Two convicted in U.K. for refusal to decrypt data
Steven W. Orr
steveo at syslang.net
Thu Aug 13 19:09:34 CEST 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 08/13/09 09:41, quoth the dragon:
> If you're in control of the computer the files reside on, and were in
> control of it when the files were created and last accessed, the chances
> that you *don't* know the key for the encryption is so slim as to be
> nonexistant.
Scuze me? I thought this was the gnupg list! I'm sorta new at this stuff but
I'm expecting just a bit more expertise from the people contributing to this
conversation.
First of all, I am running Thunderbird + Enigmail and I have gone out of my
way to set "Add my own key to the recipients" to be OFF. I very much want
email that I encrypt to others to not be readable by me at all. I am not a
child pornographer or a terrorist and I do not have anything to hide except my
own personal privacy. My personal choice is that if I send a message to
someone and it is encrypted then I do *not*, by default, want to be able to
see what I sent in my own sent-mail folder. If I want that option then I can
simply Bcc myself when I send it.
Second, I happen to be a Defendant in a case in US Federal Court. (Ever heard
the phrase "Don't make a Federal case out of it?") They did. And they're right
now in the process of losing big time against us. My only regret is that when
we were served and I had nothing to hide, I wish that some of my email that I
was required to turn over as part of the Discovery process had been encrypted.
I would dearly have wanted them to come to me and say "Hey! This is encrypted
so you have to decrypt it." and my response would have been "Sorry Your Honor,
but I have no ability to decrypt that message. It can only be decrypted by the
recipient.
And yes, when I first started learning about this stuff, I did initially add
my key when encrypting and between Enigmail and gnupg.conf and gpg-agent.conf
it actually took a bit to figure out how to shut it off.
So, when we talk about "chances that you *don't* know the key for the
encryption is so slim as to be nonexistant", I think it's time for a few of us
to take a step backwards and remember what the issue is here. As it sits right
now, I do *not* know if the people who were in trouble in the UK are the
encryptors or the decryptors and I also don't know if the encryptors even
added their own keys to the message.
- --
Time flies like the wind. Fruit flies like a banana. Stranger things have .0.
happened but none stranger than this. Does your driver's license say Organ ..0
Donor?Black holes are where God divided by zero. Listen to me! We are all- 000
individuals! What if this weren't a hypothetical question?
steveo at syslang.net
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.10 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAkqESM4ACgkQRIVy4fC+NyQ5xACfSeTYbNZAX7pqIVd5G2WQaS33
uvMAn2gYIW8xaOIUpKtz+qk23IXM2rsK
=pXGO
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list