Court says suspect in child porn case can't be forced to hand over password

midian182

midian182

Posts: 9,738   +121
Staff member
What just happened? Few legal issues are as contentious as suspects being forced to hand over their passwords. But the practice could occur less in the future after a Pennsylvania Supreme Court ruled it violates the Fifth Amendment.

As reported by Ars Technica, a 4-3 ruling overturned a lower-court order that demanded a suspect in a child-pornography case hand over a 64-character password to his computer. It had ruled that the decision didn’t violate his Fifth Amendment rights as Joseph J. Davis appeared to confirm child porn was on his machine.

“It’s 64 characters and why would I give that to you,” he told law enforcement when asked for the password. “We both know what’s on there. It’s only going to hurt me. No f**king way I’m going to give it to you.”

The lower court argued that the password request didn’t violate the Fifth Amendment protections against self-incrimination as it fell under the foregone conclusion exemption, which is when the government already knows of the existence, location, and content of the sought-after material.

But the Supreme Court rejected this argument. Justice Debra Todd said that disclosing a password is testimonial, and that revealing it was a verbal communication, rather than a physical act such as giving a handwriting sample or providing blood.

“As a passcode is necessarily memorized, one cannot reveal a passcode without revealing the contents of one’s mind,” the judge wrote. “Here, under United States Supreme Court precedent, we find that the Commonwealth is seeking the electronic equivalent to a combination to a wall safe—the passcode to unlock Appellant’s computer.”

The Electronic Frontier Foundation (EFF), which filed a friend-of-the-court briefing in the case, wrote that people should not be put in a no-win situation of choosing between giving up their password, thereby handing over the wealth of information stored on a device, or defying a court order.

The EFF writes that two other state supreme courts, in Indiana and New Jersey, are considering similar cases, and the group is participating in both.

Permalink to story.

https://www.techspot.com/news/82907-court-suspect-child-porn-case-cant-forced-hand.html

 
The problem is, the authorities will just crack it... this is where your freedom ends... hopefully, there will be more stringent laws on THAT...
 
While I agree it will be a violation of his 5th amendment rights the power of "discovery" is immense and they should be able to use that to secure the passwords ..... of course he can simply state he "does not recall" or "can't remember" and there isn't much, if anything they can do about that!
 
umbala said:
Yeah, crack a 64 character password... good luck with that.
Click to expand...
Lol... the NSA has been doing it for years... give enough computers enough time, and they'll crack just about anything... not to mention there are usually backdoors that 3rd party companies exploit for the government (we wouldn't want to accuse the government of forcing software makers to provide these, so we won't).
 
umbala said:
Yeah, crack a 64 character password... good luck with that.
Click to expand...

I remember my friend telling me to crack his super secure windows 7 machine years back. I inserted a USB thumb drive with an easy to obtain password bypass app that you run before boot and boom, I was into his windows in less then 30 seconds. I used that a lot to recover customer's machines.
 
  • Like
Reactions: Yynxs and JaredTheDragon
Wow, they're giving this guy far too much credit for being able to "remember a 64 character sequence". Unless of course it is a phrase or sentence.

For example, "Ilovedirtypicturesof10yearboystheyreinthephotosfolder" How many characters is that? :eek:
 
Last edited:
Yynxs said:
Reminders:
The world's largest chip finds a home inside the world's fastest AI computer
https://www.techspot.com/news/82842-world-largest-chip-finds-home-inside-world-fastest.html

A new type of quantum computer has smashed every record
https://www.techspot.com/news/77887-new-type-quantum-computer-has-smashed-every-record.html

The "largest-chip" only costs "millions" each.
Click to expand...
At least we can be certain that, "One Horse Town USA" won't have one.

They'll have to content themselves with the local sheriff and his radar gun.
 
  • Like
Reactions: Milest
hahahanoobs said:
What's the point of going to court if getting access is so easy?
Click to expand...
Because once the authorities get the precedent of being allowed to demand a password given to them by the courts, they now have the power to do so much more in the future. This has very little to do with the specific case, but affects everyone's privacy in the long run.

While it may be easy for them to crack the PC now.... if they ever DO run into an "uncrackable" PC in the future, they will now have the legal means to access it anyways.
 
umbala said:
Yeah, crack a 64 character password... good luck with that.
Click to expand...
it's most likely going to be a pattern, Working in I.T. I've had people tell me (facepalm) that they have their passwords set to patterns like qwertyuiop123456789
 
Is it a password or the encyption key pre boot?

What I don't understand is why criminals don't use self destruct systems like 10 wrong attempts the keyfile is corrupted with bad data.
 
While I would never side with the accused crime, the court made the correct desision here in protecting the general rights of the citizen.
 
  • Like
Reactions: Milest
Squid Surprise said:
The problem is, the authorities will just crack it... this is where your freedom ends... hopefully, there will be more stringent laws on THAT...
Click to expand...
The only kind of software that can and does use 64 character passwords is encryption software, and every piece of crypto that would allow such is currently uncrackable and has no vulnerabilities to backdoor access. So, no they won't be cracking it..(which this one time is kinda sad)
 
ZedRM said:
The only kind of software that can and does use 64 character passwords is encryption software, and every piece of crypto that would allow such is currently uncrackable and has no vulnerabilities to backdoor access. So, no they won't be cracking it..(which this one time is kinda sad)
Click to expand...
Really? Despite all the evidence to the contrary? Please feel free to provide some evidence of this... EVERYTHING is crackable!
 
Squid Surprise said:
EVERYTHING is crackable!
Click to expand...
Yes really. Sure, if you have a 2048 qbit quantum computer and 100,000,000 years, you can brute force it. Somehow, I think the Feds don't have those resources and they most definitely don't have that amount of time. Beyond that, not a chance. You may disagree all you wish, but until you research how modern cryptography works and examine the source code for every encryption utility out there, you can not say definitively how "crackable" anything is. Not one of the open source encryption suites has any "backdoors", and as soon as a problem is found, it's fixed and updated. Devs have become so skilled that nothing critical has been found in almost 10 years.
 
ZedRM said:
Yes really. Sure, if you have a 2048 qbit quantum computer and 100,000,000 years, you can brute force it. Somehow, I think the Feds don't have those resources and they most definitely don't have that amount of time. Beyond that, not a chance. You may disagree all you wish, but until you research how modern cryptography works and examine the source code for every encryption utility out there, you can not say definitively how "crackable" anything is. Not one of the open source encryption suites has any "backdoors", and as soon as a problem is found, it's fixed and updated. Devs have become so skilled that nothing critical has been found in almost 10 years.
Click to expand...
Not necessarily... hackers generally don't disclose when they find a vulnerability to something - and a 64 character pw might not be hackable via brute force, but it can still be cracked.

Check out this thread...

https://www.reddit.com/r/1Password/comments/9gj3u6

Amazing how someone managed to hack this guy's 1password account - we'll never know how...

cliffordcooley said:
While this may be true. Illegally obtained evidence would be inadmissible.
Click to expand...

Very true.... but it's funny how once cops obtain evidence, the methods of getting it might become different...

Like... If the cops later say "the guy changed his mind and gave us the password", or "we found it written down under his pillow", who's to prove otherwise?

Especially if the evidence obtained ends of being damning...
 
Squid Surprise said:
Not necessarily... hackers generally don't disclose when they find a vulnerability to something - and a 64 character pw might not be hackable via brute force, but it can still be cracked.
Click to expand...
You missed the "open source" part of my comment.
 
Squid Surprise said:
No... it just wasn’t relevant in any way...
Click to expand...
Sure it is. Open source software is often scrutinized more closely and thus flaws are found swiftly. Closed source software is hampered by the fact that the source is not available to the public for inspection, so any flaws it may possess have to be found the hard way, which is far more time consuming.
 
ZedRM said:
Sure it is. Open source software is often scrutinized more closely and thus flaws are found swiftly. Closed source software is hampered by the fact that the source is not available to the public for inspection, so any flaws it may possess have to be found the hard way, which is far more time consuming.
Click to expand...
Yes... but we were talking about hypothetical software that this person may or may not have used to encrypt their computer... whether it is open sourced or not is irrelevant. And open-source software can also be hacked - Linux is open source too you know...

My point was simply that anything can be hacked - since you (and I) have no idea as to the actual facts of this case, there is no possible way you can “prove me wrong”... not sure why you’re trying...
 
You must log in or register to reply here.

Similar threads

E
Utah Supreme Court says suspects can refuse to hand over phone passwords to the police
2
Replies
29
Views
747
scavengerspc
scavengerspc
Bubbajim
  • Locked
Supreme Court set to decide major First Amendment cases for online speech
2
Replies
45
Views
627
Beerfloat
Beerfloat
A
UK Supreme Court rules AI cannot be recognized as an inventor in patent case
Replies
6
Views
265
Underdog
Underdog

Latest posts

Back