flat assembler
Message board for the users of flat assembler.

Index > Heap > [Encryption] Boucher gave in. Fricosu betrayed. Doe succeeds

Goto page 1, 2, 3, 4, 5, 6  Next
Author
Thread Post new topic Reply to topic
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17270
Location: In your JS exploiting you and your system
revolution
This thing is in lots of news sites. Here is one: http://www.cbc.ca/canada/montreal/story/2010/01/22/qe-child-porn-sentence.html

Okay, now it was for CP and maybe he deserved it. But that is not what I am referring to. See below for why this concerns me.

A little background: He was using an encryption program, similar to the truecrypt that I use, to keep his files confidential. He crossed the USA border and the guards decided to search his laptop. But it is encrypted. He was silly enough to unlock it at the border for them to see some "bad" looking filenames, but still no proof of actual content. As we know filenames are arbitrary and do not necessarily describe the contents. Once the computer was powered down the volumes keys were lost so the FBI were stymied later when they wanted to examine it properly. The FBI could not decode it so they demanded he give the password. Initially he refused, for 3 years, and now today he pleads guilty to CP!

My concern: I also travel with a laptop with encrypted volumes. Not for CP of course, but just for general privacy and confidentiality. What if the border guards decide to take my laptop and demand passwords like they did with the person above?

Now this is the scary part: This person pleaded guilty to transportation of CP across the border. This we know. But what we don't know is why he pleaded guilty. We can only assume he made some sort of rational choice to admit his guilt. So based upon a rational choice people will naturally choose the option that brings lesser consequences. But he chose potentially 10 years + deportation + lifetime tagged as a sex offender. Why did he choose that? What did the FBI say/do to him that convinced him this was a lesser of two (or more) bad choices? What were the other choices that were worse?! Why didn't he just say "I forgot the password, sorry"? Or even "no comment"? Or anything other than "I'm guilty"?

If/when they stop me at the USA border and ask for my password I'm saying "no comment". But now I am worried that they might decide to give me the same choices they gave to this person above. Confused This sucks bad. USA border crossings suck bad. My data is mine alone, they got no right to snoop. No other country that I have ever been to would ever treat people like this. USA, why so nosey?

[edit] Replaced dead URL with another


Last edited by revolution on 01 Mar 2012, 14:03; edited 5 times in total
Post 26 Sep 2009, 18:01
View user's profile Send private message Visit poster's website Reply with quote
Borsuc



Joined: 29 Dec 2005
Posts: 2466
Location: Bucharest, Romania
Borsuc
I would freak out if they were going to touch my computer at all. They would break it. Mad

Anyway, maybe he was protecting someone?

_________________
Previously known as The_Grey_Beast
Post 26 Sep 2009, 18:07
View user's profile Send private message Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 8885
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 334455
sleepsleep
maybe time to trust google cloud, let google handle all your data online Smile lol. so you can access it even you are out of US or iran or else where, as long as you got internet access, if no, then perhaps time to use ham radio with internet connectivity.

for me, i think it is stupid to travel with p&c data, if you really got such necessity, why not just get a 32GB pendrive? and encrypt it with watever tool.
Post 26 Sep 2009, 18:23
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17270
Location: In your JS exploiting you and your system
revolution
sleepsleep wrote:
for me, i think it is stupid to travel with p&c data, if you really got such necessity, why not just get a 32GB pendrive? and encrypt it with watever tool.
How does that help? They'll just ask for the password to access it.
Post 26 Sep 2009, 18:30
View user's profile Send private message Visit poster's website Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4633
Location: Argentina
LocoDelAssembly
Quote:
Boucher helped an agent access the computer, which showed files such as, "Two year old being raped during diaper change," according to the affidavit.
What content would you expect inside such file? The proof P=NP? He made the right choice, proper justice would dictated a penis cutting at the very least.
Post 26 Sep 2009, 18:41
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17270
Location: In your JS exploiting you and your system
revolution
Oh, I am not saying an injustice was done, just that he (Boucher) {w|c|sh}ould have other choices (because of the password) that were less severe than pleading guilty. Shit, I hate to think what would happen if he really did forget the password and they (the FBI) decided he was lying and they invoked one of the other choices that he was trying to avoid.


Last edited by revolution on 20 Feb 2014, 14:04; edited 1 time in total
Post 26 Sep 2009, 18:50
View user's profile Send private message Visit poster's website Reply with quote
windwakr



Joined: 30 Jun 2004
Posts: 827
Location: Michigan, USA
windwakr
They can search your laptop? That's just not right. Although it is good this asshole got caught, they shouldn't be able to just search peoples laptops, phones, cameras, etc. for no reason.

More on electronics searches:
http://www.washingtonpost.com/wp-dyn/content/article/2008/02/06/AR2008020604763.html

_________________
----> * <---- My star, won HERE
Post 26 Sep 2009, 18:52
View user's profile Send private message Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 8885
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 334455
sleepsleep
Quote:

How does that help? They'll just ask for the password to access it.

hmm, i think i saw a tool perform something like this.
you combine a file (the thing you want to hide) with a picture file (be it jpeg, png, or etc)

so, this software (sort of encrypt) your data into this picture, (so it wouldn't look suspicious if somebody open it up)...they will see all pictures. nothing to hide. (but to obtain the hidden data, maybe they need a decoder with password)

i think i have read somewhere on internet the existance of such software, but it shouldn't be hard to code for people like revolution Wink am i right :p
Post 26 Sep 2009, 19:01
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17270
Location: In your JS exploiting you and your system
revolution
sleepsleep: It is called steganography and it is very dangerous to use because it can be detected.

Besides, none of those type of measure should even be necessary.


Last edited by revolution on 26 Sep 2009, 19:06; edited 1 time in total
Post 26 Sep 2009, 19:04
View user's profile Send private message Visit poster's website Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 8885
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 334455
sleepsleep
hmm how about travel with a pendrive that could automatically self destroy if you press the red button for 5 seconds? Razz Razz

if they got you, they will have a malfunction pendrive, and we could blame them for faulting our stuff.
Post 26 Sep 2009, 19:05
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17270
Location: In your JS exploiting you and your system
revolution
sleepsleep: You have been watching too much "Mission Impossible"!
Post 26 Sep 2009, 19:07
View user's profile Send private message Visit poster's website Reply with quote
vid
Verbosity in development


Joined: 05 Sep 2003
Posts: 7105
Location: Slovakia
vid
Quote:
Two year old being raped during diaper change

Honestly, who doesn't name his grandparent wedding photo scan collection like that?

But seriously, read up something about stalinist show trials. If police has you in control without public oversight, it is easy to make you say whatever they want you. Human brain is machine like any other, and in most cases, given right input, you can force it to produce desired output. Some people were persuaded they were guilty of bogus claims even after they were released and rehabilitated... That's for false claims. If this guy really had CP on his machine, there is nothing easier than forcing him to admit it. As revolution correctly observed, it was enough to get him into situation where his other choice was worser option.

Another possibility is that maybe even such name is against law? But probably no, in that case US death metal scene would die out...


Last edited by vid on 26 Sep 2009, 19:28; edited 1 time in total
Post 26 Sep 2009, 19:18
View user's profile Send private message Visit poster's website AIM Address MSN Messenger ICQ Number Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 8885
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 334455
sleepsleep
Quote:

It is called steganography

yeah2, forgot this word. steganography could probably obtain more attention nowadays by gov & police.

their logic is, if nothing illegal, nothing to hide. (they don't care about privacy)

i think easter eggs in some game application is kinda cool too. maybe they are trying to send out some message.
Post 26 Sep 2009, 19:27
View user's profile Send private message Reply with quote
Borsuc



Joined: 29 Dec 2005
Posts: 2466
Location: Bucharest, Romania
Borsuc
subliminal messages are way better
Post 26 Sep 2009, 19:32
View user's profile Send private message Reply with quote
bitshifter



Joined: 04 Dec 2007
Posts: 764
Location: Massachusetts, USA
bitshifter
Why not setup a decoy bootsector that says the shiz is broken?
Post 26 Sep 2009, 20:14
View user's profile Send private message Reply with quote
ManOfSteel



Joined: 02 Feb 2005
Posts: 1154
ManOfSteel
revolution wrote:
sleepsleep wrote:
for me, i think it is stupid to travel with p&c data, if you really got such necessity, why not just get a 32GB pendrive? and encrypt it with watever tool.
How does that help? They'll just ask for the password to access it.

But a pen-drive is much easier to conceal than a laptop. Okay, they may search your shoes and socks (looking for bombs), but you can *always* fool them with some cold-war era spy tricks... unless they also perform full cavity searches. Embarassed
Post 26 Sep 2009, 21:30
View user's profile Send private message Reply with quote
windwakr



Joined: 30 Jun 2004
Posts: 827
Location: Michigan, USA
windwakr
Get a big afro and hide it in there.
Why not just put your electronics in a lead lined briefcase? Just say your company wants you to deliver it somewhere and you don't have the key.

_________________
----> * <---- My star, won HERE
Post 26 Sep 2009, 21:33
View user's profile Send private message Reply with quote
ManOfSteel



Joined: 02 Feb 2005
Posts: 1154
ManOfSteel
sleepsleep wrote:
hmm how about travel with a pendrive that could automatically self destroy if you press the red button for 5 seconds?

There's always a tiny chance that the explosive is too powerful and it blows their faces off, in which case you will be charged of killing federal agents and having ties to terrorism. Maybe you're interested in tourism to secret detention camps? They've got many of these in the whole world, so they even give you chances to see exotic places.
Post 26 Sep 2009, 21:39
View user's profile Send private message Reply with quote
ManOfSteel



Joined: 02 Feb 2005
Posts: 1154
ManOfSteel
windwakr wrote:
Just say your company wants you to deliver it somewhere and you don't have the key.

Have you ever traveled abroad? This won't work anywhere in the world (let alone in paranoid post-9/11 USA) unless you're a member of a diplomatic corps and carry the appropriate documents.
Post 26 Sep 2009, 21:46
View user's profile Send private message Reply with quote
Borsuc



Joined: 29 Dec 2005
Posts: 2466
Location: Bucharest, Romania
Borsuc
May I ask WTF is their business with MY freaking data? It's not like it can materialize into a gun or something I can hijack the goddamned plane.

_________________
Previously known as The_Grey_Beast
Post 26 Sep 2009, 21:57
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page 1, 2, 3, 4, 5, 6  Next

< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar.

Powered by rwasa.