Quantcast
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

MN: Encryption Software Evidence of Criminal Intent

Discussion in 'Legal' started by Dave Markowitz, May 25, 2005.

Thread Status:
Not open for further replies.
  1. Dave Markowitz

    Dave Markowitz Member

    Joined:
    Dec 24, 2002
    Messages:
    6,887
    Location:
    Plymouth Meeting, PA
    Apparently, a Minnesota appeals court thinks so. See http://news.com.com/2100-1030_3-5718978.html.

    As with a lot of hard cases, the defendant in this case isn't especially sympathetic -- he's someone convicted of a child pornography charge. That said, let's step back for a second, especially in light of the fact that,

    "The court didn't say that police had unearthed any encrypted files or how it would view the use of standard software like OS X's FileVault."

    In other words, the the mere presence of encryption software -- in this instance PGP -- on a defendant's computer can be evidence of criminal intent. Wow.

    As Declan McCullagh mentioned in the linked article, Mac OS X includes "FileVault," an encryption utility. Microsoft Windows 2000 and XP allow you to encrypt files. Various Linux distributions, such as SUSE, support CryptoFS. And of course there is a plethora of third-party encryption utilities like PGP and GNUPG. Now a court has said that having any one of these programs loaded on your computer can be used as evidence against you in a court of law.

    How does this square with the Fourth Amendment right to be "secure in [one's] ... papers, and effects .." Or the Fifth Amendment's proscription against being compelled to bearing witness against oneself?

    This court's line of reasoning can easily lead elsewhere. I wonder what other items the court might look at as evidence of intent. It's not too much of a stretch to see it used as another way to undermine the Second Amendment.
     
  2. LawDog

    LawDog Moderator Emeritus cum Laude

    Joined:
    Dec 20, 2002
    Messages:
    2,101
    I've got several personal files encrypted on my home 'puter.

    Good thing I'm not in Minnesota.

    LawDog
     
  3. Vernal45

    Vernal45 member

    Joined:
    Feb 28, 2005
    Messages:
    729
    Location:
    USA, I travel alot.
    Not to get this off topic. What are some good encryption softwares? Either free or purchase.


    Back on topic. This is bad, so if you run a legal business, and encrypt your files, you are guilty of something? It would allow for PC. MORE gets piled on the Police State heap
     
  4. Art Eatman

    Art Eatman Administrator Staff Member

    Joined:
    Dec 22, 2002
    Messages:
    42,982
    Location:
    Terlingua, TX; Thomasville,GA
    Separate from this particular defendant: From what I'm reading, here and there, if you're involved in any controversy with the Feds--e.g., political activism of some sort that's non-PC--you better not have any files in your computer that relate to your activities.

    Not only saved, but kept at a separate location. Ask Tim Sundles of Buffalo Bore Ammunition. He got caught up in a USF&WS witchhunt about wolves, and all his business records were taken. Cost him some $35,000.

    Art
     
  5. Dave Markowitz

    Dave Markowitz Member

    Joined:
    Dec 24, 2002
    Messages:
    6,887
    Location:
    Plymouth Meeting, PA
    Vernal45, check out PGP and GNUPG . If you are using Windows 2000 or XP, or Mac OS-X, you already have the capability to encrypt files on your hard disk.

    Art ... yup. :(
     
  6. jefnvk

    jefnvk Member

    Joined:
    Jun 3, 2004
    Messages:
    4,938
    Location:
    The Copper Country, Michigan
    I suppose next, it will be used against you if you have locks on your doors.
     
  7. cordex

    cordex Member

    Joined:
    Dec 23, 2002
    Messages:
    2,714
    Location:
    Indiana
    The way I read this was that in this particular instance, the presence of PGP on his computer was used evidence that he was trying to hide what he knew was a crime. Y'know ... mens rea and all that. Of course, they'd probably also have to prove that he used it to encrypt his child porn.

    Then again, I could be wrong.
     
  8. rick_reno

    rick_reno member

    Joined:
    Dec 25, 2002
    Messages:
    3,027
    It's not about the content anymore - welcome to the Gulag.
     
  9. Vernal45

    Vernal45 member

    Joined:
    Feb 28, 2005
    Messages:
    729
    Location:
    USA, I travel alot.
    Thanks. Will check those out, guess I am a computer dummy, did not know xp had encrypt programs, cant figure out how to use it, :D , but will keep trying.
     
  10. dolanp

    dolanp Member

    Joined:
    Feb 20, 2005
    Messages:
    944
    Location:
    Texas
    Hey that guy has a safe, he must have ILLEGAL GUNS!

    Same logic really. This court is foolish.
     
  11. Jacobus Rex

    Jacobus Rex Member

    Joined:
    Jan 14, 2004
    Messages:
    223
    Location:
    Southeast Texas
    I agree with Cordex. I think they are helping to establish the fact that he knowingly had illegal material. To use a different example: If a person was arrested in a bank with a gun, ski mask, and a bag. It would be difficult for that person to argue that they just accidentally entered the bank with a gun because the ski mask and bag show intent. Having the bag and ski mask is not a crime but the possession of them in combination with a gun inside the bank establishes intent to commit a crime.
     
  12. BryanP

    BryanP Member

    Joined:
    May 25, 2003
    Messages:
    2,420
    Location:
    Lavergne, TN
    Vernal45,

    If you use the 2000/XP's ability to encrypt files or folders be aware that if you use any method to reset your login password that does not require typing in the old password first - i.e., changing it from the Manage Users & Groups or by a third part program such as NTPassword, your access to those files will be gone and not recoverable by reasonable means.
     
  13. BryanP

    BryanP Member

    Joined:
    May 25, 2003
    Messages:
    2,420
    Location:
    Lavergne, TN
    Reading the article it says

    That doesn't necessarily mean they're saying it constitutes criminal intent, merely that it is relevant to the case. If I'm charged with shooting someone my ownership of a gun doesn't constitute criminal intent but it is relevant to the case. Any of our resident lawyers want to weigh in on this?
     
  14. Dave Markowitz

    Dave Markowitz Member

    Joined:
    Dec 24, 2002
    Messages:
    6,887
    Location:
    Plymouth Meeting, PA
    That's what they are using it for, but do we want to go down that road? The court did not find that the defendant had actually used the encryption software to protect any files on his PC. The mere presence of the software was allowed as evidence of criminal intent.

    This is akin to allowing the fact that someone legally possessed a firearm during the commission of tax fraud to be used as evidence of criminal intent.
     
  15. dolanp

    dolanp Member

    Joined:
    Feb 20, 2005
    Messages:
    944
    Location:
    Texas
    I would not trust Microsoft's encryption personally.

    If you use PGP or GPG (free variant) be sure to use symmetric encryption with a strong password. I recommend 256-bit AES algorithm. Using the public key to encrypt personal files will not do you much good since the private key is sitting on the hard drive readily available to whomever has access to your computer.
     
  16. jefnvk

    jefnvk Member

    Joined:
    Jun 3, 2004
    Messages:
    4,938
    Location:
    The Copper Country, Michigan
    The poiint is not wherther or not built in encryption is good enough, the point is that the lattest Windows and Mac OS's come with some sort of encryption built in, and having the encrypted files got him in some trouble.
     
  17. Alex45ACP

    Alex45ACP Member

    Joined:
    Apr 21, 2005
    Messages:
    1,464
    Location:
    USA
    The noose just keeps tightening...
     
  18. R.H. Lee

    R.H. Lee Member

    Joined:
    Jan 26, 2004
    Messages:
    7,377
    Location:
    CA
    Even if the files were kept off site (on a remote server), the encryption software would still have to be on the computer, right? Could both the files and the encryption software be kept on a plug in device? How would that work?
     
  19. Vodka7

    Vodka7 Member

    Joined:
    Jun 15, 2004
    Messages:
    140
    Location:
    South Philly
    http://www.pgp.com/downloads/desktoptrial.html

    PGP 9.0 "Desktop Trial" is what used to be known as PGP 8.0 Freeware. As part of the deal the new PGP company made with the company they bought the rights from, they have to offer a free version of PGP forever, but you'd have no idea of that going through their webpage. Basically, the trial gives you 30 days of all the bells and whistles, and then regular PGP for life. IIRC correctly, you lose the e-mail and IM plugins, but keep the ability to encrypt/sign/decrypt/verify files and text.

    http://www.truecrypt.org/downloads.php

    TrueCrypt 3.1a creates container files that can be mounted to look like a new hard drive in Explorer. Anything you save in these container files is encrypted--to make it so no one can access them, all you have to do is press a key combo to unmount the drive. (Drives are not mounted at bootup.) Popular commercial alternatives include PGPDisk and DriveCrypt.

    http://www.stud.uni-hannover.de/~twoaday/winpt.html

    WinPT (Windows Privacy Tray) is a PGP-like frontend for GnuPG. To install both at once, pick the option labelled "graphical installer with WinPT and GPG". I don't know what features GnuPG has compared to PGP, but it seems to be a very popular alternative.

    And a quick reply to RileyMC - all you need from your PGP installation is your private keyring (public would be nice, too, but not necessary if you and your friends are good about sending those to the public keyservers.) The private keyring is well under a meg in size and could be easily transported on anything as archaic as an old floppy disk. As long as you have the private keyring, you can import it to any installation of a PGP compatible program and use your password to decrypt your files there.
     
  20. The Freeholder

    The Freeholder Member

    Joined:
    Nov 8, 2004
    Messages:
    371
    Location:
    North Carolina
    But hey, so many people tell us that we're not on the way to a police state, so we shouldn't worry about this, right? :fire:

    By this logic, if I'm running Windows 2000 or later, or Mac OS X, the fact that I have the capability to encrypt stuff on my computer and access to the Internet can be used against me as evidence if I should be accused of a crime--as long as it's "somewhat relevant". Even when there is evidence that I didn't use it in commission of the crime of which I stand accused. Now there's a nice squishy situation for you.

    So by analogy, the fact that I own a gun and ammunition--not that I have used it, remember--those facts alone could be used against me in court if they were "somewhat relevant" to the crime I'm accused of.

    The crime isn't child pornography, it's oh, tax evasion or something similarly nonviolent. Hey' it's somewhat relevant! I was knowingly doing something illegal and I may have planned on using the gun on an investigator.

    :what:
     
  21. Standing Wolf

    Standing Wolf Member in memoriam

    Joined:
    Dec 24, 2002
    Messages:
    24,041
    Location:
    Idahohoho, the jolliest state
    We have far too many government pay check cashers with far too much time on their hands and far too little actual work to do.

    We should let a few hundred thousand of them go.
     
  22. The_Antibubba

    The_Antibubba Member

    Joined:
    Feb 8, 2004
    Messages:
    2,665
    Location:
    Sac, The PRK
    Dave Markowitz

    I have OS X-how do I locate the encryption?
     
  23. cordex

    cordex Member

    Joined:
    Dec 23, 2002
    Messages:
    2,714
    Location:
    Indiana
    and
    Again ... he was not arrested and convicted for having PGP. It was presented as "somewhat relevant to the state's case." From there, the judge and jury had to make determinations as to whether or not it was - in fact - something worth giving consideration. I'm sure a decent defense would ask questions like:
    "Were encrypted files located on the machine?"
    "Do you have any evidence any such encrypted files located contained illicit materials?"
    And so forth.
    That wasn't enough to save him.

    Assuming the nine-year-old girl was telling the truth, I'm not worried a bit since that's the evidence that really skewered him.
     
  24. Beren

    Beren Moderator Emeritus

    Joined:
    Dec 30, 2002
    Messages:
    2,388
    Location:
    Pittsburgh, PA
    Um. Last winter, I went into my bank to cash a check. I had my ski mask in my jacket pocket, along with squished up shopping bag from a convenience store I had visited just prior. I also had a handgun concealed on my person. So I could've been charged with "intent?"

    Those of you who want to trust encryption routines in commercial software: think carefully about it. I'm not a tinfoil hat person, but I'm paranoid enough not to fully trust encryption software if I can't view its source code. I wouldn't be at all surprised if .gov had backdoors to the encryption routines used by Windows and OS X. A backdoor in PGP would surprise me. However, OpenPGP, Linux, FreeBSD - all of these have openly auditable source code available.

    Based on the girl's testimony, this guy should spend a nice long time in prison. I don't have any sympathy for him. But to consider the presence of encryption software alone as proof of intent to commit a crime seems ridiculous. There are other, perfectly reasonable legal uses for the software, even for a scumball child pornographer.
     
  25. Dave Markowitz

    Dave Markowitz Member

    Joined:
    Dec 24, 2002
    Messages:
    6,887
    Location:
    Plymouth Meeting, PA
    Open System Preferences and select Security.

    Why, you're not planning to do anything illegal now, are you? ;)
     
Thread Status:
Not open for further replies.

Share This Page