
May 25, 2005, 10:11 AM
Apparently, a Minnesota appeals court thinks so. See http://news.com.com/2100-1030_3-5718978.html.

As with a lot of hard cases, the defendant in this case isn't especially sympathetic -- he's someone convicted of a child pornography charge. That said, let's step back for a second, especially in light of the fact that,

"The court didn't say that police had unearthed any encrypted files or how it would view the use of standard software like OS X's FileVault."

In other words, the the mere presence of encryption software -- in this instance PGP -- on a defendant's computer can be evidence of criminal intent. Wow.

As Declan McCullagh mentioned in the linked article, Mac OS X includes "FileVault," an encryption utility. Microsoft Windows 2000 and XP allow you to encrypt files. Various Linux distributions, such as SUSE, support CryptoFS. And of course there is a plethora of third-party encryption utilities like PGP and GNUPG. Now a court has said that having any one of these programs loaded on your computer can be used as evidence against you in a court of law.

How does this square with the Fourth Amendment right to be "secure in [one's] ... papers, and effects .." Or the Fifth Amendment's proscription against being compelled to bearing witness against oneself?

This court's line of reasoning can easily lead elsewhere. I wonder what other items the court might look at as evidence of intent. It's not too much of a stretch to see it used as another way to undermine the Second Amendment.

If you enjoyed reading about "MN: Encryption Software Evidence of Criminal Intent" here in TheHighRoad.org archive, you'll LOVE our community. Come join TheHighRoad.org today for the full version!
LawDog
May 25, 2005, 10:44 AM
I've got several personal files encrypted on my home 'puter.

Good thing I'm not in Minnesota.

LawDog

Vernal45
May 25, 2005, 10:47 AM
Not to get this off topic. What are some good encryption softwares? Either free or purchase.


Back on topic. This is bad, so if you run a legal business, and encrypt your files, you are guilty of something? It would allow for PC. MORE gets piled on the Police State heap

Art Eatman
May 25, 2005, 11:01 AM
Separate from this particular defendant: From what I'm reading, here and there, if you're involved in any controversy with the Feds--e.g., political activism of some sort that's non-PC--you better not have any files in your computer that relate to your activities.

Not only saved, but kept at a separate location. Ask Tim Sundles of Buffalo Bore Ammunition. He got caught up in a USF&WS witchhunt about wolves, and all his business records were taken. Cost him some $35,000.

Art

Dave Markowitz
May 25, 2005, 11:07 AM
Vernal45, check out PGP (http://www.pgp.com/) and GNUPG (http://www.gnupg.com/) . If you are using Windows 2000 or XP, or Mac OS-X, you already have the capability to encrypt files on your hard disk.

Art ... yup. :(

jefnvk
May 25, 2005, 11:09 AM
I suppose next, it will be used against you if you have locks on your doors.

cordex
May 25, 2005, 11:35 AM
The way I read this was that in this particular instance, the presence of PGP on his computer was used evidence that he was trying to hide what he knew was a crime. Y'know ... mens rea and all that. Of course, they'd probably also have to prove that he used it to encrypt his child porn.

Then again, I could be wrong.

rick_reno
May 25, 2005, 11:46 AM
It's not about the content anymore - welcome to the Gulag.

Vernal45
May 25, 2005, 11:46 AM
check out PGP and GNUPG . If you are using Windows 2000 or XP, or Mac OS-X, you already have the capability to encrypt files on your hard disk.

Thanks. Will check those out, guess I am a computer dummy, did not know xp had encrypt programs, cant figure out how to use it, :D , but will keep trying.

dolanp
May 25, 2005, 11:57 AM
Hey that guy has a safe, he must have ILLEGAL GUNS!

Same logic really. This court is foolish.

Jacobus Rex
May 25, 2005, 12:03 PM
I agree with Cordex. I think they are helping to establish the fact that he knowingly had illegal material. To use a different example: If a person was arrested in a bank with a gun, ski mask, and a bag. It would be difficult for that person to argue that they just accidentally entered the bank with a gun because the ski mask and bag show intent. Having the bag and ski mask is not a crime but the possession of them in combination with a gun inside the bank establishes intent to commit a crime.

BryanP
May 25, 2005, 12:04 PM
Vernal45,

If you use the 2000/XP's ability to encrypt files or folders be aware that if you use any method to reset your login password that does not require typing in the old password first - i.e., changing it from the Manage Users & Groups or by a third part program such as NTPassword, (http://home.eunet.no/~pnordahl/ntpasswd/) your access to those files will be gone and not recoverable by reasonable means.

BryanP
May 25, 2005, 12:09 PM
Reading the article it says

"We find that evidence of appellant's Internet use and the existence of an encryption program on his computer was at least somewhat relevant to the state's case against him," Judge R.A. Randall wrote in an opinion dated May 3.

That doesn't necessarily mean they're saying it constitutes criminal intent, merely that it is relevant to the case. If I'm charged with shooting someone my ownership of a gun doesn't constitute criminal intent but it is relevant to the case. Any of our resident lawyers want to weigh in on this?

Dave Markowitz
May 25, 2005, 12:12 PM
I agree with Cordex. I think they are helping to establish the fact that he knowingly had illegal material.

That's what they are using it for, but do we want to go down that road? The court did not find that the defendant had actually used the encryption software to protect any files on his PC. The mere presence of the software was allowed as evidence of criminal intent.

This is akin to allowing the fact that someone legally possessed a firearm during the commission of tax fraud to be used as evidence of criminal intent.

dolanp
May 25, 2005, 12:13 PM
I would not trust Microsoft's encryption personally.

If you use PGP or GPG (free variant) be sure to use symmetric encryption with a strong password. I recommend 256-bit AES algorithm. Using the public key to encrypt personal files will not do you much good since the private key is sitting on the hard drive readily available to whomever has access to your computer.

jefnvk
May 25, 2005, 12:55 PM
The poiint is not wherther or not built in encryption is good enough, the point is that the lattest Windows and Mac OS's come with some sort of encryption built in, and having the encrypted files got him in some trouble.

Alex45ACP
May 25, 2005, 01:00 PM
The noose just keeps tightening...

R.H. Lee
May 25, 2005, 01:09 PM
Even if the files were kept off site (on a remote server), the encryption software would still have to be on the computer, right? Could both the files and the encryption software be kept on a plug in device? How would that work?

Vodka7
May 25, 2005, 01:14 PM
http://www.pgp.com/downloads/desktoptrial.html

PGP 9.0 "Desktop Trial" is what used to be known as PGP 8.0 Freeware. As part of the deal the new PGP company made with the company they bought the rights from, they have to offer a free version of PGP forever, but you'd have no idea of that going through their webpage. Basically, the trial gives you 30 days of all the bells and whistles, and then regular PGP for life. IIRC correctly, you lose the e-mail and IM plugins, but keep the ability to encrypt/sign/decrypt/verify files and text.

http://www.truecrypt.org/downloads.php

TrueCrypt 3.1a creates container files that can be mounted to look like a new hard drive in Explorer. Anything you save in these container files is encrypted--to make it so no one can access them, all you have to do is press a key combo to unmount the drive. (Drives are not mounted at bootup.) Popular commercial alternatives include PGPDisk and DriveCrypt.

http://www.stud.uni-hannover.de/~twoaday/winpt.html

WinPT (Windows Privacy Tray) is a PGP-like frontend for GnuPG. To install both at once, pick the option labelled "graphical installer with WinPT and GPG". I don't know what features GnuPG has compared to PGP, but it seems to be a very popular alternative.

And a quick reply to RileyMC - all you need from your PGP installation is your private keyring (public would be nice, too, but not necessary if you and your friends are good about sending those to the public keyservers.) The private keyring is well under a meg in size and could be easily transported on anything as archaic as an old floppy disk. As long as you have the private keyring, you can import it to any installation of a PGP compatible program and use your password to decrypt your files there.

The Freeholder
May 25, 2005, 01:30 PM
But hey, so many people tell us that we're not on the way to a police state, so we shouldn't worry about this, right? :fire:

We find that evidence of appellant's Internet use and the existence of an encryption program on his computer was at least somewhat relevant to the state's case against him," Judge R.A. Randall wrote in an opinion dated May 3.

Randall favorably cited testimony given by retired police officer Brooke Schaub, who prepared a computer forensics report--called an EnCase Report--for the prosecution. Schaub testified that PGP "can basically encrypt any file" and "other than the National Security Agency," nobody could break it.

By this logic, if I'm running Windows 2000 or later, or Mac OS X, the fact that I have the capability to encrypt stuff on my computer and access to the Internet can be used against me as evidence if I should be accused of a crime--as long as it's "somewhat relevant". Even when there is evidence that I didn't use it in commission of the crime of which I stand accused. Now there's a nice squishy situation for you.

So by analogy, the fact that I own a gun and ammunition--not that I have used it, remember--those facts alone could be used against me in court if they were "somewhat relevant" to the crime I'm accused of.

The crime isn't child pornography, it's oh, tax evasion or something similarly nonviolent. Hey' it's somewhat relevant! I was knowingly doing something illegal and I may have planned on using the gun on an investigator.

:what:

Standing Wolf
May 25, 2005, 02:13 PM
We have far too many government pay check cashers with far too much time on their hands and far too little actual work to do.

We should let a few hundred thousand of them go.

The_Antibubba
May 25, 2005, 02:16 PM
I have OS X-how do I locate the encryption?

cordex
May 25, 2005, 02:27 PM
"We find that evidence of appellant's Internet use and the existence of an encryption program on his computer was at least somewhat relevant to the state's case against him," Judge R.A. Randall wrote in an opinion dated May 3.
and
Levie's conviction was based on the in-person testimony of the girl who said she was paid to pose nude, coupled with the history of searches for "Lolitas" in Levie's Web browser.
Again ... he was not arrested and convicted for having PGP. It was presented as "somewhat relevant to the state's case." From there, the judge and jury had to make determinations as to whether or not it was - in fact - something worth giving consideration. I'm sure a decent defense would ask questions like:
"Were encrypted files located on the machine?"
"Do you have any evidence any such encrypted files located contained illicit materials?"
And so forth.
That wasn't enough to save him.

Assuming the nine-year-old girl was telling the truth, I'm not worried a bit since that's the evidence that really skewered him.

Beren
May 25, 2005, 03:01 PM
If a person was arrested in a bank with a gun, ski mask, and a bag. It would be difficult for that person to argue that they just accidentally entered the bank with a gun because the ski mask and bag show intent. Having the bag and ski mask is not a crime but the possession of them in combination with a gun inside the bank establishes intent to commit a crime.

Um. Last winter, I went into my bank to cash a check. I had my ski mask in my jacket pocket, along with squished up shopping bag from a convenience store I had visited just prior. I also had a handgun concealed on my person. So I could've been charged with "intent?"

Those of you who want to trust encryption routines in commercial software: think carefully about it. I'm not a tinfoil hat person, but I'm paranoid enough not to fully trust encryption software if I can't view its source code. I wouldn't be at all surprised if .gov had backdoors to the encryption routines used by Windows and OS X. A backdoor in PGP would surprise me. However, OpenPGP, Linux, FreeBSD - all of these have openly auditable source code available.

Based on the girl's testimony, this guy should spend a nice long time in prison. I don't have any sympathy for him. But to consider the presence of encryption software alone as proof of intent to commit a crime seems ridiculous. There are other, perfectly reasonable legal uses for the software, even for a scumball child pornographer.

Dave Markowitz
May 25, 2005, 03:16 PM
I have OS X-how do I locate the encryption?

Open System Preferences and select Security.

Why, you're not planning to do anything illegal now, are you? ;)

DigitalWarrior
May 25, 2005, 07:55 PM
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

I would recommend using asymetric encryption. Symetric does not provide
sender authentication, non-repudiation. In addition symetric encryption
suffers from an inability to distribute the shared key in a secure manner.

Also, the hashing algorithms SHA and AES have recently been smashed by the
Chinese. Use better.

Will Albenzi

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.0.0 (Build 2001) - not licensed for commercial use: www.pgp.com

iQEVAwUBQpUPyVXfDRWNpSD+AQiuvAf9HLOODHbzcHjZaP+cqlqe6cLHTE7u9Dks
EOyu4XxhZ34t3X1FX1tO9PsAA4b41fn4kJKFRME5d83sAvxSJVj4T7teBWlumrYa
nkdU5Ncr565mHLm13xhWcSWE3EH6MbzYnYJkVeL6bWz7UJuEs3MOQS+NBexJjl48
A/7T1tBE5lsfXz+/wiPAf+cHG3ln79Q3FtK5/+hA7xHjM7WBFMAu7lLF7x9QSu0s
BoV4EGrkV+zg26J0eDqnAEZVaeL2BJqM5LPkYaxPnh9iEJ2046G1KaDAo2bfnJfE
dx3/QB6yoHbFwje7WW15mFAKWqhfZsL7A3ikmEnJSCGOV7m0y5uvMw==
=d43q
-----END PGP SIGNATURE-----

sm
May 26, 2005, 04:40 PM
If one uses an External Hard Drive, does this add a level of security?

Say for instance one uses a External Hard Drive , and each night and this is placed in a vault to protect sensitive files. Let us say for banking, patient accounts, or on-line Stock Trading.

Are there any 'ghosts' left on the computer the EHD was used on?

I might want to download a Copy of 1984 , UC , EFAD ...and the Constitution before they start banning books, historical documents and such.

cordex
May 26, 2005, 04:57 PM
sm,
It Depends.

What programs are you using to access the data on the external hard drive?

sm
May 26, 2005, 05:14 PM
I don't know - yet. I'm thinking tho'.

Honest, I am an older returning student taking IT. I am not to that part of my education yet. I transferred to another College having all my Core stuff ( readin' , writin' and 'rithmetic) behind me. So far been doing all the fun Micro Apps, Voice Data, Cabling, Elec for PC , IT Essentials I...etc. Getting ready to start more of the Cisco stuff.

Before I started the IT bit, I was wonderin' how one could protect their privacy..been 'concerned' about stuff like this, and gummit meddlin since I was a wee pup.

Having been hit hard by ID theft - mail stolen with my SSN on School documents, bank records, CC bills...

Well...you see, this IT stuff I can see being a useful tool. * ahem* Me being me and all...if I ever finish these studies I have an idea what I want to do. :) Hint: It ain't gov't meddlin' ;)

Actually looking for another job that will allow me to attend School , and learn some valuble ...err...training. :uhoh:

Just Wonderin' :D

Dave Markowitz
May 26, 2005, 08:46 PM
sm,

"Ghosts" of data stored to an external storage medium could be left in a swap file.

Fletchette
May 26, 2005, 09:04 PM
I know I am beginning to sound like a broken record, but why not just charge him for the actual crime instead of adding made-up crimes as enhancers?

Just like the previous thread that used a burgler as an example, why not just charge him of burglery, or attempted burglery, instead of "Possession of burglery equipment" (ie, a screwdriver)?

If you enjoyed reading about "MN: Encryption Software Evidence of Criminal Intent" here in TheHighRoad.org archive, you'll LOVE our community. Come join TheHighRoad.org today for the full version!