backtop


Print 125 comment(s) - last by Iketh.. on Jan 27 at 12:41 AM

Colorado U.S. District Judge Robert Blackburn said the Fifth Amendment does not protect her from the order

A Colorado woman was told to decrypt her laptop in court on Monday in order to aid prosecutors in her bank fraud case.

Ramona Fricosu, the defendant who was accused of bank fraud in 2010, had her laptop seized by authorities during the investigation. However, authorities stumbled upon a big problem while attempting to search her hard drive -- it was encrypted.

Full disk encryption, which prevents unauthorized access to data storage, is an option found in operating systems like Mac OS and Windows. The encryption can take decades to break, and if authorities tried to crack it, it could damage the computer.

That's why Colorado U.S. District Judge Robert Blackburn ordered that Fricosu decrypt her hard drive and return it to the court so prosecutors can use her files against her in the bank fraud case.

Fricosu used the Fifth Amendment to protect herself. She argued that the Fifth Amendment protects her from compelled self-incrimination, and that the judge's order violates this. However, Blackburn didn't agree.

"I conclude that the Fifth Amendment is not implicated by requiring production of unencrypted contents of the Toshiba Satellite M305 laptop computer," said Blackburn.

Assistant U.S. Attorney Patricia Davies backed Blackburn's order, saying that allowing encrypted content to defeat authorities would send the wrong message to other criminals. In her words exactly, it would be a "concession to her [Fricosu] and potential criminals (be it in child exploitation, national security, terrorism, financial crimes or drug trafficking cases) that encrypting all inculpatory digital evidence will serve to defeat the efforts of law enforcement officers to obtain such evidence through judicially authorized search warrants, and thus make their prosecution impossible."

Blackburn has ordered Fricosu to return the unencrypted hard drive by February 21. Civil rights groups are keeping a close eye on the case.

Sources: Wired, Fox News



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

I'm sorry...
By mkrech on 1/24/2012 10:40:15 AM , Rating: 3
...I can't seem to remember that password. Let me try one more time. Uh... I'm sorry, I forgot that I built a fail safe drive wipe into the system to automatically wipe the drive after 3 failed log-in attempts. Oops, my bad.

Or better yet, create a user account that has a log-in script that automatically multi-pass wipes any data you want protected when you use that user account.

There are plenty of options for truly protecting your data.

Still, I don't like the slippery slope this legal precedence creates.




RE: I'm sorry...
By ketchup79 on 1/24/2012 10:45:39 AM , Rating: 3
Exactly, this is a slippery slope. I want freedom to win, even if this woman cannot be convicted to the full extent possible. And this is noting new. Look at airport security. Our freedom is slipping away to the hands of security. I am not surprised by this news, but disappointed. This woman should stand for her rights and take a contempt charge.


RE: I'm sorry...
By MrBlastman on 1/24/2012 12:25:18 PM , Rating: 2
The only people rating you down are those who embrace a police state and fear nothing of government control.


RE: I'm sorry...
By mattclary on 1/24/2012 10:45:42 AM , Rating: 2
"I'll tell you what. We will give you some quality alone time in jail so you can try to remember it."


RE: I'm sorry...
By corduroygt on 1/24/2012 10:55:03 AM , Rating: 3
Until when? How do you prove if she really can't remember it or lying?

This is an interesting case for sure.


RE: I'm sorry...
By fic2 on 1/24/2012 12:27:35 PM , Rating: 2
I was wondering if some of the encryption software had a feature similar to what you suggest - wipe the hd starting with the encryption area if X number of incorrect password attempts or given. Or even have a special wipe password. Doesn't seem like it would be that difficult of feature to implement.


RE: I'm sorry...
By fic2 on 1/24/2012 12:32:40 PM , Rating: 2
If it isn't a feature now maybe it should be in light of some of the MPAA/RIAA lawsuits. Although don't hear too much about them now that they are on to the much bigger "shutdown the internet" SOPA.


RE: I'm sorry...
By mkrech on 1/24/2012 5:25:44 PM , Rating: 2
I do not know if it is a feature of any off the shelf apps currently available. However, it is a simple enough task to implement with some simple scripts and dedicated user account just for wiping that sensitive data when the judge demands it.

Since none of this applies to me I will offer a scenario. I would suggest making a secondary account on the device. Call it JIC (just in case) for example and create start-up scripts to silently run secure wipes of all the data you want destroyed. Then have it delete the JIC user and re-authenticate to your regular user. Run it on a SSD drive to help mask drive activity and speed up the process.

This method would not be immune from discovery, but if you deploy it properly you can give the impression that you have nothing to hide and avoid detailed inspection and likely avoid detection.

More social engineering then technical design.


RE: I'm sorry...
By jonmcc33 on 1/24/2012 1:24:18 PM , Rating: 2
TrueCrypt is capable of multi-pass wipes. It would be a nice option if there was a fail safe for multiple failures to initiate a full volume wipe.


RE: I'm sorry...
By UnauthorisedAccess on 1/24/2012 7:49:38 PM , Rating: 2
TrueCrypt enhancement request: One password to access your encrypted hard drive plus special datafolder. One password to access your encrypted hard drive minus special datafolder.

Problem solved - ignoring caching/indexing/history features of an OS that may point to the missing files.


"It looks like the iPhone 4 might be their Vista, and I'm okay with that." -- Microsoft COO Kevin Turner














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki