Police force more suspects to give up crypto keys Police have expanded their use of powers to force suspects to decrypt files by 50 per cent in the last year, figures released today reveal. In the 12 months to March 31 this year, government officials approved 38 notices under Part III of the Regulation of Investigatory Powers Act, compared to 26 in the previous year. The …
Have you ever even looked at true crypt?
True crypt is a program that creates a virtual drive of a specified size on your hard drive, and that drive is encrypted.
The hidden partition is part of the virtual drive and so appears as random data on the outer drive.
They are NOT talking about file encryption.
TrueCrypt creates a file with a fixed size by default, regardless of how much data you store on it. What isn't actual encrypted data is filled up with random bits, meaning it is impossible to tell whether you have a hidden volume or just created a big crypt file which you haven't filled up yet.
10KB worth of files on a 100GB crypt drive will still be suspicious, but that's obviously not the approach one should take in such a situation.
... to do any research before making that post? Truecrypt is volume encryption, not file encryption - it produces a file which can be mounted as a volume,
Say you create a TC volume of 20GB. It is 20GB when created, and remains 20GB as you fill it up. If you create an inner container, the volume is still 20GB. Empty space in a TC volume is encrypted. There's no way - short of cryptanalysis - of determining whether the 'empty space' in a TrueCrypt volume is empty or whether it holds an inner volume.
The best an attacker can do, unless they can break the encryption, is to consider a 25% full drive suspiciously empty, or the files within suspiciously innocent. Or torture the keyholder until they are sure. The way we are going I'm not sure the latter is necessarily ruled out.
I don't see why, for the volumes of cases cited, it wasn't possible to trojan their PCs and catch them in the act. Or install bugs in their PCs, or houses, to either capture the offending material, or the passwords to the containers. If an offence is not serious enough to merit such an approach, I don't think it's serious enough to qualify for RIPA measures over refusal to decrypt.
"......Say you create a TC volume of 20GB. It is 20GB when created, and remains 20GB as you fill it up. If you create an inner container, the volume is still 20GB......" OK, so the Police run a check on your PC (and believe me, they employ professional techies that have been working with PC forensics for years, they are not amateurs), they see you have a 20GB "file" and spot all the characteristics of a Truecrypt volume which you have not declared. They will calmly ask you if you have any hidden volumes or encrypted material on your PC. You, being a moron, reply "no" - they now have a statement showing you are obstructing a Police investigation, which can be used in court to infer guilt of a more serious crime or just passed to the CPS to get a prosecution rolling.
They then produce the system in question, say they have found the Truecrypt volume and offer you a chance to decrypt it. You, still being a moron, say "no" again. If you are lucky, the Police may point out to you the penalty of not decrypting, or they may just go ahead and ask the CPS to prosecute on the refusal if they had an otherwise weak case. They may point out that if they suspect you are hiding kiddie pr0n (why else would you have an encrypted volume?), they will have to go and interview your employer, family and friends and - unfortunately and of course unintentionally, honest - leave the implication that you are a kiddie-fiddler. Good luck explaining to them afterwards that you were just standing up for a principle.
So, by now if your solicitor hasn't explained to you what a moron you're being (presumably just to protect your encrypted copy of "The Anarchists Handbook" and your mp3z, which the Police couldn't really care about - you aren't really hiding kiddie pr0n, are you?), your family and friends will definately be (remember, in the JFL case his family were desperately trying to convince him to decrypt his files). Let's see how long that "standing on a principle lasts" when your parents are wringing their hands and crying about "their little boy" going away for a stretch.
So, you try and be even smarter and give the Police the key to the outer Truecrypt compartment. Unfortunately for you, all that does is reveal the garbage in the outer container, and the Police point out that you are not in compliance with the request and are again in obstruction. If you do not immediately hand over the inner compartment key you are now looking like you are seriously trying to hide something - you must be a kiddie-fiddler/terrorist/nutter. Have fun in court! And in prison.
Of course, the likelyhood that the Police would even be interested in you in the first place is pretty far fetched. They have more important things to do than waste time on idiots that are "standing up for a principle". Whilst you think your Bit Torrent stash of mp3z makes you a real hax0r, the truth is your just not worth their time.
"Not the case as far as I'm aware." Well, Chris, my source of the info was probably getting it fifth-or-more-hand, but he's usually reliable. If you are in direct contact with the family I'll defer to your more direct info. As I hear it, JLF is now out, off probation, and is looking to release a book of his experiences.
Criminalising the possession of random data seems like the next logical step in this.
I think it would therefore be a good exercise and test of our liberties to organise an international random data swap day, where everyone is encouraged to dd if=/dev/urandom of=[an email, USB stick, CD, fax, public speech, QR code, t-shirt] a few blocks of random data and give them to our friends, enemies, strangers, MPs, police officers...
Not all of us are stupid enough to view police officers as "enemies" due to whatever is the trendy social view in the groups they choose to mingle with. But I'm betting you'd be straight on the phone to those "enemies" if someone broke into your home and stole your PC / laptop / stash of Liberty newsletters.
TBH, anyone seriously contemplating wasting police resources in the manner you describe simply because they have nothing better to do with their time really needs to go get a clue.
First, his post makes a serious point about how easy it can be to fall foul of this type of legislation, and though you may see it as 'wasting police resources' - like those pesky photographers wasting police time by not doing anything illegal - he suggested a legal way of advertising the problem and undermining assumptions about the legislation.
Second,
"Not all of us are stupid enough to view police officers as "enemies" due to whatever is the trendy social view"
If you want to assume the police are on your side that's your business, but that doesn't make those of us who have had to take a more objective view of NuLiebore's pc police stupid. Here's an extract from NightJack's blog on 'A Survival Guide For Decent Folk':
"Never explain to the Police
If the Police arrive to lock you up, say nothing. You are a decent person and you may think that reasoning with the Police will help. “If I can only explain, they will realise it is all a horrible mistake and go away”. Wrong. We do want to talk to you on tape in an interview room but that comes later. All you are doing by trying to explain is digging yourself further in. We call that stuff a significant statement and we love it. Decent folk can’t help themselves, they think that they can talk their way out. Wrong."
NightJack archive here:
http://nightjack2.wordpress.com/
and guide here:
http://nightjack2.wordpress.com/2008/07/24/a-survival-guide-for-decent-folk/
'Not all of us are stupid enough to view police officers as "enemies"'
"anyone seriously contemplating wasting police resources in the manner you describe "
I neither said nor implied that police were enemies, nor is there any reason that people swapping random data should waste police time - as doing so is not a crime.
I certainly wouldn't suggest spamming police mailboxes with random data, but if there is an event designed to shine a light into what are currently murky legal waters and raise awareness, you would expect that some attempt be made to inform law enforcement, as well as lawmakers and the wider public.
I saw Iron Man 2 and in that film I saw a Russian chap break into a computer from a Login prompt; now if he can do that, why piss about with this encryption malarky (I also saw a chap in a film break 256bit encryption by typing what looked like ls -l over and over again at the login prompt). Hollywood so it must be true. Encryption bollocks; basically if they are gonna stitch you then its gonna happen - our fault, we voted for the twats.
If it is a fixed size volume of say 10gb and the suspect has a second set of files taking up 5gb
and they hand over the safe key to the plod and the plod sees 3gb of not interesting stuff and clever plod then trys to fill the rest of the 10gb available with innocent pictures of his subaru pursuit car does it let them overwrite the hidden partition or does it say FULL ?
I understand why you might allow this legislation. But it should only have ever been used as an anti-terror tool were there was an impending threat. But then again a law envisaged to combat terrorism being used for other stuff, have not seen that before.
On a side note, having a terrorist or anarchy handbook on your PC is not enough to be a terrorist. I bet the British wish they had these laws when we still had the colonies. Would have sorted those independence seeking terrorists out. Americans don't seem to get the irony of all the new anti-terror laws they have. One persons terrorist, is another's freedom fighter.
And no I don't think American tactics in seeking independence are the same as the Islamic terrorist mass killing of civilians tactics. But under current legislation they are treated in a draconian way.
Sorry went a bit of topic there....
100% effective at destroying data, and even if they realise that the drive has been sabotaged the common rescue techniques just make things worse.
If you are particularly ingenious you can configure the device so that in the event it unexpectedly loses power without the shutdown code being entered first it breaks the vial.
Or better still, store all your data on n 32GB caseless pendrives encased in resin with a time/motion sensitive trigger and a small battery powered HV generator set to arc through the stack. Good luck recovering anything off that, even if one chip survives the read circuitry will be blown to hell.
AC/DC
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
