Print 66 comment(s) - last by jamesd1234.. on Feb 22 at 9:23 AM

Ramona Fricosu's attorney says she may have forgotten the password

Last month, a Colorado woman was ordered to decrypt her laptop in order to help prosecutors obtain evidence in the bank fraud case against her. Now, Ramona Fricosu's attorney is saying that the defendant may have forgotten her password, further prolonging the case and getting prosecutors nowhere with the hard drive.

"It's very possible to forget passwords," said Philip Dubois, Fricosu's attorney. "It's not clear to me she was the one who set up the encryption on this drive. I don't know if she will be able to decrypt it. The government will probably say you need to put her in jail until she breaks down and does what she is ordered to do. That will create a question of fact for the judge to resolve. If she's unable to decrypt the disc, the court cannot hold her in contempt."

Davies said Fricosu has not said in any court documents that she has forgotten the password. They are waiting to see what position she takes in court.

Fricosu was accused of bank fraud in 2010, and had her laptop seized by authorities for investigative purposes. When attempting to search her hard drive, authorities found that it was encrypted using full disk encryption, which prevents unauthorized access to data storage. The option can be found in operating systems like Mac OS and Windows, and if authorities tried to crack it themselves, they could damage the computer.

Colorado U.S. District Judge Robert Blackburn then ordered Fricosu to decrypt her hard drive and return it to the court so prosecutors could use the files against her in the bank fraud case. Fricosu tried using the Fifth Amendment to protect herself, arguing that it protects her from compelled self-incrimination.

However, Blackburn concluded that "the Fifth Amendment is not implicated by requiring production of unencrypted contents of the Toshiba Satellite M305 laptop computer." Assistant U.S. Attorney Patricia Davies backed Blackburn's decision, saying that encryption cannot be a sure way for criminals to bypass the system.

Source: Wired

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

By Etsp on 2/7/2012 4:46:42 PM , Rating: 2
I'm not an expert on encryption, so the following may be wrong, but think on this:

The drive is encrypted at the hardware level. This means the electronics on the drive will NOT let you access the encrypted data. The only data that the operating system ever sees is the unencrypted data, and that's only after providing the correct passkey.

In that scenario, the only means of making an image of the encrypted disk is to physically remove the platters from the drive, and read them with special equipment. There's certainly a chance of damage during this process.

Another scenario, is that they're trying to get the secret key that's hardcoded in an encryption IC in the drive. You can't read this data in the external pins, you have to shave off the top layers of the chip and probe its internals. This is also a destructive process. I believe this was the method used to get the secret key for something Sony was trying to protect(Hypervisor crack maybe?)

By Zok on 2/7/2012 5:44:36 PM , Rating: 2
This isn't hardware-level encryption (e.g. FIPS 140-2). A simple DD can copy the contents bit-by-bit to another disk.

"If they're going to pirate somebody, we want it to be us rather than somebody else." -- Microsoft Business Group President Jeff Raikes

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki