So if I put a file on your disk you get two years?
This is why "possession" laws don't work.
If I make a junk file called "known activists.pgp", put it on your disk then call the cops, you're screwed. Two years in the clink for failing to comply.
An animal rights activist has been ordered to hand over her encryption keys to the authorities. Section Three of the Regulation of Investigatory Powers Act (RIPA) came into force at the start in October 2007, seven years after the original legislation passed through parliament. Intended primarily to deal with terror suspects, …
How exactly do you prove for instance, that you had no idea that there was an encrypted file on your pc? I am fairly tech savvie and I bet one of my pc's contains some encrypted data somewhere that I don't know about installed by a program long since binned.
Use truecrypt, as the container file cannot be linked in anyway shape or form to truecrypt. Encrypted file sir? <---- prove it is encrypted, then prove I encrypted it.
Isn't it a pleasant surprise to see legislation brought about for use in terrorism cases in its very first use used against an animal rights activist?
You are no longer innocent until proven guilty, you are guilty unless you can prove your innocence.
Welcome, to 1984.
Should I feel bad that this act is being used as a mallet, or should I feel good that it's being used on someone so richly deserving of a full smack upside the head?
Considering how these people treat other people, I should hope they go fishing for the encryption keys with a rubber finger.
"The police are my enemy, I know that they have given information about me to Huntingdon Life Sciences (as well as hospitalising me),"
I honestly don't care about how it's done and the rights and wrongs of the RIPA, but this sort of statement sickens me. Heaven forbid they (HLS staff) should have some warning before the next time their houses / families are attacked. Apparently personal information should only go one way ...
I'm just glad these tools have stopped protesting outside my offices (because a company that _used_ to share the building has shares in the NYSE which lists Huntingdon - idiots).
Anyway, methinks the lady doth protest too much.
You imply that amimal rights groups are not terrorists. Why? Some are good natured people with a genuin concern for animals (Although, in my opinion sometimes miss placed) but there is also a fair amount who will kill and distroy to get what they want. Terrorism.
BTW, this is anon because, unlike Islamic extremists, these people accualy worry me.
If this woman is charged because she doesn't hand over her keys, then democracy has truly died in this shithole.
Personally, when I get home tonight, I am going to have to run shredder over all the free space on all my hard drives (some of which I'll have to dig out of drawers), as well as ensuring any keyring files, test encryptions, cached email and other miscellany are shredded also. I hoped I'd never see the day when it became illegal to forget decade-old passwords made up on the spur of the moment while playing with new software.
Want to completely ruin someone? upload some encrypted files onto their machine, then make an anonymous phone call and say theres some dodgy kiddy files on someones machine, hey ho 5 years in jail.
We have seen what lazy b*stards the police are when it actually comes to investigating a case and how they always go for the easy prosecution whether the person is guilty or not.
"What seems to have happened is that the CPS (who couldn't issue a notice anyway) have written asking the person to volunteer their key," he adds."
Sounds familiar, it's a compliance test and a big problem with UK (thanks Tony for your sterling work in undermining individual freedoms, you micromanaging tw*t).
Do X or I'll exercise my power to do Y.
To force them to do X they normally need to go to a judge to show cause, but once you give the power Y that doesn't require any judicial process around it, you get a load of "if you don't do X I'll do Y" and suddenly we have plastic police ordering people to do X sans the legal authority.
Given the rather lax security of windows and ability of others (over the web for instance) to place files on your hard drive, this legislation could be a bit of an issue. The police could probably claim they have 'cause' to require decryption of any file given any name. Therefore, suppose someone has dropped an encrypted file on your hard drive. How can you comply? In this case, it might well be she has something to hide, but it could happen to anyone. Given that others have access to your hard drive, how can you be required to hand over any encryption pass phrase or whatever they ask for?
Rather seems the legislation is at odds with the technology. Also, it is rather interesting that the police can't crack it!! Given their resources, you would have thought it would be possible.
Given the sort of activities animal rights extremists get up to I can't say I have much simpathy.
Campaigns of harresment, intimidation, stalking, libel, vandlism, and theft are well beyond the line where legitament protest ends. Its a form of petty terrorism at least.
I am happy the police are investigating these people.
I'd be more sympathetic if she'd been a member of Al-Qaeda bent on blowing up a busful of babies. Al-Qaeda members have at least been brainwashed, often from birth, into believing that they are doing the work of the Almighty and will be rewarded with eternal paradise. Animal rights terrorists have no such excuse, they just woke up one day and decided that cancer and Parkinson's were awesome things to have.
Cue remorseful look - "I'm an Animal Rights Terrorist but I don't know anything technical because I love fluffy bunnies and me and PGP never got on and I don't have any encrypted files on my PC."
Yeah. Right. My arse.
However, there is just as much possibility that the police have absolutely no idea what they're looking at, knowing how much help they've been when Computrace pointed out to them where my stolen laptop is (and has been for 6 months waiting for them to pick it up).
I am uncomfortable about this - the law is scary enough.
OTOH, having been in a company on the receiving end of harassment from the Animal Rights lunatics* I hope she never gives her keys over. And spends a long time out of contact with decent people.
(I was working for a large company, a subsidary of a subsidary let out a small office to a subsidiary of a firm who occasionally did work with HLS - instead of a nice letter point this out and would we consider our position on it, the first time we found out about this when the cars got paint-strippered and a bomb threat made. It took a few hours to figure out WTF was going on.)
Yes, a lot of animal rights activists are petty terrorists, and some are arsonists, vandals and thugs -- but that doesn't stop this law being worrying.
If a law was brought in that allowed prosecution of anyone posting anonymously on the internet, would you agree with that? It could, after all, be used to lock up murderers, paedorasts, rapists, terrorists, illegal immigrants, thieves... The snag being, of course, that it could be used to prosecute a lot of people who would never dream of breaking the law.
Posted anonymously, obviously.
While there are definitely some grade-A nutters involved in the anti-HLS campaigns, there are also people who just stand outside the labs withy placards and shout. We don't know which group she belongs to.
Given the propensity for the police to use intimidation and harassment to protect big business, there's every chance that she's just some harmless hippy.
If we use the logic of most of the people commenting here, the police should be demanding to see the computers of every muslim in the country - after all, we've seen what *some* of them are capable of.
I'd bet that you can take any modern desktop computer that's been used for more than a six months and find some encrypted files on it that the current user has either no knowledge of or has long since forgotten.
Assuming the readership of El Reg are mostly IT pro's, Answer me this:
A client asks you to audit their network to ensure that every encrypted file can be decrypted and take responsibility (2 years jail-time), for any that you miss.
How many of you would you take that job on?
How many of you expect a regular user would stand a chance in hell of successfully completing that task?
This law as stands means as near as makes no difference, all computer users are by default criminals, a threat that our supposedly elected representatives and policing authorities are clearly going to use whenever it suits their agenda, which will inevitably mean always.
That it's being used now against a group that the majority see as 'gagging for a slap' is SOP, next soft target will be the filesharers, after that you're all game.
Guilty till proven innocent, Churchill is no doubt turning in his grave.
Just like everyone else I am fully supportive of a free and democratic society and don't want to live in a police state...
Except of course unless it is "animal rights protesters" as we all know this group of people are collectively guilty of digging up grannies/arson/assault, I don't have any proof but I know it's true.
OK, OK so this is only one person and we have almost no information about her particular case, but does that really matter?
I think not, we should definitely condemn her now as strongly as possible. She is an ANIMAL RIGHTS PROTESTER after all, maybe we should bring back flogging just for them. At the bear minimum we need a special kangaroo court just for these guilty people.
Clearly she is as much threat as those who committed the atrocities on 11th September and 7th July, we need these laws to stop these animals rights protesters killing any more people.
I as many other commenters here believe the only solution is rash decisions and enforcing ridiculous (possibly unenforceable) laws that I would never otherwise support. At least when it comes to this particular - obviously guilty of something - minority group that I dislike.
I can only hope if I ever become part of an unliked minority I will get the support of all those who profess they want freedom and a just society.
I know now I can sleep safely at night, and that if I ever hold an unpopular view which is vilified by the media I will be judged purely by my INDIVIDUAL actions and character.
Thanks to all of you who are fighting the good fight, you champions of freedom, you heroes.
Let's be perfectly clear people who value the life of animals above that of humans are scum. PETA still refuse to condem the use of violence to achieve their means, they are scum. The animal rights nutters outside AXA in the city each week with their megaphones spreading misinformation about HLS and what goes on there, they are scum. The granny exhumers, the Oxford student threateners, the ones that burned down a boat shed because it belonged to Oxford Uni, the ones that intimidate the Chemistry students because it's next door to a new animal lab, the ones that intimidate workmen on that lab, the ones that intimidate Zoology students, the ones who burned down a perfectly legitimate pig farm in the village I grew up in (killing all the animals) whatever other evil shit they do, they are scumy scum scum scum.
The ones who protest peacefully, I'd say are misguided, but fully entitled to protest.
This law, however is moronic, it relies upon the assumption that someone has a key to all of their data and that they knew the encrypted data was there. It relies upon the a negative being proved (I don't have a key to give you). I can't imagine it standing up in court, if it does it's a sad day for justice.
As a further point - if you are going to protest about the use of animals in drug testing, maybe you should protest to the government who require it, rather than the companies who are required to do it.
which covered disclosure of the requirement to produce the keys? From what I remember of the original bill there was a second offence of telling anyone that you had been requested to reveal the key.
Oh it is still there just it has to be enacted by the person authorising the request for the notice. Bit late for CPS to ask for that to be included.
Created a Truecrypt volume on my laptop with a nice long random key, and put (what I thought was) the key into my KeePass database.
I found out later when I came to mount it that the key wasn't the key. Had I been challenged to provide the key (which I wouldn't anyway), there would have been no way I could have.
Luckily there was nothing vital in the volume, so I recreated it. I then had to do it again after KeePass ate itself when the laptop fell asleep with TrueCrypt volume it lives on mounted. I love computers...
... So many people on here are happy to assume that because the woman involved is an "animal rights activist" and has had demands for her passwords she is clearly an "animal rights terrorist" who digs up grannies or whatever and thus are quite ok with the idea of *her* rights being violated.
Of course if it was *their* rights being breached and their passwords being demanded, they, knowing they were completely innocent and having had done nothing, would no doubt be shouting to high heaven about this.
While I agree that animal rights lot includes some sick nutcases (exhuming that grandmother was just low), the fact is that this kind of stuff is the direction in which we are headed. If it would be unjust for the Police to bang you up for having an encrypted file you know nothing about, then it would be equally unjust for it to happen to someone who you dislike. That's the point of human rights-type legislation and civil liberties - it protects all equally.
"Rather seems the legislation is at odds with the technology. Also, it is rather interesting that the police can't crack it!! Given their resources, you would have thought it would be possible."
NOBODY has the resources to crack a file that has been properly encrypted with a sufficiently large key. Not even the NSA. That's the primary reason the US tried to prevent the dissemination of PGP, and why this particular clause of RIPA exists.
Besides, even if, hypothetically speaking, NSA/GCHQ and the like have acquired quantum computers or discovered some miraculous method of rapidly factoring massive prime numbers, they're certainly not going to tell the police unless they absolutely have to. You don't risk revealing a capability like that to the world unless the situation is absolutely desperate.
Well, whether this particular piece of legislation is right or wrong, it does kind of put the mockers on the need to extend the 'hold without charge' period, since the biggest reason for this is supposedly the need to crack encryption. They won't provide an encryption key? Charge them with failure to provide it, refuse bail, sentence them and lock them up for up to five years legitimately while you investigate the other offences. In a nice prison where everyone can see them and they aren't subject to dodgy control orders.
HM Govmint can't have it both ways. Well, actually, they probably can, but they *shouldn't*.
Not sure how many of you are familier with TCG or Palladium et al. but if you believe what Ross Anderson (Professor of Security Engineering, University of Cambridge) says could be in the pipeline, Microsoft and some of the media companies may be putting DRM including encryption in to products and media.
This is so when you don't pay your regular licence fee (note the new costing model for Microsoft software, or 'rent' for your applications), you will not be able to open your media and YOUR documents. This could make it impossible for you to provide plain text copies of your documents (although probably MS could). And what about the audio files that are protected by DRM and the Certification Authority has disappeared/gone. How do you prove that it is not audio minutes of the most recent meeting of the local terrorist cell?
Look up "trusted computing" in Wikipedia, and follow the link in the reference to Ross Anderson. Be scared. Be very scared.
So, possible jail terms to everybody using future MS products, then.
Glad to see there are plenty of people who are happy to brand this woman a terrorist despite there being no evidence to support it. I guess these people are the same people that determine your must be guilty if shot by the police.
Just because the police decide to take an interest in your private life doesn't mean you are guilty of anything. This is Britain, not Stalin's Russia .... well not yet anyway.
"You're all saying she might just be in the placard waving (or garden) variety of activist. Then why are the police going this far to investigate her?"
the same police that threatened a labour party heckler under the terrorism laws?
the same police that searched children and arrested peace protestors?
the same police that shot an innocent man in the London underground?
and lets not even go into some of the dodgy DNA cases (posting letters being very suspicious)
innocent until proven guilty does not mean innocent until investigated, as has been said often (thankfully) rights are not just for the people we like or thats a very sleep and slippery slope.
A Section 49 notice says "Give us the keys/data" At the same time, you *could* be handed a Section 51 notice which says "You can't tell anyone we've just given you a Section 49 notice"
In this case, it seems she hasn't actually been given a Section 49 notice, so a Section 51 notice would not apply.
Let me see if i can fix this for you...
----You're all saying he might just be the normal guy minding his own business. Then why are the police going this far to shoot him dead? (Talking about the de Menezes)----
I am sorry i used this in the argument but people like you just upset me.
See where that kind of argument is going.
And in any case this law is beyond ridiculous. How do you prove to anyone that you don't have something(in this case the encryption key) . I thought thats impossible.
I object vehemently to the presumption of guilt and the "no smoke without fire" arguments... except in the case of those who actively oppose the progress and wellbeing of humanity in favour of other species.
To quote the great Gene Hunt, "human rights are for human beings."
"You're all saying she might just be in the placard waving (or garden) variety of activist. Then why are the police going this far to investigate her?"
Oh yes, I like that.
If she's being investigated (the "until" part of "Innocent until proven guilty") then she *must* have done *something*.
at least we still have the illusion of not being required to self-incriminate... nice right to have. we do a lot of stupid stuff this side of the pond, but it looks like everyone else is in a foot race to keep up. sorry about your luck.
it would be similar to throwing someone in prison because they refused to tell on themselves, not the actual crime they're accused of committing.
i'm not a big fan of some animal rights activists, since they damaged a lot of stuff at M.S.U. when i was there, but they still have rights. even terrorist idiots blowing people up have rights... up until they're guilty, then i don't have as much sympathy.
FFS, so everyone who the police ever accuse of anything is automatically guilty? Might as well abolish courts, judges, juries and trials then. Just give the police machine guns and let them shoot randomly into crowded shopping malls - after all, if the police are shooting at you, it must be because you're a bad person, right?
Get an effing clue. We have a justice system for a reason, and that is because in a democracy we do not believe that our rulers rule over us by divine right and therefore we do not believe that they are infallible. So for our own protection, and for the sake of accountability and justice, we are ALL innocent until proven guilty. If you want that protection for yourself, you have to extend it to *everyone*. How bloody amnesiac do you have to be to have forgotten all the miscarriages of justice based on falsified police accusations over the past few decades? What kind of sucker just believes everything they're told simply because the bloke who says so is wearing a uniform?
The police can and do get it wrong, and I hope they get it wrong with you next.
Because if they do, I'll be here insisting that you, too, are innocent until proven guilty.
No need to thank me. Just extend the same courtesy to the accused in this case.
@Anonymous Coward - why don't you sign in and use your name, if you've got nothing to hide, you've got nothing to fear.
So far as not being allowed to disclose the fact she's being investigated - given that the CPS is making the request, then she's allowed to sing it from the rooftops. Presumably the old bill haven't got any evidence and are trying it on. Then we get f***wits saying she's a terrorist, I've got a gut feeling about this one, sarge.
It seems a lot of commenters are suddenly ambivalent about civil liberties, it's all "well it's a bad law, but.." The point of civil liberties is to protect _you_ against the government. If you then run around saying, "oh these people shouldn't have the protection we've got", you've lost the plot, because one day you'll be in the frame and people won't support you, they'll say, "well he's a geek, must be a bit odd, and the police aren't investigating for nothing.." Got it yet?
First they came for the animal rights extremists..
Why is it wrong for the police (Or CPS) to ask for files which they beleave are related to terror, or any crime, to be readable? I dont get why you people are complaining about this. If she is not guilty then the police are wrong. Happens all the time. That is why we have trials. If they are right, then they need the evidence. Why should she be alowed to hide anything from a legitamet investigation?
This place is worse than the BBC's "Have Your Say". At least all the bigoted crap over there is written by people who are barely literate. Exactly how "well-educated" to you have to be to start believing that this sort of police power is only ever used on those who somehow deserve it?
First they came for the Animal Rights Activists, and I cheered them on because Animal Rights Activists are all scum.
Then they came for the violent porn perusers, but I said nothing because I only download mainstream porn.
Then they came for the Muslims, but I said nothing because I am not a Muslim, and all these religious types are nutters.
Then they came for my neighbour, and I said nothing because he reads the Express.
Then they came for me, and I couldn't provide the encryotion keys and there was no one left to defend me.
I hope some of the above posts are sarcastic; this place seems so rational most of the time.
It's about time! Lame society, with it's "innocent until proven guilty" malarky! We don't need that. If the ruling junta tells the police to say she's guilty, then by God she's guilty! It's about time the general public realized that, and I'm glad to see so many here at the Register agree.
Napoleon was right - it's guilty until proven innocent. None of these civil rights around here! We don't need that kind of muddle-headed thinking. No! Not at all! We have declared that she is guilty, therefore she is! Courts? Don't need the damn things. They just get in the way of imposing our justice on others. Privacy? Pshaw! who came up with that silly idea? Nobody needs privacy is they haven't done anything wrong. Of course, we decide what's wrong. When we want. How we want. That's the way of things.
Peons. Know your place. Don't argue. She's guilty until we say otherwise. How else could it be?
I have no time for the Animal Rights nutters, but I object to the RIPA act and the way the authorities will probably use it any time they find a file they don't understand. I think the best approach might be to tell them you've sent the only copy of your keys to the Home Secretary and perhaps they could compel her to produce them or face two years in jail. After all, if they didn't exist in the first place then how do they prove you didn't do it and how does she prove she hasn't got them either?
OK, I thought it was a bit of a silly idea at first, but I'm starting to think differently.
I think it's time to put a program on your hard drive that creates files with random bytes (Linux users can just dd -(size) /dev/random foo). Create a bunch of files. Leave the program on the machine. Create some real truecrypt volumes with nothing much in them.
You can demonstrate that any one of the files could have been created by either truecrypt or that program. Can they throw you in jail for not revealing the encryption keys for a file that they can't possibly know for sure is actually encrypted data? ISTM that if they can't state as a certainty that file "c:\_d88t222.tc" is an encrypted volume, versus "c:\52_33jkav.tc", they're on pretty shaky ground.
You can stand in court and demonstrate creating random files, and you can demonstrate that there's no way to determine whether any one file is encrypted data or just noise.
For fun, write a program that analyzes the bytes in a random files for frequency of each byte, distribution, bit patterns, etc. Let's see if they want to say that they're throwing you in jail for having the hobby of analyzing random number generators for patterns.
"The virus encrypts its main code with polymorphic engine and writes itself to the end of the file."
"The worm has a dangerous payload. It encrypts all EXE files it can find in current directory and upper directories with a generated key"
These are only 2 worms which I have found so far. I seem to remember being infected by a worm last year which would encrypt your files then demand payment in order to access them.
So now when a user is infected by a virus/worm which uses encryption that user is at risk of a 2 year jail term?
As for all the assholes on here who has assumed the lady in the article is guilty shame on you. My grandfather fought a war not that long ago but we all seem to of forgotten why haven't we?
I hope she is prepared to ride out the two- or five-year sentence she could get for not handing over the relevant encryption keys. (Especially considering what she could get if she *did* hand them over .....)
It will be interesting to see how this plays out in the Courts.
Because she is innocent, at least until they prove otherwise.
It is the job of the police to prove someones guilt, not the other way around.
By your logic, they would have right at all the information in the world just because if we are hiding it then we are criminals and guilty of something.
There is things people do that they don't want to be public knowledge and as long as we are innocent we should have that right.
If this goes true whats to stop them inspecting anyone for no reason whats so ever, i mean we have nothing to hide so they should be allowed to stop and strip search people any time they want.
I agree that this is a potentially dangerous law, but do remember that it has only just come into force. Which means that it has not yet been subject to judicial review. Any competent defence will raise these issue, and if the police cannot answer the critique, there is a fairly good chance that the judge will find for the accused and strike the law down.
If the police actually CAN prove beyond all reasonable doubt that the accused did know about/use these files (which I doubt, but maybe it's possible), then I really don't see the problem with them demanding the keys under penalty of law. It's no different to demanding e-mails, financial reccords, or indeed any other form of evidence.
"You are no longer innocent until proven guilty, you are guilty unless you can prove your innocence."
Recte "You are all guilty, no one is innocent. Step this way, Comrade."
"Welcome, to 1984."
Welcome to 2007 and the continuation of NuLabour's program to create The New British Man. Just like the Bolsheviks in Russia trying to create The New Soviet Man, it's done by coercion because no persuasive methods have a snowflake's chance in hell of working.
.... what planet do you think you live on, since when have you really had rights, they are just an illusion given to you by the government to help you think you live in a democracy. Since when have we lived in a democracy? Anyone vote for the now current Prime Minister? Anyone making a difference on fuel prices?
Unfortunately we live in a society where the law is next to useless when tackling extremists within a minority group, so what can you do about it, technically nothing, so they can carry on as they please.
Don't get me wrong, I disagree with the whole issue of having to hand over encryption keys but at what point is it ok to carry on like that. Without intervention technology will make everyone grease proof, yes it would be nice to have rights, but if your a pedo and you've locked up all the evidence on your harddrive the police will not be able to touch and those involved will get equally frustrated about that fact leading to lacklustre for the job. It's a vicisious circle, somewhere we ahve to break, how I don't know.
Prehaps all protest groups should be registered with a member list, prehaps the groups should police themselves, weed out the extremists so that the more sensible protestors can distance themselves, who knows. Certainly none of you lot as I haven't heard of any suggestions on how this could be resolved, instead just moans about rights and personal privacy, all of which are important, but if you want to protect then start being proactive rather than reactive.
So in short it seems she is as bad as the extremists as I presume she has done nothing to stop or discourage the extremism within her ranks.
(reaches for flak jacket and runs at the door).
Since this basically boils down to the question of how to protect the accused against planted evidence, I might observe that this is hardly the first time this issue has come up before the courts. Any "new" form of evidence is subject to lengthy examination regarding its reliability and falsifiability before courts start to rely on it.
"yes it would be nice to have rights, but if your a pedo and you've locked up all the evidence on your harddrive the police will not be able to touch and those involved will get equally frustrated about that fact leading to lacklustre [sic] for the job" -- Rob
If you are a paedophile, then presumably you will go out at some stage and abuse a child (otherwise you would be merely a reformed paedophile). And *that* is the stage at which you deserve to get caught. I'm afraid that I cannot find anything objectionable in merely looking at pictures, especially if you keep them encrypted to prevent inadvertent access.
Pretending that there is a child molester lurking behind every bush, or invoking mediaeval superstition that equates looking at pictures with harming the persons depicted, will not make it so.
You've all been guilty until proven innocent for Speed Camera offences for years.
This is just the next, ahem, logical step.
The means of setting people up mentioned are no different to secretly borrowing the keys to a colleagues car from their desk, going for a quick burn up and down Scamera alley and returning the keys without them noticing. Or simply sharing the driving with your partner and then not knowing who was driving at the time of a so-called offence.
The difference is in the magnitude of the punishment, of course.
I'm aware that this is an unpopular solution (for good reasons) but...the concept of having an automatically generated back-up decryption key held in Escrow (not sure who could do that reliably and safely without involving gov't idiots) could come in handy here. Older software without this semi-backdoor would soon disappear or stop working on the latest OS so there would have been no need for this backwards Section 49.
Yes, it gives a backdoor to people you might not trust, but at least it stops you being thrown into klink for genuinely losing decryption keys!
Better yet, we get a decent gov't that revokes mind-blowingly stupid laws like this. However, I don't see that happening any time soon....
Human rights anyone? Not in this shithole of a country.
It makes me feel so good to see you guys chiming in that "even if the law is bad, it's good because she is a terrorist", based on being an "animal rights terrorist".
So, I guess you won't mind if they use the same law when they apprehend a "computer security activist", such as yourself, will you?
How about you start looking a little harder at where your sympathies are. Two wrongs doesn't make a right.
(Who is currenly removing TWO places from his travel lists)
What a conundrum ! Dodgy law versus animal libber. Lets face it she is not going to get a sympathetic hearing in this forum.
Looks like the authorities are trying it on as the correct RIPA process is not being followed. She really ought to hire herself a good lawyer rather than waste time posting on BBs.
The English legal system is supposed to be based on the presumption of innocence after all. Its just a shame that many who support the same causes as her cannot confine their protests to within the law. After all digging up bodies , pouring paint stripper over cars, graffiti, firebombs and all the other tactics used by some organisations in the name of animal welfare mean that most people are not going to support you when the authorities get down and dirty.
I haven't done a scan, but I'll bet there's a heck of a lot of encrypted bits on my malware-free computer, to which I don't have the key. I suspect that a worm-riddled hunk would be crawling with encrypted bits.
I do have several programs that have PGP signatures, and I could see some idiot thinking these were "encrypted data."
In the US, we have the assumption that you are innocent until proven guilty*. I guess things are different in the UK.
*Unless you're brown, bearded, shawl-wrapped, Islamic, pinko, Birkenstock-clad, librul, gay, bisexual, academic, smarter than a pet rock, unbaptized, Wiccan, etc.
If there is enough other evidence to implicate you, and get a subpoena, the police should just plant a keylogger. At least then they might get the keys, or real evidence. If it's a password, it's probably the same one they use for everything else, if it's a long key, it's probably in their hotmail account or on the USB key sitting next to the computer.
Demanding keys for files that may not be anything, then throwing you in jail for not decrypting something you may not have intentionally hid is very bad. Go into your temp directory, any file in there could be encrypted... so any file a cop thinks is encrypted, and doensn't open by double clicking, or isn't readable in notepad IS encrypted.
I hate animal rights people and vegitarians and envirofags and all those other wankers.
However the law is bullshit.
Guilty until proven innocent is now the standard in the free west.
At least the Chinese don't shit you about being a totalitrian dictatorships with capitalist leanings. They'll fucking shoot you for being a nuisance and charge the cost of the bullet back to your family.
Used to be police had to get evidence of your guilt, now you're just supposed to admit your guilty or go to prison.
"Please now give us the password to your file so you can incriminate yourself - if you do not we will arrest you for not doing so." Fuck off.
I'd rather live in an oppresive state that admited it then an oppressive state that spouts bullshit about being free whilst saying that the other guys should be more open.
This is a bad law with draconian consequences for ignorance.
I do not care what offence may have been committed, she is still innocent of any crime until such time as she is convicted in a court. As such, her rights are to be upheld.
This is the type of softener used to introduce such dreadful legislation, dont fall into the trap, because you are on the list.
They have already been for the animal rights activist .....
"The police are my enemy, I know that they have given information about me to Huntingdon Life Sciences (as well as hospitalising me),"
With paranoia like that, I think she needs Hospitalising. If she thinks the police have given over information about her to Huntington, then she should make an official complaint, but of course, there will be no proof to back it up except her rambling paranoia.
Almost forgot the bit about organized crime being targetted by RIPA, didn't we? So easy to drop the magic tourist sound-alike word into a media piece - and watch them cavemen go.
So how are we doing on organized crime? Record opium production from Afghanistan now. The drugs trade rivals IT in global monetary terms, so you'd think that busted organized crime gangs would be filling our prisons to overflowing. Big gangs? Nada. Little gangs? Zilch. Any gangs at all? What's the point of laws which don't work?
Can one begin to calculate how many lives are lost in the UK directly and indirectly from organized crime and its stock in trade of drugs? How does the number compare to lives lost from terrorists? You don't really need to someone to tell you, do you?
BTW, in England a copy of the audio record of police interviews of people arrested has to be made available to the persons concerned. Granted that in many instances copies of evidence cannot be made, so someone has to take custody of the unique items concerned. Given that a hard disk can be cloned in a matter of minutes, why should a suspect whose computer has been detained not get a copy of the hard disk which is made at the point of arrest? A further copy could, and should, be lodged with the Court. It would save a lot of time and money in the long run.
Besides the major human rights issues this law has insurmountable pragmatic flaws. Consider TrueCrypt's hidden volume functionality, where one volume is embedded within another. You enter one key to get the not-so-secret volume, and another to get the so-so-secret one. Unused space in truecrypt volumes is random, and indistinguishable from a hidden volume.
Scenario 1) You are insufficiently paranoid, informed, or guilty (or whatever mixture) to use the hidden volume feature. How the _hell_ are you supposed to prove there isn't a hidden volume? You can't: it's impossible.
Scenario 2) You are sufficiently paranoid, informed, or guilty (or whatever mixture) to use the hidden volume feature. How the _hell_ are they supposed to prove there is a hidden volume? They can't: it's impossible.
In the end, they are going to have to sanction torture ... aren't they?
From a practical point of view: did nobody mention that the file might be named 'Contacts and plans' in a folder named 'Avenging the animals'. Not 'aaaa4423' or 'Me and Jim, naughty weekend in Paris'.
And anyone ice cold towards the activists should go get themselves involved in a yummy toxicology test. See if your opinions mellow after a couple of weeks.
Which would probably be Sony BMG, or possibly Microsoft, or the RIAA, or the MPAA, or IFPI, or Apple...
Here's a law that has so many glaringly obvious flaws that astronomers on distant planets will be recording an apparent Galactic first in some years - a planet going nova, instead of a star.
As for the animal rights terrorists - lock them up with the animals they claim they love. That's not a punishment (of the humans, anyway), it's just being a caring person.
According to Scott Charney at Department of Justice, US citizens can plead Fifth Amendment as justification for not revealing encryption keys. For those in the UK, the Fifth Amendment protects Americans from being forced to incriminate themselves. The state is supposed to find evidence to build a case, not force people to dig themselves a legal hole.
Too bad Britain doesn't have a written constitution, eh?
Of course the US may now have some anti-terrorism executive order which somehow does an end-run around the Fifth Amendment, for all I know.
here's a top secret list of Al Queda operative, encrypted using GPG with a symmetric key and uuencoded to make it text form.
begin 644 al-queda-list.gpg
so, what will happen if this list is published?
"Animal rights terrorists have no such excuse, they just woke up one day and decided that cancer and Parkinson's were awesome things to have."
Complete and utter b******s, maybe some of us decide to eat properly, not smoke, not drink to excess and get some exercise.
Other people meanwhile drink to excess, smoke tobacco and drugs, eat rubbish and then expect scientists to experiment on animals to find a cure for their self made ills.
I don't need some selfish scientist making dogs smoke and then cutting them up to tell me smoking isn't good for you.
"Just because she IS an animal rights activist does NOT make her a VIOLENT animal rights activist until she is found guilty of such."
So It's alright to be a non violent one but to support those who are? I may be biased against them, but that doesn't mean that they aren't granny digging up, violent terrorist scumbags who intimidate often innocent people/companies.
>Let's be perfectly clear people who value the life of animals above that of humans are scum.
It's amazing that people have such an issue with veggies, etc - is it because people are able to make a conscious decision (usually not driven by religiion) to believe that something is wrong?
As to the value of an animal over a person (And I'm going to make a big assumption here, but somehow from one line you type I can tell the sort of person you are).
YOU could contribute a mere pound a day to a charity and contribute to saving lives around the world - do you ? You could forgoe a new tv/phone/tech upgrade and give that money - do you ?
Think about your miserable, opinionated life and the fact that you ACTUALLY put your convenience over other human's lives.
>You're all saying she might just be in the placard waving (or garden) variety of activist. Then why are the police going this far to investigate her?
I would imagine it's to ascertain, having been given a reason to suspect, whether she is the terrorist type or not.
I think that's the meaning of the word 'investigate'.
Thanks to the person who paraphrased the famous Niemoeller poem (first they came for..., but I wasn't a ...), as I was just in the process of doing that.
The double standard hypocrisy of some posters here is just stomach-turning.
Mike (carnivore who still thinks animals deserve humane treatment, whether extremists give that cause a bad name or not)
If lots of people go and store a random data file somewhere in their disk, then anyone having such a file in their hard drive can claim it's just garbled data, like the files lots of people have on their machines.
Investigators can only claim her files hide something because it's not common to have files that look like that for no reason at all.
Now, about here, just put her in a cage with a hungry polar bear for a few minutes.
1. Given a number of bytes, provided you XOR them with the right key you can make them represent anything you want. What's stopping her from providing a 2k long sequence of bytes that when XOR'ed with the data, produces a picture of a puppy? How do you prove that the decrypted data is an accurate representation?
2. If you kept the only copy of the decryption key on a memory stick and then destroyed the stick, could you be still be prosecuted?
The plod must have been watching some TV re-runs.
Prime Minister: Who does know?
Bernard: May I just clarify the question? You are asking who would know what it is that I don’t know and you don’t know but the Suspects know that they know that they are keeping from you so that you don’t know but they do know and all we know there is something we don’t know and we want to know, we don’t know what because we don’t know.
(Sorry for the paraphrase.)
Such a law is definetly useful in fighting TERRORISM -- by this I mean violent acts against the State or the population at large. You know the usual bombing - poisoning - killing (or planning to kill) 10s - 100s - 1000s of people.
Not for protesting animal research or even impeding research - yes if property damage or injury ocurrs they need to be prosocuted.
But defining such acts as TERRORISM only serves to muddy the water and dilute that word TERRORISM. TERRORISM is some serious shit not some boobs hoping to free some lab rats.
As someone else mentioned -- allow enough dilution and government over-reaching ( El Presidente Bush ) and next thing you know posting annonomously become a crime. The only solution here is for everyone to place encrypted files on your computers and toss out the keys .... they can't arrest everyone.
By the way I am a member of PETA ( People Eating Tasty Animals ).
On your request to hand over passphrases please try the following:
...insert random script to pump out millions and millions of pages of garbage...
If those do not work, please inform me and i will try and generate a few more from my mind.
This needs massive High Court retaliation.
I understand now why people are leaving the UK in droves (they are, don't argue, go look it up).
Wonder when open civil war will break out there? Or has it already and its just kept out of the news?
Oh - and to the people bucketing Animal Rights people. Yes they are extremists. No a world without them does NOT deserve to survive. Go look at what gets done to the bears in China, then go "Hmmm, maybe a medicinal nuking wouldn't hurt after all.....".
I've had some exposure to "technical capabilities" of various agencies. (US, not UK, but they recruit the same type of people.)
I wouldn't be surprised if they are looking at the WIN386.SWP, or maybe some files in the recycle bin. (If you don't use the recycle bin to look at them, they have apparently garbage names. It's done so you don't accidentally 'find' a deleted file with a search.) Then again, it could be some leftover temp files or something.
I remember several years ago when an agent was in a local office supply store to get printing samples from the various printers. He was rather freaked when I pointed out that most of the inks and toners were made by only a couple of companies, and the fonts they printed were software based and could not be used like the old typefaces of typewriters for identification.
As to whether I agree with this ladies actions and affiliations. From what little I've read, probably not. It still doesn't change the fact that she has rights and should be treated fairly. The ends Never justify the means. If those tasked with upholding the law break or otherwise corrupt it, they should be dealt with immediately and harshly.
(Now if our own justice department would recognize that and deal with the out of control hedge on penn. ave in DC... Along with shotgun-dick.)
"Let's be perfectly asinine and senseless, people who value the life of animals above that of humans are scum. "
Since when are humans not animals? Is there any meaning to your sentence? We are domesticated primates, and nothing more!
I think we should start calling animals humans, and humans, animals, to avoid further confusion, and to shake-up our robotic minds. This is also my thought for changing the dynamic of the race issue. I'm known to say, "This white friend of mine..." (which is something that you don't ever hear from 'white' domesticated primates, whereas even the most so-called 'open-minded', 'white' humanoid-person can be heard to say, "I have this black friend who...". It also helps to refer to myself as a 'black' person, though my skin tone is closer to white than black.
Animal rights protesters promote the idea that all animals deserve rights - non-humanoid animals included!
These groups provide a voice for this cause, for people who have no voice, which is a fairly noble, if sappy, cause. The central idea is probably something like "animals who exhibit personality should be considered persons." My feeling is that I meet many non-humanoid animals who demonstrate more personality than some/many people I've met. In the same way, most humanoid animals I meet are as irritating and inept as most non-humanoid animals I meet. Actually, the percentage of non-domesticated-primate-animals I meet who are kick-ass in proportion to their capacities is higher than the inverse.
As far as the actual case is concerned, the suit against her sounds preposterous, though I imagine that she probably knows full well how to decipher the files.
Parkinson's isn't self inflicted, you cretin, and neither are most cancers. You can get either without ever having smoked, imbibed alcohol or eaten red meat and having exercised every day for your whole life. And the same goes, for that matter, for a whole plethora of other debilitating or life-threatening diseases and conditions - for which we wouldn't have the cures if they hadn't been tested on animals.
Scientists don't do it for a laugh, you know.
Section 29 Magna Carta reads:-
XXIX. NO Freeman shall be taken or imprisoned, or be disseised of his Freehold, or Liberties, or free Customs, or be outlawed, or exiled, or any other wise destroyed; nor will We not pass upon him, nor condemn him, but by lawful judgment of his Peers, or by the Law of the Land. We will sell to no man, we will not deny or defer to any man either Justice or Right.
Has now been repealed thus by this law !
Oh well the twin islands of the long white cloud where the fierce painted local males wearing grass skirts have such a strange greeting custom is now looking like a very inviting place to live as it has no relative strategic value or large resources worth stealing from either ! :(
If you had seen the motley crew that protested through Huntingdon town centre on Saturday, you would want them all locked up regardless.
People from out of the area come into MY home town, create more litter and mess than is created in 6 months in the town centre and car parks, are unwashed and stink, have the gaul to abuse the residents of the town because of the name of a research facility that is not even in the town anymore (10 miles outside of it in a village!) & generate a full scale police presence (that my flipping council tax will be raised next year to pay for!).
Stick all the tree huggers in the research labs and test the stuff on them.
If it wasn't for research carried out on animals in the HLS labs, 2 of my 4 kids would not be alive now & nothing else matters to me on the subject.
No doubt the encrypted data holds information on how to make car bombs and disrupt the innocent residents of Huntingdon.
These protesters don't give a crap about anything really. If you had seen the emissions coming out of some of their vehicles, you would have thought they had 40 Beagles smoking in the back of them.
For all of you who have forgotton, man IS an animal. Therefore, why should we not force humans to smoke cigarettes before being killed and cut up? What's the difference? Humans simply believe they are superior than OTHER animals and therefore give themselves special rights they deny the other animals. Is this in anyway logical? Of course not. Unless you put a religious slant on it, we are a product of nature and Darwinism. Natural selection and all that in the same way as every other animal. So, why should we be special?
I like a nice bit of dead cow/pig/lamb etc. I eat a lot of meat. Nothing wrong with that, so do tigers etc. The difference is, I eat it because I have to eat, not because I want to do it for no reason. Therefore, in my view, researching on animals is justified where we are trying to stop something we haven't brought upon ourselves. However, when it is self-inflicted, we shouldn't. Therefore, if people want to research on curing smoking related cancers, they shouldn't as rather than fixing the disease, the answer is simply not to smoke and cause it in the first place!!
How many of us have encrypted something with a super long, super safe encryption key only to forget it?
I have a 4GB truecrypt file on my personal hard drive that has hoardes of data that I wanted to keep private, do you think I can remember the password to it?
Would that mean id go to jail?
Steganography is the way forward people :)
"Therefore, if people want to research on curing smoking related cancers, they shouldn't as rather than fixing the disease, the answer is simply not to smoke and cause it in the first place!!"
Yes, that's of great help to all the people with lung cancer that they developed due to starting smoking in the 50s, 60s and 70s when even doctors were telling you it was healthy.
And what about lung cancer caused by second hand smoke? Or other airborne toxins unrelated to cigarettes? "Smoking related cancers" are the same as certain non-smoking-related lung and throat cancers.
Don't be so simplistic.
Someone suggested that this law is an incentive to develop legitimate encryption protocols that store the keys with a trusted excrow agency so that, given warrants/court orders/other legal compulsion, the trusty officers of the Law can access encrypted files.
All well and good if you can find the mythical "trusted escrow agency" which, given the current regimes' willingness to legislate to decrease the amount of oversight needed to obtain previously confidential data, becomes less likely with time, not more.
And apart from that, the offense is "refusing to disclose the information/key" depending on the Section: you would still be vulnerable to prosecution if some Trojan/Worm/Virus/Content provider had dropped encrypted data on your drive without your notice. There will always be non-escrow encryption packages, because of the untrustability of the escrow agency, used for nefarious and innocent (but criminalised because of the use of an unapproved encryption regime) purposes, and the authorities will point at these and accuse you of having used those. How do you prove you didn't?
It wouldn't be quite so scary if any judge in this country (I actually still pretty much trust the judges) had the technical nouse to be able to say: "The prosecution has to prove that the file was knowingly encrypted by the defendant, because there are any number of means by which a file that looks encrypted could have been deposited on the equipment where the files in question have been discovered."
The burden of proof in criminal cases is heavy and rests upon the prosecution's shoulders. The RIPA provisions for key recovery will only be any use in opening files from sub-competent conspirators/actors. Any organisation which thinks about its infosecurity will be proof against prosecution under its terms.
So obviously this legislation exists only to harrass petty criminals and the innocent but inconvenient.
I don't really believe anything an animal rights terrorist has to say, so I don't believe that she doesn't have the PGP keys to decrypt the excel files listing the names and addresses of all the people they have attacked or are planning to attack over the next few months who work at animal testing labs.
Personally (other than the odd mp3) I don't have anything on my PC, in the millions of files that have built up on my hard drives over the years, that would incriminate me, so I dont actually have any doccuments encrypted, but if I did, and the police were requesting access, then I would grant access to them to prove my innocence.
The company I work for (which has nothing to do with animal testing) was once contacted by another company who do animal testing, and asked to tender for some work (we provide business services.) Almost immediatly the death threat answerphone messages started on us (even though we have nothing to do with animal testing at all) .... so we quickly decided to have no contact with the testing company again...... loosing us business and money. These people really are sick wierdo's who need locking up.
Anon post as some of you know what these animal terrorists are capable of
Let's say you hear about this neat application called PGP and want to try it out. You download and install it, try encrypting and decrypting a few random files - neat. Only you forget to delete the encrypted files afterwards.
A year or two later, the police seize your PC, find the encrypted files, and use RIPA to demand you hand over the keys. Of course, you forgot them shortly after you created the encrypted files, which you'd forgotten were there in the first place.
When the Nazis came for the communists,
I remained silent;
I was not a communist.
When they locked up the social democrats,
I remained silent;
I was not a social democrat.
When they came for the trade unionists,
I did not speak out;
I was not a trade unionist.
When they came for the Jews,
I remained silent;
I wasn't a Jew.
When they came for me,
there was no one left to speak out
Except I invoke "Mob Rule"
- I propose that "Anonymous Coward" is a terrorist and an Animal Activist so we should vilify him/her/it from now until eternity. Who's with me?
PS RIPA makes both a sysadmin and a security professionals role very uncertain. always remember to document and log everything you do through your helldesk system or you could be held responsible for unauthorised access of personel/private information or downloading illegal content.
to an animal rights activist, I'm one of the founder members of the Vegetable Liberation Army. Our remit is to show people how horrendous our treatment of the vegetable kingdom is and how the animal kingdom can
a) run away
b) fight back
c) look cute
d) look too disgusting to eat
whereas the humble carrot has to just lay there and take it while you
a) pull it out by the "hair"
b) Skin alive
while you are unable to hear the vegetative screams.
Save the carrot! Eat a vegetarian (e.g. cow)!
But RIPA is still a crap law and any exercise must and should be taken that will kill this law dead.
"I would grant access to them to prove my innocence."
The point, that you're obviously missing, is that you shouldn't *have* to prove your innocence, the authorities should have to prove (beyond reasonable doubt in front of a jury of people like you) that you are guilty.
This law will have a very poor ratio of [convicting the Guilty] to [harrassing the innocent] (where "harrassing" could be as serious as wrongfully serving years of jail time), unless our judges (and defense lawyers I suppose; it's their job to obtain the services of persuasive expert witnesses) are on the top of their very limited technical game.
Those saying that civil liberties should apply to all, otherwise they apply to no-one, are of course entirely correct. In principle. In principle, being on fire is a very painful way to die, and pain and death are bad. Nonetheless, I would not piss on an antihumanist if I found them burning in the street.
Somehow this one little moral inconsistency I hold doesn't keep me awake at night.
Ok... you have a truecrypt volume within a truecrypt volume on your hard drive. Deniability right? Ha! Nobody can PROVE that I am using it! Get out of that, plod!
Ok.. so the plod uses another part of RIPA and pulls your web logs, and we see something along the lines of:
1195127932.213 - a.b.c.d http://www.google.com/search?client=firefox-a&rls=org.mozilla%3Aen-GB%3Aofficial&channel=s&hl=en&q=truecrypt&btnG=Google+Search GET 22048
1195127942.459 421 a.b.c.d TCP_MISS/302 404 POST http://www.truecrypt.org/download.php - DIRECT/220.127.116.11 text/html
1195127953.507 11023 a.b.c.d TCP_MISS/200 1567639 GET http://www.truecrypt.org/downloads/transient/556f51e92a/truecrypt-4.3a.zip - DIRECT/18.104.22.168 application/octet-stream
1195128954.314 - a.b.c.d http://www.google.com/search?client=firefox-a&rls=org.mozilla%3Aen-GB%3Aofficial&channel=s&hl=en&q=how+to+hide+a+truecrypt+volume+in+a+truecrypt+volume&btnG=Google+Search GET 22048
...and also a lot of posts on various forums that have been accessed by your IP bragging about how you have this wonderfully secure and deniable encryption system in place.
I think that might be enough to raise reasonable suspicion about that 'random data' on your drive, and for keys to be demanded.
You want to know what someone is thinking, look to see what they ask Google for.
You've missed the point.
Plod ask for the key to your "hidden" volume, you say it's "apogf784tb784tg" or whatever, they go "Oh, looks like that's not the key!", you go "I don't have a hidden volume."
Repeat ad nauseum.
(You could argue that by refusing to provide the key to *A* hidden volume (which you may or may not have; deniability, again), you're breaching RIPA again. Doubt it would stick, though.)
it seems to me that accessing encrypted data by "the authorities" is conceptually akin to searching your home, for which they usually need a warrant. People don't seem to be all up in arms about search warrants, so perhaps that is an acceptable model that should be used in cases such as this - ie: "the authorities" have to convince a judge that they have due cause to look at the encrypted data, and get a warrant. This would be better than just having the power to demand access to any encrypted data they come across during an investigation.
However, they probably obtained the computer in question under the auspices of a search warrant, and so one could argue that that warrant implicitly grants them the right to the encryption keys. After all, if they have a warrant to search your house, and find a locked cupboard, they have the right under that warrant to ask you to open it, or force entry themselves. With modern encryption, forced entry is not an option.
Of course search warrant procedures are not perfect (nothing is), but an interesting point of view on this, no?
The underlying problem is one with which philosophers have been wrestling since the dawn of time: two wrongs don't make a right.
Experimenting on animals is wrong. Committing violence against HLS staff, even though they experiment on animals, is wrong. And demanding encryption keys, even from people who might have information pertaining to violent acts which were wrong in spite of being committed against animal-experimenters, is wrong.
Whomever designed this idiotic law is woefully short-sighted. Many encryption products, TrueCrypt being one of them, support plausible deniability for just this reason.
> Create a TrueCrypt partition. Put some secret but harmless files in there - bank statements, passwords, that kind of thing.
> Create another TrueCrypt volume hidden at the end of the outer partition. This volume is designed to start from the opposite end of the volume. Because TrueCrypt encrypts unused spaces with a random seed, the volume is impossible to distinguish from unused space on the outer volume.
> For added secuirty, use something like BartPE to create an OS that you can boot from a USB key. Make sure you only ever unlock the hidden volume after booting from this, so you don't leave any forensic traces in your main OS.
> RIPA request? Certainly officer. Here's the passphrase to my TC volume. Plausible Deniability? Never heard of it...
Why the hell did they bother? It's not going to have the slightest effect on anyone who knows how to keep their stuff really hidden.
So, now the police don't even need to plant any physical evidence, beat out a confession or rely on fake witness reports to set someone up! The police take your computer, upload some encrypted rubbish and - hey presto - instant convicted 'terrorist'.
Even worse, remember the recent cash for questions inquiry? What would have happened if an anti-Labour activist had uploaded encrypted files called 'TBs list of Labour donors and honours' onto someone's PC?
The difference between encrypted files and physical locks is that there isn't a physical lock that can't be broken. If you don't have the key for a lock-up registered in your name, the police can either get a copy or break in. That way they can find out whether the lock-up is being used by you or not. With encrypted files this is not the case,and so there is no way for you to prove that the file is not yours.
A more accurate analogy would be plod getting a warrant and raiding your home, and not finding anything incriminating except an empty bedroom. Then demanding you tell him the magic word that would make that invisible stash of lovely incriminating evidence stored there appear. And locking you up for two years for failing to do so, because you must be lieing when you claim "There's nothing in there! It's just an empty room, honest!" How on earth are you supposed to prove you don't know something?
'Yes, that's of great help to all the people with lung cancer that they developed due to starting smoking in the 50s, 60s and 70s when even doctors were telling you it was healthy.
And what about lung cancer caused by second hand smoke? Or other airborne toxins unrelated to cigarettes? "Smoking related cancers" are the same as certain non-smoking-related lung and throat cancers.
Don't be so simplistic.'
I wasn't trying to be simplistic. I know there's a lot of grey areas. I was simply making a general point that we shouldn't use animals to fix something we bring upon ourselves. As to the 50s, 60s and 70s and what doctors were saying. If anybody seriously believes breathing in large amounts of smoke deliberately is ever going to have anything but a bad effect on their health, they deserve everything they get. I don't care what doctors say. I have never smoked for the simple reason that logic says it is unnecessary and more likely to be harmful than not. Therefore, don't do it. That's not to say I support the Nazi anti-smoking laws now enacted in this country. Personally, I would let people do anything obviously stupid at their risk. I simply wouldn't try curing it.
If someone wants to die doing something stupid, that's their choice. Bring back more Darwin I say.
Come on.... shes an animals rights terrorist... lock her up for that, not for the files! :)
I hope while they are playing this "give us ur keys" game they are running a brute-force attack to guess the password... she's not that bright, I doubt her password is anything more complicated than "fluffy bunnies"...
"For those in the UK, the Fifth Amendment protects Americans from being forced to incriminate themselves. The state is supposed to find evidence to build a case, not force people to dig themselves a legal hole.
Too bad Britain doesn't have a written constitution, eh?"
The fact that we don't have a written constitution doesn't mean that we don't have protection roughly equivalent to the 5th Amendment. Article 6 of the European Convention on Human Rights enshrines the right to a fair trial, and case-law has specifically indicated that the right to silence/not to incriminate yourself are important aspects of this right.
I haven't followed the details of the RIP act, but it would seem prima facie that this would be a strong ground to challenge any convictions for failing to provide encryption keys.
My system is ready for inspection day and night. The entire drive is encrypted. If state sends me to jail for being unable to crack it, I shall happily serve my time wasting taxpayer's money.
Two years should permit me to plan a fairly effective retribution, which will target politicians and law enforcement with a level of violence proportional to their violence against me.
I'm not joking. If state crosses me, I will accept its challenge. I don't want to, but backing down would be unethical.
It'd be fun to make a text file with random characters in it, name it "jihadist_operatives.pgp" call in an anonymous tip about yourself, then slap the police around when they try to order you to give them the key for a file that's not actually encrypted. If you waste enough government resources making them chase this crap down, they'll see the law is ridiculous.
When idiots trot out the "if you've nothing to hide you have nothing to fear" argument. What a ridiculous statement. I am not a drug smuggler and therefore have nothing to hide at the airport but I think the intrusion of having my body cavities searched every time I pass through the airport would be something to fear. But if I were to object, out comes the old "well if you have nothing to hide you have nothing to fear argument". Of course innocent people can have something to fear when a law is bad. Mistakes can be made, or do you think the police are all perfect and infallible? Laws created in haste for one purpose can be misused to the detriment of the innocent as well as the guilty. For goodness sake come up with something more intelligent than "if you have nothing to hide.."
(3) For the purposes of this section a person shall be taken to have shown that he was not in possession of a key to protected information at a particular time if—
(a) sufficient evidence of that fact is adduced to raise an issue with respect to it; and
(b) the contrary is not proved beyond a reasonable doubt.
So if they can't prove you knew it, your safe surely? Put's paid to the theory of uploading files to other peoples computers.... with any luck....
Section 53, Sub Section 3, Paragraph B
<< Mistakes can be made, or do you think the police are all perfect and infallible? Laws created in haste for one purpose can be misused to the detriment of the innocent as well as the guilty. >>
Certainly the police aren't perfect and infallible. Some of them are incompetent; some are corrupt. Most, though, are just men and women trying to do a job that they still just about believe is worth doing, even though the population for whom they're trying to do it increasingly seem to think otherwise. But what the police *don't* do is make law. They merely enforce it, as they're sworn to do. That's not to say that at high levels they don't have an influence - but bodies like ACPO are still a world away from the standard street copper, who generally has less political weight than Mr or Ms Average-Citizen.
Those who genuinely believe that the police are all deeply involved in some great Orwellian conspiracy might do well to peruse some of the numerous UK police blogs out there. Perhaps they'll show you that many of the police are just as frustrated by (and even worried about) new laws like this one, and that there'd be more than one copper breathing a sigh of relief - for just the same reasons as any of us - if this law *were* to be overturned.
You quoted my << Mistakes can be made, or do you think the police are all perfect and infallible? Laws created in haste for one purpose can be misused to the detriment of the innocent as well as the guilty. >>
and then went on to imply I was saying the police are all "out to get us". If you read the whole of my comment again rather than a selected part, I am pointing out that it is a bad law that can be abused whether by design or accident. The police are paid to uphold the law and I support them whole heartedly in that difficult task. However, I am against laws that are plain wrong and counterproductive, as I am sure would be most of the police. If this woman is a terrorist (and I don't know if she is, any more than any of you do) just look at the public platform she has been given to air her unpalatable views because of the application of this law.
It is only because there is new technology that anyone is getting upset about this law. Unless you believe that everyone should be entitled to conceal information from the police with impunity we need a law like this. Otherwise evidence cannot be obtained except at excessive cost (perhaps needing a lot of time and a super computer to decrypt) or at all.
The risk of encrypted files being planted and then an innocent person framed is of a similar order to the risk of other evidence being planted. It exists. Yes, care will have to be taken because it is easier to plant a file than physical evidence. However, in this case, the animal rights woman rather gives the game away when she says: "Funny thing is PGP and I never got on together" implying she knows all about PGP and has used it in the past.
If the police seek a search warrant to go through someone's papers the fact they might find correspondence with solicitors or embarrassing love letters would not be a sufficient reason to refuse the warrant. What is so special about keeping information on a hard disk?
"So, now the police don't even need to plant any physical evidence, beat out a confession or rely on fake witness reports to set someone up! The police take your computer, upload some encrypted rubbish and - hey presto - instant convicted 'terrorist'."
If the police were actually trying to plant something on you to make you look like a terrorist why would they try and do so by putting a fake encrypted file on your hard drive, why would they not just stick a word doc on there titled "My plan to blow up some airport.doc" or why not just plant some good old fashioned drugs and explosive in their house
... wouldn't she be obstructing the course of justice anyway, or something like that? Not sure of the penalty on that, but I suspect it's lesser?
Better uninstall WoW then... who knows what The Warden is doing...
Does sound a rather unsafe law - especially if it does get applied in the case of the key being unobtainable. In which case, would you need to try and hack your own files, should you have lost the key? (I know of numerous times people have forgotten passwords to things).
I really don't get these violent activists. Humans are animals too... and if you're harming animals (of any variety), isn't that completely defeating the point? Or would that logic cause a buffer overflow in their poor minds?
If it was someone who belonged to organizations that didn't go around threatening the lives of people in 'my' industry and destroying our property then I might have some sympathy for her plight, but knowing what I know about the majority of these "peaceful (what a laugh) activists" I can't say I would be sorry to see one get smacked with the law.
Can we not have one law for the guilty and another law for the not yet guilty
Can we also have an icon to indicate "This message is in code and anyone who doesn't clear their browser cache immediately is going to prison"
NB - clearing your browser cache regularly is regarded as suspicious activity and will result in your going to prison
Animal rights activists don't seem to understand that these animals aren't some sort of pet that was stolen away in the night... They are bred and raised for this, at great cost mind you. But hey, if you want to stop animal research, just stop buying the products and using the services that were developed and proven to work through it... So no bypass surgeries, no modern medicines, etc etc. Go ahead, put your lives where your ideals are. (Sorry, PETArds et al really cook my goose)
the police *already* had enough of a case to get a warrant to enter this nutball's place to seize her computer! This wasn't some random fishing thing. A judge already reviewed enough of the case to say it was okay for them to physically breach her residence and seize hardware!
Which means they have enough already to demand and expect decryption keys. The procedure, as established long ago, was followed in the best tradition of balancing suspect's rights with protecting people from criminals.
Or should we do what you socialist bleeding hearts want and never arrest or search any criminal's home ever?
And to a few of you morons-America's 5th amendment *DOES NOT APPLY* to the rest of the world! Go back to your caves or sweatshops or wherever you're based out of, RTFA before seeding forums with your propaganda and messages.
What we need is the ability to create a trojan passphrase. Give *THAT* to them, and the program spits out random text, while doing a secure erase on the entire drive. This is probably easier (but not as much fun as) firing a thermite charge to slag the drive.
Data? What data?? What did you *DO* to my machine???
Anonymous, for the obvious reasons....
Perhaps all of you 'anti-animal-rights activist activists' will get the next visit...
"First, they came for the labor unions but I wasn't a labor unionist, so I didn't speak up. Then they came for the Communists but I wasn't a Communist, so I didn't speak up. Then they came for the Jews but I wasn't a Jew, so I didn't speak up. Then they came for the Catholics but I wasn't a Catholic, so I didn't speak up. Then they came for me, and there was no one left to speak up." - Pastor Martin Niemoller
Get a clue and get the point -- this may be the first government demand for encryption keys, but you can be bloody sure it won't be the last.
It is like saying, "you can use encryption as much as you want, but if we (the government) decide we want to see something, you'd better fork it over."
It would be more honest if the government simply outlawed encryption like several other countries -- instead of changing the law on a case-by-case basis.
Move along now, we have a lot more children to fingerprint and DNA record... Welcome to the UK -- Best Police State outside America -- or maybe better.
The UK government is going to deprive honest an law-abiding citizens of their liberties while criminals can carry on theirs businesses as usual, with just a little software upgrade.
Free software like TrueCrypt http://www.truecrypt.org/ can conceal encrypted material in a way that prevent its detection.
In case the Police forces you to reveal your password, TrueCrypt provides and supports two kinds of "plausible deniability":
1. Hidden volumes. The principle is that a TrueCrypt volume is created within another TrueCrypt volume (within the free space on the volume). Even when the outer volume is mounted, it is impossible to prove whether there is a hidden volume within it or not, because free space on any TrueCrypt volume is always filled with random data when the volume is created* and no part of the (dismounted) hidden volume can be distinguished from random data. Note that TrueCrypt does not modify the file system (information about free space, etc.) within the outer volume in any way.
2. It is impossible to identify a TrueCrypt volume. Until decrypted, a TrueCrypt volume appears to consist of nothing more than random data (it does not contain any kind of "signature"). Therefore, it is impossible to prove that a file, a partition or a device is a TrueCrypt volume or that it has been encrypted.
FreeOTFE http://www.freeotfe.org/ also offers similar features.
Off-the-Record (OTR) Messaging, http://www.cypherpunks.ca/otr/ offers true deniability for instant messaging.
TrueCrypt http://www.truecrypt.org/ provides an "aleatory" defence against RIPA, and, indeed, against any similar legislation. This defence works because TrueCrypt makes encrypted material indistinguishable from pseudo-random data. And before the authorities can insist that you hand over an encryption key, they would first be obliged to prove to the satisfaction of a court that you were in possession of encrypted material. Depending on how TrueCrypt is set up it might be obvious that you have some pseudo-random data in an atypical location on your computer, and you might well be asked how it got there. Now, there are many computer processes that produce pseudo-random data, and you are not obliged by the legislation to account for the origins of every file on your computer that contains such data given the tens of thousands of files on the average PC this would be an impossible task. However, TrueCrypt can also provide you with an excellent and highly plausible reason as to why you possess such a file of pseudo-random data irrespective of where it is found.
Off-the-Record Messaging, http://www.cypherpunks.ca/otr/ commonly referred to as OTR, is a cryptographic protocol that provides strong encryption for instant messaging conversations. OTR provides perfect forward secrecy and deniable encryption.
1. Perfect forward secrecy: Messages are only encrypted with temporary per-message AES keys, negotiated using the Diffie-Hellman key exchange protocol. The compromise of any long-lived cryptographic keys does not compromise any previous conversations, even if an attacker is in possession of ciphertexts.
2. Deniable authentication: Messages in a conversation do not have digital signatures, and after a conversation is complete, anyone is able to forge a message to appear to have come from one of the participants in the conversation, assuring that it is impossible to prove that a specific message came from a specific person.
If we go significantly more towards a 1984 style thing, who's going to revolt? Do we have a plan?
Just wondering - at the moment it could go either way but at some point the only option may be to take more serious action than protesting, and if that is the case, we should be organised.
directly from the miscosoft readyboost developer page:
"ReadyBoost also encrypts the content for use only on the PC system where the data was generated"
so if your readyboost enabled machine gets confiscated do you automatically get 2 years because you can't provide the decryption key for the readyboost cache file?
But M'Lord, the police have confiscated all my records and my computer, I no longer have access to the material they're requesting and in any case they already have said material.
Another defence would be to claim legal privalage, making the documents exempt from searches. Although I don't know how well this one holds up anymore, it used to be a pretty powerful way to get things exempted from search and siezure.
As for people who think this law sucks, it does. It's also beyond the point of debate as it's law now, I suggest double blind encryption and passphrase generation combined with obfuscation to the point of a single message containing many red herring messages, any of which could be the real message.
Soon enough the thoughts in our ownheads won't be private and wil be subject to intrusive orders.
I love the Reg, I've been reading it for years and it's always my first port of call when I roll into work and log on to the interweb. But when did it become a hate-fest for the right-wingers?
In just a few weeks we've had:_
people saying Menezes deserved to die because he was a foreigner and working here illegally, and thus brought it on himself. And that the Police can do no wrong.
people saying that it's perfectly alright to taser a confused and frightened man to death in full view of the public, that he brought it on himself for being upset, and that the Police can do no wrong.
and now, that someone you don't know and have never met must automatically be guilty because she believes in animal rights and has some encrypted files on her pc, and because she's a bit of a fruitloop. So what? she's a paranoid fruitloop, but she still has rights. But apparently these days it's ok just to point the finger and watch someone being dragged away to gaol or a possibly violent end because you don't like them or what they believe? There's a word for that, well, several actually. The only thing that the girl doesn't have against her is that she's not a Muslim; if she was she'd probably be dead by now "She behaved in a threatening manner, sarge, she was going for a comb-like weapon" "that's ok PC Dimbleby, have a promotion and we'll cover up for you like we always do"
Just what is wrong with you people that you assume that anyone the Police accuse or even look at is automatically guilty and don't deserve any rights? Call yourselves British? You should be ashamed, you're being like the cowards in Nazi Germany who denounced people for being jewish/gay/socialists/whatever. Thank heavens I'm heading out of this country in a few years, you deserve to live in a society like that, I don't.
These appalling comments from supposedly intelligent people are really making me feel ill and I'm seriously thinking of abandoning the Reg. I appreciate that the Reg believes in free speech even if it's not something that agrees with it's editorial line, but some of the things that get said are bang out of order and belong on BBC HYS or similar hate-forums for t@ssers. I've banged on a bit myself on El Reg in the past but now I think it's gone way too far and all political debate should be stopped and we all stick to IT and related subjects - boring as that sounds.
Paris Hilton is my icon for this post as she's pretty and I like looking at her :)
I have a truecrypt volume. It is protected via a 24 character password (randomly chosen letters and numbers) and if I ever forget the password, the data is lost. I would definitely forget it if the police decided they wanted to have a look in. It contains nothing illegal but it the only privacy one can exercise. We live in CCTV world having more cameras per square inch (and it can be measured like that in some towns) than any other country.
So if you ever want to remember what privacy feels like, create a truecrypt volume.
Forgot the animal rights angle - these are just details of this individual case.
The point is that the police can "find" (i.e. deliberately put) an encrypted file on any UK citizen's PC, demand the key, and when they can't cough it up, put them in jail for 2 years.
Its what the government have always dreamed of: A legitimate way of banging up absolutely anyone they don't happen to like.
And if you have just been angered by the implications of this, they don't like YOU.
Just so you know, my mother died on 22nd October this year of ovarian cancer. She had not smoked a single cigarette in her whole life and hated the smell so much that she rarely went to pubs etc. She had a couple of martinis on a Friday with her friends, but never at any other time. I've been alive nearly 40 years and never seen her even tipsy let alone drunk. she also walked a lot, and did line dancing to keep fit.
So I ask you how an avid non-smoker, near teetotal (2 drinks a week doesn't even really count as a "social drinker") woman in her late sixties: A) brings this upon herself, and B) shouldn't benefit from advances in medicine, however discovered, that may cure her or prolong her life?
Perhaps you want to think a bit harder about what you are trying to say before tarring everyone with the same brush.
Whilst I don't condone cruelty for cruelty's sake, I do believe necessary advances in medicine comes at a price, and I'd rather it was at a rabbit's expense, rather than one of you two "humans".
Biting the hand that feeds IT © 1998–2019