Re: surrendering one's passphrase to authorities
On Tue, Mar 03, 2009 at 05:12:23PM -0500, David Shaw wrote: It's an odd case. Law enforcement *knows* what is on the laptop in this case. They saw it there before the computer was powered down (thus locking the drive). They are arguing over whether the protection against self-incrimination (part of the US Bill of Rights, for those who don't live here) even applies - after all, if law enforcement already knows what is there, revealing the contents does not incriminate. I don't quite grasp the nuances of whether entering a password is or is not in itself testimony. But one interesting aspect here is that, until the drive is decrypted, its contents cannot become evidence, and the government is left with only the testimony of the border control officers as to what might be contained in the defendant's property. If the drive cannot be examined by the court, the government's case is somewhat weaker. So that's one non-ulterior motive for wanting the password entered. It matters less, in court, what LE know, than what they can demonstrate. This of course does not dispose of other possible motives. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Friends don't let friends publish revisable-form documents. pgpHYgmyxtgQU.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: surrendering one's passphrase to authorities
Date: Tue, 3 Mar 2009 19:21:46 -0500 From: David Shaw ds...@jabberwocky.com Subject: Re: surrendering one's passphrase to authorities Folks on this list have said for years that rubber-hose key extraction is orders of magnitude faster than brute-force computation. ... and cue the XKCD: http://www.xkcd.com/538/ well, here is another aspect of a 'crypto-nerd's' imagination ;-) : suppose the goal would be to design an encrypted laptop where even authorities willing to use torture, would concede that the contents are not decryptable and that no information would be obtainable by even the most effective torture, how would one go about it? possible suggestion: [1] encrypt the drive to a passphrase and also a smart-card (let's dream and make the smart-card 4k rsa or better ;-) ) (and as long as we're dreaming anyway ... ;-) ) [2] allow the smart-card to be identifiable by the laptop as the correct one, with a unique identifier code when inserted into the laptop [3] enable the smart-card with a data self-erase, and data self- destruct mechanism, but leaving the identifier intact [4] once the smart-card has the self-erase and self-destruct mechanism activated by the bearer, the laptop bearer can surrender the smart-card, the laptop reads it and reports: *** smart-card indentity verified *** *** smart-card passphrase unreadable *** *** smart-card 'Self-Destruct Hardware' (Tm, copyleft GPL) was activated *** smart-card no longer functional *** *** decryption no longer possible *** and while the authorities might be tempted to vengefully harm the bearer, it would be clear that they would be unable to access the laptop through torture vedaal any ads or links below this message are added by hushmail without my endorsement or awareness of the nature of the link -- Become a medical transcriptionist at home, at your own pace. http://tagline.hushmail.com/fc/BLSrjkqfMmf8sLiFIoOZL0LR8m6TVV6xrgEpMB2LlLbSjeejQXO92bUj0q8/ ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: surrendering one's passphrase to authorities
On Wed, Mar 04, 2009 at 10:38:23AM -0500, ved...@hush.com wrote: Date: Tue, 3 Mar 2009 19:21:46 -0500 From: David Shaw ds...@jabberwocky.com Subject: Re: surrendering one's passphrase to authorities Folks on this list have said for years that rubber-hose key extraction is orders of magnitude faster than brute-force computation. ... and cue the XKCD: http://www.xkcd.com/538/ well, here is another aspect of a 'crypto-nerd's' imagination ;-) : suppose the goal would be to design an encrypted laptop where even authorities willing to use torture, would concede that the contents are not decryptable and that no information would be obtainable by even the most effective torture, how would one go about it? Why do you assume they wouldn't torture you anyway? (Reveal your backups to us! I didn't keep backups! We don't believe you!) After a news story like this, there is often a thread about technical solutions to the problem (more encryption, better key management, using hidden partitions that decrypt to pictures of puppies and flowers instead of the illegal content when a different passphrase is given, etc). I suspect things would go rather like this: http://www.mail-archive.com/cryptogra...@metzdowd.com/msg10391.html David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: surrendering one's passphrase to authorities
gerry_lowry (alliston ontario canada) wrote: on vedaal's laptop design ... [5] marry the drive to the motherboard so that removing the drive to another computer would cause the drive to self destruct. [6] design the drive as a secondary only never bootable drive; it's sister drive would carry the O/S and detect any O/S tampering; the data drive would use non standard logical and physical architecture to require specialized drivers in order to be accessed, i.e., no generic access. [7] design the drive to fail if physically opened or probed. [8] design the drive to be not probable by any form of hands off electronic eavesdropping. [9] remove dependency of need [4] destruct activation by any human. [10] destruct the drive immediately if the smart card is yanked out improperly; probably removal should be almost equally brief, example: Ctrl+x, Ctrl+y,Ctrl+z, where x, y, and z are user configurable. [11] find financing for this technology. gerry P.S.: Cryptonomicon, Neal Stephenson, ISBN: 9780060512804; ISBN10: 0060512806; http://www.harpercollins.com/books/9780060512804/Cryptonomicon/index.aspx The ... crypto-hacker grandson, Randy character, is attempting to create ... a place where encrypted data can be stored and exchanged free of repression and scrutiny; there are some interesting laptop related ideas in the novel; also, the book uses in its plot a deck of cards for passing encrypted messages back and forth undetected; there is also an appendix that describes the algorithm for using the deck of cards; that appendix and algorithm design was created by Bruce Schnier, example: http://www.jera.com/solitaire/ Solitaire for KJava home page; especially see http://www.schneier.com/solitaire.html The Solitaire Encryption Algorithm, version 1.2, 5/26/99. This is being heavily discussed over on the [Cryptography] list (Judge orders defendant to decrypt PGP-protected laptop). Perry Metzger, the list moderator, shared a very apt insight: The judge doesn't need to know the difference to beyond any doubt. If the judge thinks you're holding out, you go to jail for contempt. Geeks expect, far too frequently, that courts operate like Turing machines, literally interpreting the laws and accepting the slightest legal hack unconditionally without human consideration of the impact of the interpretation. This is not remotely the case. I'll repeat: the law is not like a computer program. Courts operate on reasonableness standards and such, not on literal interpretation of the law. If it is obvious to you and me that a disk has multiple encrypted views, then you can't expect that a court will not be able to understand this and take appropriate action, like putting you in a cage. This is also a VERY narrowly defined decision, based on what the defendant already showed ICE (US Customs) officers at the border. -- John P. Clizbe Inet:John (a) Mozilla-Enigmail.org You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net or mailto:pgp-public-k...@gingerbear.net?subject=help Q:Just how do the residents of Haiku, Hawai'i hold conversations? A:An odd melody / island voices on the winds / surplus of vowels signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: surrendering one's passphrase to authorities
David Shaw wrote: I suspect things would go rather like this: http://www.mail-archive.com/cryptogra...@metzdowd.com/msg10391.html Perry is an optimist. It's considerably worse than he makes it out to be. Judges are not idiots. They are very well-trained and have a great deal of experience at the discovery of truth through Socratic and/or adversarial questioning. They are also rather dispassionate, which stems from the tremendous amount of human evil they come into contact with on a regular basis. Juries, on the other hand... In the American system (and many other systems borrowing from the British Common Law tradition), the judge is the arbiter of law, but the jury is the arbiter of fact. If the judge has any doubt as to whether there's an encrypted volume on the drive, the judge is probably not going to bother putting the accused in jail on a contempt charge. The judge is going to say, the existence or nonexistence of material on that drive is a question of fact for the jury to sort out. And once the judge says that, you're rolling the dice with twelve plain, average, human beings -- which is to say, most of them will be technologically illiterate with little or no college education or grasp of formal reasoning. If you look at those twelve men and women and start to explain about deniable systems and perfect forward secrecy and every other crypto innovation you've thought of to keep you out of trouble, the jury won't understand a word of it. Not a word. They _will_, however, understand that you're blowing smoke up their ass. This is a mistake you will only ever get to make once. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: surrendering one's passphrase to authorities
On Wed, Mar 04, 2009 at 05:46:38PM -0500, Robert J. Hansen wrote: David Shaw wrote: I suspect things would go rather like this: http://www.mail-archive.com/cryptogra...@metzdowd.com/msg10391.html Perry is an optimist. It's considerably worse than he makes it out to be. Judges are not idiots. They are very well-trained and have a great deal of experience at the discovery of truth through Socratic and/or adversarial questioning. They are also rather dispassionate, which stems from the tremendous amount of human evil they come into contact with on a regular basis. Juries, on the other hand... In the American system (and many other systems borrowing from the British Common Law tradition), the judge is the arbiter of law, but the jury is the arbiter of fact. If the judge has any doubt as to whether there's an encrypted volume on the drive, the judge is probably not going to bother putting the accused in jail on a contempt charge. The judge is going to say, the existence or nonexistence of material on that drive is a question of fact for the jury to sort out. And once the judge says that, you're rolling the dice with twelve plain, average, human beings -- which is to say, most of them will be technologically illiterate with little or no college education or grasp of formal reasoning. Indeed, and also (in the US at least), the attorneys for each side can (to a limited degree that varies from situation to situation) remove people from the potential juror list after interviewing them (a Voir Dire challenge). Frequently, one side or the other will remove a juror with actual knowledge about the subject matter being covered in court. This makes sense from their perspective, as they would rather the juror is a blank slate, only knowing what the lawyer says on the subject, and not bring any of their own knowledge and opinions. So if you're relying on a cryptography defense, your chance of finding a juror who has any idea what you're talking about or has any means to evaluate your statements is actually lower than it would be if you picked random people off the street. David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: surrendering one's passphrase to authorities
David Shaw wrote: Indeed, and also (in the US at least), the attorneys for each side can (to a limited degree that varies from situation to situation) remove people from the potential juror list after interviewing them (a Voir Dire challenge). Voir dire is the name given to the interview process, not to the strikings. A striking can be for cause (a juror who says they can't be impartial, for instance) or for no reason at all in what's called a peremptory challenge. It is unlawful to use peremptory challenges to shape the racial or religious composition of the jury, but as long as you're not doing that, you can strike whoever you like for whatever reason you like. Frequently, one side or the other will remove a juror with actual knowledge about the subject matter being covered in court. This makes sense from their perspective, as they would rather the juror is a blank slate, only knowing what the lawyer says on the subject, and not bring any of their own knowledge and opinions. It's even worse than that. A year ago I was given a jury summons. The first case, I survived challenges for cause. They asked if anyone could describe a millimeter. I raised my hand, they called on me and I gave them the SI definition. I was promptly peremptoried. Plaintiff's counsel didn't just want to avoid people with subject matter knowledge. Counsel wanted to avoid anyone who knew anything about basic physics, and they used the metric system as a test to see who had any background in physics. The next trial was a sexual abuse case with some very hideous particulars. Defense counsel asked everyone what probability we gave that her client was guilty. One woman said 70%, since she was a schoolteacher and she knew how many layers of bureaucracy were involved in getting a sex abuse case to trial. One man said at least 50%, since otherwise it was a lot of work and taxpayer money for nothing. I refused to answer the question. I explained the question had improper foundations. Probability is based on prior observations of identical phenomena. I didn't know anything about the defendant or the particulars of his crime, so there was no probability I could assign. He either did it or he didn't, and I was willing to help determine which it was -- but I would not attach a probability to his guilt or innocence. The woman who said 70% and the man who said 50% were both seated on the jury. I wasn't. It's true that lawyers will remove a juror with actual knowledge about the subject matter -- but more than that, lawyers will remove jurors with actual knowledge. If you show an ability to think critically and independently, the lawyers will move heaven and earth to remove you from the jury pool. A critical and independent thinker will go their own way in the trial. That makes them wild cards. No lawyer wants a wild card in the jury pool. They want people who can be led to a conclusion. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: surrendering one's passphrase to authorities
On Mar 4, 2009, at 9:17 PM, Robert J. Hansen wrote: David Shaw wrote: Indeed, and also (in the US at least), the attorneys for each side can (to a limited degree that varies from situation to situation) remove people from the potential juror list after interviewing them (a Voir Dire challenge). Voir dire is the name given to the interview process, not to the strikings. As I've said, I am not a lawyer, but the term Voir dire challenge did, in fact, come from a real lawyer who I discussed my half-written email with before sending it. Simply Googling the term shows it in rather common use. It's true that lawyers will remove a juror with actual knowledge about the subject matter -- but more than that, lawyers will remove jurors with actual knowledge. If you show an ability to think critically and independently, the lawyers will move heaven and earth to remove you from the jury pool. It's not quite that simple. My lawyer friend indicates that this can cut both ways. If one lawyer thought they had a very strong case, they might actually want a smart or knowledgeable person on the jury, going with the idea that this person would be able to explain the complex issues to the rest of the jury. Which of course may cause the opposing attorney to challenge that person. And so on, and around and around. This is why jury consultants make the big bucks. We're now rather off-topic for GPG (and especially for a list that serves more than the US). Let's let this thread go, please. David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
surrendering one's passphrase to authorities
http://www.theregister.co.uk/2009/03/03/encryption_password_ruling/ Hi List, This article caught my eye. One of the things that I gleaned from the article is that it's obvious that law enforcement (at this level) does not have the ability to brute-force crack PGP encrypted data. Instead, the courts are attempting to force the surrender of the passphrase. Apparently the issue has not yet been settled in the US. How are other countries' courts handling this? -Joe ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: surrendering one's passphrase to authorities
Hi, Reference: From: Joseph Oreste Bruni jbr...@me.com Date: Tue, 03 Mar 2009 14:31:13 -0700 Message-id: 63b6c107-1520-484f-9069-bbf387251...@me.com Joseph Oreste Bruni wrote: http://www.theregister.co.uk/2009/03/03/encryption_password_ruling/ Hi List, This article caught my eye. One of the things that I gleaned from the article is that it's obvious that law enforcement (at this level) does not have the ability to brute-force crack PGP encrypted data. Instead, the courts are attempting to force the surrender of the passphrase. Apparently the issue has not yet been settled in the US. How are other countries' courts handling this? There's about 190 countries in the world. There'll be many national mail lists webs eg http://ccc.de forums that discuss encryption politics. Hopefully this list will Not, stick to just the international technology ignore the politics national laws, to keep the traffic down, keep it internationaly relevant. Not that the politics might not be interesting for a while, but it could easily bloat the list trafffic. Cheers, Julian -- Julian Stacey: BSDUnixLinux C Prog Admin SysEng Consult Munich www.berklix.com Mail plain ASCII text. HTML Base64 text are spam. www.asciiribbon.org ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: surrendering one's passphrase to authorities
On Tue, Mar 03, 2009 at 02:31:13PM -0700, Joseph Oreste Bruni wrote: http://www.theregister.co.uk/2009/03/03/encryption_password_ruling/ Hi List, This article caught my eye. One of the things that I gleaned from the article is that it's obvious that law enforcement (at this level) does not have the ability to brute-force crack PGP encrypted data. Instead, the courts are attempting to force the surrender of the passphrase. Well, maybe. It's also possible that law enforcement does have the ability to get into the encrypted data (by some means - I doubt brute force), but does not want the knowledge of that ability to be made public. (Note, incidentally, that this seems to be the PGP Whole Disk product, rather than a PGP message, a la OpenPGP.) It's an odd case. Law enforcement *knows* what is on the laptop in this case. They saw it there before the computer was powered down (thus locking the drive). They are arguing over whether the protection against self-incrimination (part of the US Bill of Rights, for those who don't live here) even applies - after all, if law enforcement already knows what is there, revealing the contents does not incriminate. Anyway, I, of course, am not a lawyer. Instead, here is a discussion of this case from someone who is: http://volokh.com/posts/chain_1197670606.shtml David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: surrendering one's passphrase to authorities
unfortunately, it's likely that certain countries handle this using torture. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: surrendering one's passphrase to authorities
Joseph Oreste Bruni wrote: it's obvious that law enforcement (at this level) does not have the ability to brute-force crack PGP encrypted data. That capability would literally be worth people's lives. It makes no sense to think that they would reveal that capability just to bag a run-of-the-mill child porn aficionado. It seems rash to draw that conclusion from the offered data. Apparently the issue has not yet been settled in the US. How are other countries' courts handling this? For the UK, I believe the Regulation of Investigatory Powers Act (RIPA) is still in effect. Quite a ghastly bill, really. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: surrendering one's passphrase to authorities
On Tue, 3 Mar 2009, David Shaw wrote: This article caught my eye. One of the things that I gleaned from the article is that it's obvious that law enforcement (at this level) does not have the ability to brute-force crack PGP encrypted data. Instead, the courts are attempting to force the surrender of the passphrase. Well, maybe. It's also possible that law enforcement does have the ability to get into the encrypted data (by some means - I doubt brute force), but does not want the knowledge of that ability to be made public. === i would think the FBI (presuming that they're involved) would be able to brute-force a pass-phrase in less than a year. they have the disk, so in all likelihood the weakest link in the chain is the pass-phrase (and that's assuming that there's no cache/tmp files that are not encrypted). does anyone know details about PGPDisk's string-to-key algorithm(s)? kid porn makes this an interesting edge case, because people (judges and juries included) are more likely to ignore the established protections of the 5th amendment (which, IMHO, should apply even to alleged scum or it's meaningless). my suspicion is that authorities have already decrypted the contents of the disk (unless the guy was using a *really* strong pass-phrase) and the case is being pushed to make a precedent out of sometimes it's ok to ignore the 5th amendment. -- ...atom http://atom.smasher.org/ 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808 - Religion is what keeps the poor from murdering the rich. -- Napoleon Bonaparte ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: surrendering one's passphrase to authorities
Atom Smasher wrote: i would think the FBI (presuming that they're involved) would be able to brute-force a pass-phrase in less than a year. they have the disk, so in all likelihood the weakest link in the chain is the pass-phrase (and that's assuming that there's no cache/tmp files that are not encrypted). does anyone know details about PGPDisk's string-to-key algorithm(s)? Yes. It's the same as the S2K in OpenPGP, last I checked -- which is specifically designed to make brute forcers slow. Let's say the guy has a passphrase with 64 bits of entropy. Assume you have a massively distributed network and some truly cutting-edge math, you could probably do it in two solid years of work. The RC5 project on distributed.net took 18 months to do 64 bits, but RC5 wasn't designed to be very slow to rekey. Now consider just how many 64-bit keys the US government would like to crack. It probably numbers in the millions. Now consider how high this guy's passphrase stands in the to-do list. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: surrendering one's passphrase to authorities
On Tuesday 03 March 2009 23:26:21 Robert J. Hansen wrote: For the UK, I believe the Regulation of Investigatory Powers Act (RIPA) is still in effect. Quite a ghastly bill, really. Yes. Lot like being tortured ;) -- Richard ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: surrendering one's passphrase to authorities
On Tuesday 03 March 2009 23:26:21 Robert J. Hansen wrote: For the UK, I believe the Regulation of Investigatory Powers Act (RIPA) is still in effect. Quite a ghastly bill, really. Yes. Lot like being tortured ;) -- Richard ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: surrendering one's passphrase to authorities
On Tue, 3 Mar 2009, Robert J. Hansen wrote: Yes. It's the same as the S2K in OpenPGP, last I checked -- which is specifically designed to make brute forcers slow. Let's say the guy has a passphrase with 64 bits of entropy. Assume you have a massively distributed network and some truly cutting-edge math, you could probably do it in two solid years of work. The RC5 project on distributed.net took 18 months to do 64 bits, but RC5 wasn't designed to be very slow to rekey. Now consider just how many 64-bit keys the US government would like to crack. It probably numbers in the millions. Now consider how high this guy's passphrase stands in the to-do list. == most people don't use pass-phrases that strong. in any case, we're talking about something that can realistically be broken in a reasonable amount of time (compared to several times the age of the universe) using real-world technology, not like trying to crack a messages that was intercepted on the wire, and encrypted with 4096 RSA or a 256bit twofish. -- ...atom http://atom.smasher.org/ 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808 - Human beings, who are almost unique in having the ability to learn from the experience of others, are also remarkable for their apparent disinclination to do so. -- Douglas Adams, Last Chance to See ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: surrendering one's passphrase to authorities
Atom Smasher wrote: most people don't use pass-phrases that strong. Let me see if I have this clear: - He knew he was approaching a border - He knew he had child porn on his system - He knew his laptop might be searched at the border - And you think, knowing all this, he'd use a weak passphrase? in any case, we're talking about something that can realistically be broken in a reasonable amount of time If you're talking about a chump who hasn't bothered to think things through, sure. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: surrendering one's passphrase to authorities
On Mar 3, 2009, at 6:04 PM, Atom Smasher wrote: On Tue, 3 Mar 2009, David Shaw wrote: This article caught my eye. One of the things that I gleaned from the article is that it's obvious that law enforcement (at this level) does not have the ability to brute-force crack PGP encrypted data. Instead, the courts are attempting to force the surrender of the passphrase. Well, maybe. It's also possible that law enforcement does have the ability to get into the encrypted data (by some means - I doubt brute force), but does not want the knowledge of that ability to be made public. === i would think the FBI (presuming that they're involved) would be able to brute-force a pass-phrase in less than a year. they have the disk, so in all likelihood the weakest link in the chain is the pass- phrase (and that's assuming that there's no cache/tmp files that are not encrypted). Good point. I was thinking about the session key, which is basically brute forcing proof. The passphrase would indeed be an easier attack. The lawyer discussion I posted (http://volokh.com/posts/chain_1197670606.shtml ) suggests that law enforcement did try to guess (his word) the passphrase. Guessing could be anything from trying two or three passphrases before giving up to running a list of common passphrases against it. For all we know, they're still running the passphrase guesser right now. David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: surrendering one's passphrase to authorities
On Tue, Mar 03, 2009 at 07:31:03PM -0500, Robert J. Hansen wrote: Atom Smasher wrote: most people don't use pass-phrases that strong. Let me see if I have this clear: - He knew he was approaching a border - He knew he had child porn on his system - He knew his laptop might be searched at the border - And you think, knowing all this, he'd use a weak passphrase? This particular fellow was not necessarily the brightest bulb in the bunch. Remember that he also waived his Miranda rights (for the non US readers: see Wikipedia for the details, but this is the You have the right to remain silent, etc speech that you've probably seen on US television and movies), and willingly showed the decrypted disk, child porn and all to the border agents. It was only after his arrest and the accidental re-encryption of the disk did this passphrase issue arise. in any case, we're talking about something that can realistically be broken in a reasonable amount of time If you're talking about a chump who hasn't bothered to think things through, sure. There is, of course, a dramatic difference between how someone may act when they're setting up their encryption at home and have time to think things through, and how they may act when caught transporting child porn over a border. Even so, there are many things he could have done to try and hide his illegal material *before* approaching the border. David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users