This app will self destruct in 5 seconds...
Surely the existence of the app is telling itself and therefor it should "auto-wipe" itself by some means?
The next time the police kick down a hackers' door, suspects can reach for the Panic button to make it nigh-on impossible for plod to recover any data, even if they freeze their target PCs. The Panic button is a new Python app called "Centry Panic" and was developed to mitigate cold boot and direct memory access attacks on …
Well yes and no, I guess. Yes, it being on your system shows you very particularly don't want others accessing your data. But no, it doesn't prove you are hiding anything from the law in particular (maybe you are concerned with industrial espionage, and activated it before you knew it was the police bursting in the door).
> Surely the existence of the app is telling itself
Not from a judicial point of view. It is perfectly OK to swipe your RAM clean, encrypt your disk or for that matter, set fire to your computer. It's your own property, after all.
Caveat: if you do any of the above *after* you have been served with a subpoena to produce evidence, and it could be proved that the evidence in question was destroyed by your doing any of the above, then you are more or less in the shit.
From a police point of view, you will look suspicious as hell and they will go at it like rabid dogs to try and uncover evidence against you, as well as apply intense psychological pressure for you to confess to a crime (which you may or may not have actually committed).
Source: I am trained in computer forensics, but have no practical experience to speak of (on either side of the business).
"Surely the existence of the app is telling itself...." Exactly. If the coppers have got to the point of mounting a raid then they already have plenty of evidence. Whilst you may destroy a small amount of incriminating information (or nothing if the last app in memory was actually just innocent Web browsing), what you give the prosecution is something to point to as a means of demonstrating that you were (a) a committed hacker and (b) had something to hide - "why else would the accused have such an application, m'lud?" It is the electronic equivalent of 'going prepared'. That, along with the other evidence that will have been gathered before the raid, will help convince a jury that you are guilty. It also does not delete the actual encrypted content, which - in the UK at least - just means the authorities demand the encryption keys to decrypt it or they send you to prison, which is what the coppers are actually after anyway. Tough luck if you have deleted the keys, you still go to jail. At the end of that first period in prison they ask you for the keys again, if you decline again, back to prison you go, ad infinitum.
"Tough luck if you have deleted the keys, you still go to jail."
Er, no. The requirement is to hand over any keys in your possession. If you don't know the key because you never memorised it nor backed it up, I'm pretty sure any attempt to jail you for lack of knowledge would fall foul of the human rights act.
Whether they could get you for destroying evidence is another matter, I suspect that would very much depend on showing you activated the destruction because you knew it was the police calling.
They wouldn't let that stop them from putting you away for along time. The level of harrasment isn't just for your benefit, it's to encourge future victims to hand stuff over. Let's not forget the number of times anti-terror legislation has been used to pick people up at the gates of a police station for another week of questioning.
Er, no. The requirement is to hand over any keys in your possession
No, not really.
Section 49 of RIPA200 states :-
If any person with the appropriate permission under Schedule 2 believes, on reasonable grounds ... that a key to the protected information is in the possession of any person, ... the person with that permission may, by notice to the person whom he believes to have possession of the key, impose a disclosure requirement in respect of the protected information.
The offence is a failure to comply with a S49 notice.
Of course, there is *a little* wiggle room in S49(1), which defines the applicability of S49; it could be argued that, as there is no such key, the section cannot apply. But to do that, the defendant would have to prove the non-existence of such key - and we all know how tricky sucha proof could be...
If you don't know the key because you never memorised it nor backed it up, I'm pretty sure any attempt to jail you for lack of knowledge would fall foul of the human rights act.
I'm pretty sure the whole damn Act falls foul of the Human Rights Act. But that doesn't stop them using it - including for purposes we were specifically assured it would not be used for :-(
Vic.
In police states like the USA and Britain have become, human rights stop with the words: I arrest you.
The biggest problem the precaution has is that police raids tend to catch the targets unaware. Even with CCTV, you would have to be a very cool customer to think clearly about deleting all your computer files. Just downloading the app and telling yourself you are prepared to do that isn't enough to overcome the paralysis of an early morning raid by a gang of professional mobsters like a police team.
Guilty or innocent the doors and windows will be in shards and splinters along with your peace of mind and stay that way until you pay for the repairs and the councelling. And if you are important enough for the government to release the files from them, GCHQ will already have what you have.
If things go on like they seem to be going it won't be long before raids to get your personal copy of GCHQ's evidence will be deemed unecessary.
[...] if the police are knocking your door down they have enough evidence to convince a magistrate to issue a warrant but they don't have enough evidence to convict you [...]
The act of arresting you - for any offence - automatically conveys the right to search you and your property. The Police use this on dawn raid fishing expeditions when they are throwing their net wide to try to find something to justify an ongoing investigation elsewhere. They know that a magistrate is unlikely to give them a search warrant with no evidence against the particular person.
Since the change to the law to make any offence "arrestable" the Police can abuse their search powers with impunity. Even if they have nothing other than you are in the same social circle as someone they are unsuccessfully investigating. They only have to decide to arrest you on "suspicion of conspiracy to..." and they have their Open Sesame. The institutionalised Police mind construes alleged crimes and conspiracies everywhere. The more innocent you are - the more likely they are to view you as "guilty but very clever".
"....If you don't know the key because you never memorised it nor backed it up...." This app just deletes keys out of memory, it does not go around clearing up all other copies of the key. And then you still have to convince the authorities that you don't have the keys, and if they are convinced you do then you go to prison. The Reg has covered this previously - http://www.theregister.co.uk/2008/10/14/ripa_self_incrimination_ruling/
"....I'm pretty sure any attempt to jail you for lack of knowledge would fall foul of the human rights act...." They would jail you for declining an order to provide the keys, the HRA has nothing to do with it. Ask convicted terrorist Syed Hussain or paedo Oliver Drage how that worked out for them.
"That, along with the other evidence that will have been gathered before the raid, will help convince a jury that you are guilty."
But that wont be beyond reasonable doubt. Any lawyer for the defense will state "if there is nothing to see there is no proof" which will cast doubt and ultimately get the case thrown out.
"It also does not delete the actual encrypted content, which - in the UK at least - just means the authorities demand the encryption keys to decrypt it or they send you to prison. Tough luck if you have deleted the keys, you still go to jail. At the end of that first period in prison they ask you for the keys again, if you decline again, back to prison you go,"
That is not true at all. If you do not have the keys then you have nothing to give up. You cannot be thrown in jail for refusing to give up something you do not have. Just like the police cannot throw you in jail for stealing a TV if you haven't been seen stealing it and you haven't still got it in your possession. (in court a he said she said argument isn't valid) It comes down to the hard evidence not circumstantial, and if the police are knocking your door down they have enough evidence to convince a magistrate to issue a warrant but they don't have enough evidence to convict you, which is why they need the raid in the first place. If they had enough to convict already you would simply be taken down the station and charged and they would then search your house whilst you were down the station.
If you do not have the keys then you have nothing to give up. You cannot be thrown in jail for refusing to give up something you do not have.
Yes you can - this is the evil of RIPA2000. The offence is that you failed to comply with a legally-given Section 49 notice to disclose; the reason that you failed to comply is your own problem.
This is *dreadful* legislation, but no party seems even remotely interested in reforming it (I've tried asking them...)
Vic.
"Yes you can - this is the evil of RIPA2000."
But...
"If any person with the appropriate permission under Schedule 2 believes, on reasonable grounds ... that a key to the protected information is in the possession of any person"
The key is no longer in their possession. They've deleted it. If you have told them it is deleted and no longer in anyones possession it is not reasonable to assume you have it to give up.
If what you are saying is true (and I have no reason to believe it isn't given the state of the law in this area) then the police can simply accuse anyone close to the machine in question of having the keys and they need no hard evidence to secure a conviction. That just doesn't sound right to me (in the moral sense) and I'd be interested to see a case where this has happened to see what the outcome was.
What if there was an encrypted file on your machine placed there by a 3rd party, you have no keys, or knowledge of the file, but the cops want to decrypt it to have a look. Who would be liable to produce the key then? would you have to prove the file was put there by someone else or will you just get thrown in jail because you are unable to provide the keys.
The key is no longer in their possession. They've deleted it. If you have told them it is deleted and no longer in anyones possession it is not reasonable to assume you have it to give up.
Correct - but go back and read the wording you quoted :-
"If any person with the appropriate permission under Schedule 2 believes, on reasonable grounds ... that a key to the protected information is in the possession of any person"
It matters not one bit whether the key is in posession of that person - nor whether it has ever been, nor even that a key has actually existed.
What matters is whether someone with "appropriate permission"[1] believes it does. This is part of why RIPA 2000 is such a shit piece of legislation.
the police can simply accuse anyone close to the machine in question of having the keys and they need no hard evidence to secure a conviction.
Yes.
This is why I describes the Act as "evil". it actively criminalises your being believed to have done something, with no actual proof required. Your only defence is to prove the negative, unless a judge has the balls to tell the Approprait Person to go fuck himself.
That just doesn't sound right to me (in the moral sense)
Of course it isn't.
I'd be interested to see a case where this has happened to see what the outcome was.
I cannot cite you a case because I have not been following it with the attention it deserves - for that, I apologise. But nevertheless, the Act permits those actions which both of us find objectionable, whether or not such transgressions have occurred (yet).
What if there was an encrypted file on your machine placed there by a 3rd party, you have no keys, or knowledge of the file, but the cops want to decrypt it to have a look. Who would be liable to produce the key then?
You would. It matters not who put it there - if there is something that an Appropriate Person thinks is an encrytped file towhich you might have the keys, it is your responsibility to produce those keys or decrypt the file, under penalty of prison.
would you have to prove the file was put there by someone else or will you just get thrown in jail because you are unable to provide the keys.
Guess...
Seriously - go read the Act, with specific attention to Section 49. It's an eye-opener. People should be told.
Vic.
[1] Note that, although there is a little initial oversight of who gets classified as an Appropriate Person, that person need not be part of the Judiciary...
<quote>Seriously - go read the Act, with specific attention to Section 49. It's an eye-opener. People should be told. <quote/>
Some nice points, you clearly have studied it...
I vaguely remember the outcry when it originally passed. This is why the US has a constitution. Yes, I know the executive never ceases to find new blatant ways to ignore it, but it is there.
It was achieved by a revolution, something Britain hasn't seen since 30/1/1649.
P.
"What do UKIP say?"
Probably whatever comes into their mind. They will probably claim libertarian practices for themselves - while being authoritarian towards anyone who disagrees with them. RIPA will be right up their street as a means of control.
I'm getting old - but it seems current events are resonating with the 1930s. Sudetanland; the ruling elite in the Weimar Republic ceding too much power to a populist new-party leader; territory disputes in the Far East over natural resources.
"What do UKIP say?"
Given UKIP do things like getting the Police to pop round for a quiet "chat" to ask you to remove posts from Twitter which they don't like (but which fall foul of no law), I rather suspect you will be out of luck if you think they would even consider repealing anything like RIPA.
I think that you may well be over estimating the plod here. When they went to the trouble of raiding me and my business they managed to bankrupt me and close my business.
Sadly it was very quickly evident that they had very little evidence after all how could there be as I had done nothing against the law.
...... one application we all need. A heart monitor that is connected to your mobile device, if your heart stops beating it sends out a signal to remote wipe your browsing history.
Won't someone think of the children who have to sort through expired parents computers?
Unfortunately, in the UK, you are required by law to reveal keys to encrypted files. Failure to do so can result in a criminal conviction... (Yes, I know truecrypt can do dual layer).
So I'll stick with my total physical destruction solution of 2lbs of semtex under the file server.
What do you mean that's illegal too?!
Good grief, it's a conspiracy I tell you!
Since I have recently read "Little Brother" by Cory Doctorow, I like the idea of this app considering the path that the US Government is trying to go down.
I have nothing to hide. I love my country and that will be the very reason that they will come after people like me. They don't want the US Constituion getting in their way.
Of course all the section 49 talk is somewhat mooted by the fact that we're talking about TrueCrypt here; you SHOULD have it set up so that you CAN give them the password (to the public part); they can then decrypt the volume, see that it is just tame sort of stuff (legal porn, maybe some legal docs, whatever). Keep the hidden volume key (and password) secret; preferably with a backup of the key somewhere not in your possession and the primary copy getting deleted along with everything else.
As for the laser trip on the door; you could use a Z-Wave (or probably other) security setup on your doors/windows and have it set up so that if it is armed and gets tripped, you computer reacts by activating this software. You just have to make sure the perimeter is armed any time you have your truecrypt volume is mounted and/or you are doing sensitive stuff; you may be able to automate that as well.
The only problem with this is that you may be arrested by someone who has heard of TrueCrypt already, and as a result believes that you may have created a second partition and therefore should know the key to unlock it.
Thanks to that you can be locked up under section 49 even if you have already coughed up the password. Didn't create a second partition? That's your problem.
"Surely you would then have grounds to argue that they would need to prove that there is a hidden volume, since it is also capable of NOT making such a thing?"
Nope, you would have to prove you did not create it, after all they would simply cite that they have "reasonable grounds" to believe you did. Ball is in your court. Can't prove you didn't create it? Oh dear sonny...
Sorry Keith, but you are plain wrong with that idea. If you use truecrypt and give them the password to unlock it after a good deal of arm twisting (or even without) there is absolutely no way they would be able to convince a court of your guilt. The whole point is they can only prove the outer layer of encryption exists and once unlocked they would have to prove to a court there was another layer of encryption in order to apply that heinous piece of legislation.
"Can't prove you didn't create it? Oh dear sonny..."
Bollocks. Total bollocks.
I use LUKS to do disk encryption. While good, it lacks what I call a Fricosu key. This is a separate key, setup during initialization, which when entered while under duress in Colorado, causes LUKS to silently and permanently forget the real decryption key. You won't get your data back, but neither will anyone else. It only works if the Governm...(I mean the bad guys) haven't already made a forensic copy of your drive.