William was raided for running a Tor exit node. Please help if you can.

Jimmy Hess mysidia at gmail.com
Tue Dec 18 07:32:56 UTC 2012


On 12/18/12, Henry Yen <henry at aegisinfosys.com> wrote:
> On Mon, Dec 17, 2012 at 20:45:04AM -0600, Jimmy Hess wrote:
> Physical threat is somewhat different than seizure by law enforcement,
> though.

I'm not so sure about that.   It's a kind of physical threat;  the set
of all physical threats includes a subset of threats that are LEO
threats involving authorities and are related to (quasi-)legal
threats.  The law enforcement personnel may have been paid off by a
rogue party in the first place,  to seize and "misplace" the data
(E.g.  deny the legitimate principal access to it  for the purposes of
competitive advantage),  or to seize and "accidentally" leak the data
to overseas entity attempting to gain the data for economic advantage,
by taking advantage of insufficient security controls of the law
enforcement entity.

> the idea of encryption as a shield against law enforcement is not yet a
> settled issue in the US; see the "Fricosu" case.  A nice explanation:
>    https://www.eff.org/deeplinks/2012/03/tale-two-encryption-cases

It obviously wouldn't work for all kinds of data, but;
even if it's not a 5th amendment issue;   E.g.  "required to reveal
your keys and allow the data to be decrypted";    the POSSIBILITY  has
to exist that that you can in fact know or recover the keys.

You can't testify against yourself, if you had your memory permanently
wiped in some manner,  so that you are incapable of ever recalling,
because "there's nothing there to present" ---   it doesn't matter if
there was no 5th amendment,  the fact your memory was wiped,  erased
the possibility of ever testifying.

If an automatic response to the security breach results in complete
reliable destruction of physical and logical devices absolutely
required to be fully intact to  recover the keys  and execute
decryption activity, then  "there is inherently nothing to provide",
once that occured;  the remaining option would be for the LEO to
dedicate massive computing resources over a sufficient hundred years,
to  discover the key through brute force key space search  of  10^77+
keys.


That's assuming no backups of the key  devices.



> --
> Henry Yen                                       Aegis Information Systems,
--
-JH



More information about the NANOG mailing list