Frankly, if I were in a place or doing activities where I thought a police raid was a significant possibility, I'd MUCH rather have something that would trigger video AND AUDIO recording from multiple cameras in the house, placed in locations where they wouldn't be "accidentally" knocked over or otherwise destroyed and with the data going offsite immediately via any of several channels (e.g. home network, home wifi, neighbor wifi, public/semipublic wifi (e.g. "xfinitywifi"), LTE phone).
Alternately, always have the recording going to something local, but trigger offsiting it with something like this and otherwise have a very limited timeframe for keeping it.
The other VERY VERY important piece of this I suspect would be notices posted at every possible entrance to the house, something like "Video and audio recording occur on these premises. By entering, you consent to this recording and to the use and public disclosure of these recordings. If you do not consent to these recording, use and disclosure policies, please call (xxx) xxx-xxxx and schedule an appointment." Perhaps I should call this a kick-through license - I'm not sure it'd stand up, but I suspect you'd have a pretty decent chance of that.
Of course, I'm boring, not inclined to activities likely to inspire either police interest or SWATing, and I live in a mostly-white townhouse community in the 'burbs. My most likely home invasion would be because "you are in a maze of twisty drives and townhouse units, all alike."
It's probably my PTSD but my biggest fear is getting raided by SWAT in a "wrong house" mixup or for some other stupid reason. In such an instance I would likely kill one or more of them. I have a family in my house that could be injured by them in the process. I've always wanted a camera system that had remote encrypted storage so I could prove the truth in court.
If you live in a "no knock" state you are not nuts at all. I am from the UK and think the whole no knock thing is insane when everyone has easy access to guns (both legally and illegally). It is just asking for people to die.
It really is. It works most of the time for the same reason it works in war, you have the element of surprise. In a population of ordinary citizens you aren't likely to encounter much trouble kicking in doors at 2am. It works for criminals after all.
But things are a little different in the US because there are lots of keyed-up gun owning vets that spent most of their military service conducting urban warfare.
Put simply, you cannot just roll up on me like that. Just knock on the door politely and I'll come out and chat. Kick in my door like a home-invasion robbery and I'll follow my training without thought.
Yeah, unless you are a wanted criminal, there is no reason to assume the people breaking into your house are the police. I didn't even know they did that before reading the flashbang article a few weeks ago: https://www.propublica.org/article/flashbangs
Its for this reason I would seriously consider making my house 'no knock' safe if I were to build it from scratch. I worry about the conversation starting with "get down police!" rather than something more civil. And it seems you could design a house that would not easily be 'breached' which would mean any unplanned entry would take time and be noisy. Allowing you to start a dialog with the people trying to come in before anyone is in danger of being shot.
Just keep in mind that such a house's protection against easy breaches by police (who, in a no-knock scenario, will be equipped for a breach) also prevents easy breaches by ambulance or fire crews. What if you're only able to call for help but you are incapacitated prior to being able to unlock your fortress?
So I guess that means no claymores planted in the yard. Dang.
Seriously though, this is a real concern. How do you build a house that is raid proof but that can be accessed by the fire dept? Maybe we should push the context of the problem back a little bit and ask: how do we de-escalate the police state in the U.S.?
De-escalation is part of why I'd want that kind of camera system - the signs would serve a dual purpose, A) notifying and hopefully at least heavily clouding charges of "he had no legal right to record, we weren't in a public place, charge him with wiretapping" (I'm in Illinois which is an all-party-consent state) and B) putting police on notice that even if they aren't using body cameras (or they're prone to "malfunction") there will still be recordings.
Given the apparent change in officer behavior that accompanies body camera use, perhaps having explicitly noted video and audio surveillance disclosed in advance will serve a similar purpose.
The relevant part in those cites is "public places" - previously it was illegal to record police even standing on the sidewalk. Technically a news crew doing "man on the street" interviews would have been required to stop if an officer showed up.
The scenario we're covering here is for police inside your house, which I'm pretty sure wouldn't be considered public.
> you could design a house that would not easily be 'breached'
Most US homes have city and county building codes that regulate the number and height of windows, ostensibly for "fire rescue". Maybe you could evade this by buying a rural plot of land that is free of municipal code, but in that case you wouldn't need super security, just a long driveway with pressure sensors that alert you to anyone approaching.
boat windows are a good idea here. Typically they have a welded metal or aluminium frame and an inset of 6mm hardened glass. Some have a sandwich of several layers of lexan glued together. They come in all shapes and sizes, and can be custommade relatively cheaply. You can get ones that open from the inside. They have to be sturdy since at sea they need to be able to withstand a wave of several tons of water coming at them at full speed.
Because these films help hold the glass together,
a stronger barrier is created, slowing down
criminals to the point where they may choose
to flee for an easier target.
Sadly, there's often only a subtle difference between a violent criminal and a SWAT team member. The personality types are often quite similar.
Windows aren't really the problem. Windows are dangerous to be near for the raiding party. To raid proof a dwelling you need things that slow down entry, things that trip, bright lights or sounds that let a raiding party know they've lost the element of surprise, and some form of early warning before someone has reached a breach point such as a door.
Had HPD stack up on an apartment I used to live at while I was gone...knocked once, roommate came out, and he managed to talk them out of raiding us. They really wanted the apartment down from us, which had been the alleged source of a bunch of burglaries in our complex.
If the roommate had had headphones on (was a metalhead and a gamer), things could've gone differently. We would've at least been out a door.
EDIT:
Fun fact--if I remember correctly, the first (maybe only?) confirmed kill with a P90 was by HPD SWAT.
HPD and HCSD, there's a reason they call Harris County the "hangin' county". Someone at ACLU told me Harris County Sheriffs Dept. has more shooting deaths per violent arrest than any other police force in the country.
Edit: "stack up" heh, fellow major league door kicker?
You do not possess enough legal firepower, and probably don't have enough practice wih your equipment, to likely kill a member of a SWAT team and "hurt" yourself.
"In such an instance I would likely kill one or more of them"
You may want to consider how to react differently in such a situation. That's definitely a fight you can't win, and indeed would probably lead to causing your loved ones more pain than it's worth. It's probably best to comply with order in the heat of the moment and later fight it in court. The outcome will be much, much better, I promise.
Brother, my alarm went off in my house one night when I was in bed because of high winds outside. A door moved slightly in its jamb causing the sensor to trip. I was out the door with my gun and had circled and cleared the perimeter of the house before I knew what happened. My wife says I was screaming at the "intruders" to get out of my house the entire time. I do not remember this.
I mean no insult by saying this but you really just cannot understand what this is like unless you've lived it.
That sounds really scary. Have you considered keeping your gun outside the house? It seems like you could end up with a real tragedy on your hands if during the midst of a PTSD episode you mistook a loved one for an intruder.
I don't have diagnosed PTSD, nor did I serve. But I have a REM sleeping disorder, where I act out dreams.
This has had me bolting out of an apartment flashlight in hand, yelling at things not there, beating up a wall (ouch), hitting glass and freaking out significant others.
No sleeping meds worked (Lunesta/Ambien intensified waking hallucinations) but Klonopin, as its just helping to reduce anxiety and keep me asleep.
Its a benzo, but just throwing it out there sir. Good luck.
I don't know the details about the GP poster. But a lot of people didn't "volunteer" for as much service in Iraq or Afghanistan as they wound up doing.
Yes they initially volunteered but then "stop-loss" happened and they had to stay in the active military for far longer than they were originally told they would.
Also many people were serving in reserve units or the National Guard (aka "weekend warriors") and entire units wound up being sent to Iraq because we didn't have enough active duty soldiers.
There's a hard to use .mil website that has details.[1] E.g deaths just in "Operation Iraqi Freedom" (there are additional ME deaths not included):
Not only that. Many reservists were called up to active, and then sent back to reserve a day or so before their year or whatever of active would have qualified them for full active benefits. In other words, essentially a full year of their lives were stolen, but they didn't get the benefits that were supposed to compensate for that year.
I want no sympathy personally, and I really don't like the "hero" talk. Nobody I ever met in the infantry was oblivious to what they were getting themselves into. Especially not in the airborne. I mean really, they throw you out of airplanes with parachutes made by the lowest bidder. Everyone laughs about dying to cover the fear.
When you sign up they are very clear that the term of your enlistment is 8 years whether or not you serve 4 or 5 active. They can call you up anytime in that 8 years. It sucks but again it's not a violation of trust. Still being stop lossed to go back is hugely terrifying for guys ready to transition back to civilian life.
Some guys out there really need help. Fallujah and the Korengal were meat grinders. I haven't met a single guy who was boots on the ground there that isn't seriously messed up from it. We owe it to them to get the care they need but the VA is an absolute crime.
> I haven't met a single guy who was boots on the ground there that isn't seriously messed up from it.
War is hell.
I remember hearing about neighbors who came back from Vietnam in around 1970, and they also suffered PTSD (of course I don't think we had that acronym then). And I knew an Army NCO (recipient of the Silver Star) who served two tours in Vietnam. He slept with a loaded .45 under his pillow, probably "cocked and locked" as they say (at least hopefully it was "locked"). And it wasn't because he lived in a bad neighborhood.
Its a shame that we still haven't figured out how to get help to those who need it, how to help ease those guys off that razor's edge that they needed to maintain in order to come back alive.
> When you sign up they are very clear that the term of your enlistment is 8 years whether or not you serve 4 or 5 active.
I was in for six, well back in the previous century. I don't recall having that explained to me when I joined, but it probably was. I did however learn before getting out after my six that I was still subject to recall until the eight year clock ran out.
I think the fear is less "f*ck the police" here, and more "an unknown entity is breaking into my house", which is a pretty justifiable response. If he knew it was the police, I don't think the first reaction would be to shoot them.
He's clearly thought about it, he's just saying that due to (I assume) his military background and PTSD, the most likely outcome would be that he kills one of them.
It's very hard to not react in a particular way when it's what was ingrained as your method of survival in the field.
I'll second Scott's question about whether you've considered keeping your gun outside the house.
Since you know that you react like that and are hopefully doing what you can to change that even if the VA is a mess, it seems to me that the responsible thing to do is also to preemptively mitigate the impact of those reactions, since you already know that your decision-making in the heat of the moment is going to be somewhat hard-wired in a bad direction by past experience.
Hell, even just keeping the guns in a gun safe well away from the bedroom would make a big difference. You with a gun become a target, do anything you can to avoid being that target because dead men can't use the video evidence in court.
I keep the guns really far out of reach so as to require enough time to come to my senses. I've also been through a lot of therapy since then and I'm not nearly as bad off.
A woman and her children were locked in their house yesterday morning a few miles from me. Thugs kicked in her door early in the morning and robbed the house. Usually they kill/rape/beat the inhabitants. This is a real thing. Also, it's not like I live in a bad area. These are nice suburbs.
We have a problem in the area with home invasion robberies. Last week a woman was raped. A few months ago a family was executed. I'm not exaggerating. This is a thing out here. There is a task force focused on this type of crime but having met the group it's understaffed IMHO.
Just hope the police can't remotely access your cameras and film you hacking the gibson :X
I've yet to read of a raid where somebody successfully destroyed all forensic evidence off their systems instead they usually idle in chat rooms and wait for the suspect to write 'brb coffee' or kick down the door while they are passed out with everything powered on like Max Vision
I really like his sort of thing, but realize that, like anti-forensics tools, there is a risk to having and using destructive anti-tamper triggers.
If the police actually think you're up to something, raid you, and your "cybernetic boobytrap" destroys your hundreds of GB of actual random data, they may still try and prove that you're a terrible person and destroyed evidence in court. Then it's up to a jury, and a prosecutor bent on making you look guilty as hell.
I'm not trying to dissuade exploration, but understand what can happen if you actually deploy this sort of system.
This program makes me nervous because its primary use case is to obstruct justice, which the author tries to get away from with a thinly-veiled excuse that it could also be used to defend against criminals. I understand that technology is ethically neutral (for example, this program could be used to hinder reverse-engineering of a sealed computing appliance), but the fact that they're basically advertising this thing to obstruct police investigations puts me off.
> This program makes me nervous because its primary use case is to obstruct justice, which the author tries to get away from with a thinly-veiled excuse that it could also be used to defend against criminals
I agree that there's a problem with the author's messaging, but I think the problem is with this first as a tool for "when your house gets raided by the police..."
There are all kinds of reasons to encrypt your data. Some of them involve obstructing justice, some involve protecting oneself from "justice," but there are many others. If you have a good reason to encrypt, then you probably have good reasons to protect your system using a program like this.
Leaving aside the State, and more mundane robberies, some people have good reasons to be concerned about industrial espionage[1]. Tools like this seem like a good way to counter that.
> This program makes me nervous because its primary use case is to obstruct justice
Given the number of raids that happen based on false CI information, typoed street addresses, or government overreach... it's not clear that the program is meant to be used primarily for that.
The police aren't our friends. They don't protect us individually or collectively. Often we need to be protected from them. Any tool that can help with that is a good thing.
1000% agree. I was out having fun one night with some friends in my younger years. We left a bar together and split up. As I and one of the guys I was with entered a parking structured, my other friends drove up to us in a convertible car. They were laughing at me because my fly was down so I pulled it up in a funny gesture as I approached them.
At that point, two cops pulled in behind me and thought I was passing drugs. They looked around on the ground and patted me down and when they found nothing, they trump up some charges and said I indecently exposed myself. When the case went to court, the cops were caught lying. They tried to tell the judge I flashed some girls in a convertible but video showed they lied through their teeth.
So I have my own personal story but don't listen to me, hear what this professor and an ex-cop have to say about talking to the police.
Offtopic nitpick: technology is not ethically neutral but simply amoral. The lawnmower that cuts of your foot doesn't have issues with your foot. It's just rotating blades.
IANAL: what could actually happen to you, legally, if your hard-drive self-destructs after being tampered with?
Is that really "destroying evidence?" What if you just shut down the computer, rendering the hard drive unusable, its contents completely encrypted (a la TrueCrypt). The evidence isn't destroyed, it's just inaccessible.
In the US, it's generally a crime to destroy evidence if you believe there's an investigation. So setting something up to respond to evidence of an investigation seems like a bad idea to me.
In the US, it's also possible to be held in contempt of court for failing to hand over evidence in some cases. There's the Fifth Amendment, but there are enough exceptions to the Fifth Amendment (e.g., I'm not actually charged with a crime, and instead I'm facing fines for not having the right licenses; or the evidence on my computers is meant to be used in proving somebody else committed a crime) that I would want to talk to a lawyer before telling a judge that "the evidence isn't destroyed, it's just inaccessible."
There is a distinction between crime and acts that are morally wrong. For instance hiding Jews from the Nazis would be a crime from the Nazis point of view. But most anyone else would consider it to be the right thing to do.
And given the increasing militarization of the police in the US, and the US governments openly acknowledged policy of torture and refusal to prosecute war criminals...[1]
You should question whether or not your government is legitimate enough to be trusted in matters criminal and judicial.
And since the most likely utility of a program like this one, is to prevent the heimatsicherheit from also wrapping up your friends and family. It may in fact be your moral duty to ensure the safety of others in your affinity group by taking such precautions.
1. as a sidenote the US incarcerates a greater percentage of it's population than soviet Russia ever did, even under Stalin.
To be fair, Stalin had a habit of just killing people instead of sending them to the Gulag. Not that it excuses the US incarceration rate but your comparison isn't very good.
It was intended to be offensive. Although, the actual numbers are quite disputed and most of the ones we hear should be considered propaganda. Besides which; we're hardly ones to point the finger over genocide these days (Iraq, Pakistan, all those Afghan wedding parties).
Yeah, but Stalin also had 700,000 people shot in 2 years, so it doesn't work amazingly.
A more important point is that you must be pragmatic about such things. If you install a dead man's switch to your computer, you must realise that no matter how morally correct you are, in many countries it's very possible that you'll go to prison if the computer is seized in a useless state (for example, in Britain you'll be on the hook for up to 2 years in jail). In many cases, that'll be professional suicide.
So unless you have something to hide that's worth more than that jailtime, this software actually is a hindrance. I think the comment about militarisation and torture is really besides the point - it's clearly unrelated to the issue at hand.
> There is a distinction between crime and acts that are morally wrong. For instance hiding Jews from the Nazis would be a crime from the Nazis point of view. But most anyone else would consider it to be the right thing to do.
You have a point, but recognize that standing on morals won't get you out of punishment.
> You should question whether or not your government is legitimate enough to be trusted in matters criminal and judicial.
But it's very hard to opt out of the system. Personally, I won't intentionally do things that could make life harder on myself and others without first knowing some details. I think it's a bad idea to set up a dead man's switch without first knowing what kind of investigation might trigger it. It would be sad to face charges for destruction of evidence due to accidentally triggering the switch for something silly.
> You have a point, but recognize that standing on morals won't get you out of punishment.
Is that supposed to be a reason not to do it?
You lose rights you don't exercise and it makes vulnerable populations stand out more when they're the only ones trying to protect themselves.
The thing about corrupt law enforcement is that, like other forms of crime, their victims are a large number of people but a small percentage of people. You are not likely to be one of them. But if everybody, especially the innocent, takes practical defensive measures then taking defensive measures is no longer evidence of anything. It's like encouraging people to use Tor to check sports scores and read Wikipedia.
And because you're innocent, whatever legal consequences may currently be the result of defending yourself are irrelevant to you with high probability because they only come into play if you are already a target. And since that is very unlikely to occur, and if it does you're basically already screwed anyway, discouraging people from doing something that allows the innocent actual targets to claim a stronger defense is probably not in the public interest.
> > You have a point, but recognize that standing on morals won't get you out of punishment.
> Is that supposed to be a reason not to do it?
Not really. It's meant to be a "be sure you know what you're getting into" warning.
> But if everybody, especially the innocent, takes practical defensive measures then taking defensive measures is no longer evidence of anything. It's like encouraging people to use Tor to check sports scores and read Wikipedia.
Considering Tor: I'm perfectly OK recommending people check sports scores and read Wikipedia through Tor in the US or other Western countries; but I would feel irresponsible giving that advice to people in, say, North Korea or Iran.
> And because you're innocent, whatever legal consequences may currently be the result of defending yourself are irrelevant to you with high probability because they only come into play if you are already a target. And since that is very unlikely to occur, and if it does you're basically already screwed anyway, discouraging people from doing something that allows the innocent actual targets to claim a stronger defense is probably not in the public interest.
Remember, in criminal law, there has to be an illegal act and a state of mind (the person acted willfully, recklessly, negligently, etc.). The state of mind is nearly impossible to prove with a confession, so it's generally proven by the circumstances: given that the person was under investigation, is it more likely that they destroyed evidence (1) to hinder that investigation, or (2) as a form of civil disobedience and they were unlucky in that they hadn't realized they were under investigation? Of course, in US criminal law, the question is "do you believe, beyond reasonable doubt, that the person destroyed evidence in an effort to interfere with the investigation?" But once proof that the person was being investigated is used to imply their state of mind, the fact that the accused went through a lot of trouble to set up a dead man's switch is going to look sinister; even if there are activists in the world -- who are not under investigation -- going through the same trouble to set up similar systems.
Civil disobedience is admirable, but it's easy to forget that civil disobedience is most effective when people are severely punished for standing on their morals, especially when the punishments are extra-judicial (unnecessarily rough arrests, paperwork snafus with real world consequences, difficulty getting medication ( http://herculesandtheumpire.com/2013/12/28/casual-cruetly/ ), etc.). We recently celebrated Martin Luther King, Jr. Day in the US. According to the Letter From Birmingham Jail ( http://www.africa.upenn.edu/Articles_Gen/Letter_Birmingham.h... ), King made sure to tell protestors that they could be beaten and jailed for their protests ("We began a series of workshops on nonviolence, and we repeatedly asked ourselves: 'Are you able to accept blows without retaliating?' 'Are you able to endure the ordeal of jail?'"). It's admirable that people took him up on the offer, but it's very important that people know what they're signing up for.
> Considering Tor: I'm perfectly OK recommending people check sports scores and read Wikipedia through Tor in the US or other Western countries; but I would feel irresponsible giving that advice to people in, say, North Korea or Iran.
Shouldn't it feel more uncomfortable than this casting the US into a comparison with North Korea and Iran? It seems like it should feel more uncomfortable than this.
But let's see if we can at least distinguish them a little so we can at least pretend. Using Tor is (presumably) illegal in itself in North Korea and Iran. Having your computer set up to delete data in the event of a home invasion isn't, to my knowledge, illegal in the US. You aren't guilty of destroying evidence of a crime if the thing you destroyed was not evidence of a crime.
The concern is presumably that it would look like destroying evidence of a crime, and that you might be prosecuted or falsely convicted for that even though it isn't what you did. But if you haven't committed any serious crime then the probability of a police raid against you is (hopefully) very low, which is the only apparent circumstance where it becomes an issue. Moreover, the more innocent people who have such a thing set up, the less prosecutors are able to argue that only the guilty would do it. Having innocent people do it is the only way to allow the argument that someone doing it is innocent.
> Civil disobedience is admirable, but it's easy to forget that civil disobedience is most effective when people are severely punished for standing on their morals, especially when the punishments are extra-judicial (unnecessarily rough arrests, paperwork snafus with real world consequences, difficulty getting medication ( http://herculesandtheumpire.com/2013/12/28/casual-cruetly/ ), etc.).
I don't think I can agree with that. Civil disobedience is most effective when people are unjustly and publicly harmed but not destroyed. MLK was in the Birmingham jail for eight days. Being beaten by the police while offering no resistance or being jailed for a matter of days is exactly what you want, because the next day the victim is standing behind a podium in front of a thousand people decrying the obvious injustice and demonstrating that their resolve holds.
Which is why the police don't do those things anymore. Today you don't get beaten, you get shot and killed. You don't go to jail for a few days only to be released into a community that rallies behind you, you get prosecuted for years until your entire family is bankrupt and then go to prison until your ties to your community are severed. Can you even name a US civil rights leader who is under 40 and has been incarcerated? An obvious example might have been Aaron Swartz. Or Manning, or Snowden. But those people can't exactly lead a march on Washington now, can they?
We need a different tack. And something that could conceivably work is for as many people as possible to interfere with the ability of malicious government officials to persecute citizens who do the right thing, by doing things that aren't strictly illegal, like operating Tor nodes and using encryption and so on. And yes, that means some risk that a prosecutor somewhere is going to step way over the line and make somebody's life hard who wasn't doing anything wrong. But that isn't the tone of your previous post. There is a big difference between "there is a chance this could go badly, are you in?" and "I wouldn't do that if I were you."
We're clearly not making any progress, so I'll boil down my objections and leave it at that. My biggest problem with the original article is simply that it doesn't mention that setting up a dead man's switch could expose somebody to a legitimate charge of destruction of evidence or contempt of court. That seems like an important detail.
I'll accept your argument that there may be valid reasons for innocent people to set up a dead man's switch, but even so it's irresponsible to tell people "look at this cool thing you can do" without mentioning that doing it could -- in some circumstances -- lead to jail time and legal bills.
Yes, if I set up a dead man's switch and am never investigated, it will never be triggered, and I will never face charges because of it. But then the police will never know that the thing existed, so they would have no reason to believe that lots of innocent people are using dead man's switches for legitimate purposes.
I would still insist on a disclaimer if the advice only increased the chance somebody would be charged with a crime, even if it were impossible to be convicted. I don't believe everything should carry a disclaimer, but I do believe that if I'm aware of a nonobvious risk, I should mention it.
Years ago, I was a teller for BB&T bank. When the economy started slowing down in early 2001, and our competitors announced layoffs, the CEO sent out a memo stating that BB&T didn't plan any layoffs and that the CEO thought the company had a bright future. As proof of that bright future, he mentioned that he was "fully vested" in the company, i.e., his only investments were cash and BB&T stock, and he swore that he would not sell his stock because a captain has a duty to go down with the ship. It's certainly legal to put all of your investments in one company, but it's generally considered a risky move, so the CEO also included a disclaimer that he wasn't suggesting we put all of our money in BB&T stock. But he wanted us to know that he either sincerely believed in the company, or was willing to risk a fortune pretending to.
> > Considering Tor: I'm perfectly OK recommending people check sports scores and read Wikipedia through Tor in the US or other Western countries; but I would feel irresponsible giving that advice to people in, say, North Korea or Iran.
> Shouldn't it feel more uncomfortable than this casting the US into a comparison with North Korea and Iran? It seems like it should feel more uncomfortable than this.
I'm feeling the smugness, but I'm not able to figure out the logic behind it. My complaint with the original article is that it gives advice without mentioning the consequences for following that advice. My list of things that should include disclaimers is based on my understanding of US law and the potential consequences of using Tor, secure HTTP connections, encrypted email, etc. It seems obvious to me that the list of things that should include disclaimers under various legal regimes will be influenced by the consequences of taking those actions in those regimes. Indeed, mentioning that the consequences of using Tor, encrypted email, etc. are different in the US than in North Korea (or Iran, or Saudi Arabia, or Cuba, depending on who's on the other end of the connection) seems to me to be a compliment to the US.
> In the US, it's generally a crime to destroy evidence if you believe there's an investigation
There are situations where obstruction charges/fines/jail-time are far less severe than the crime originally intended for prosecution. Without the evidence on your system, the prosecution may not be able to put together a solid case.
If Ulbricht had been able to destroy his data or shut off his laptop before the FBI (controversially) distracted and stole his laptop out from underneath his arms prior to arrest, the prosecution's case would not be nearly as strong. So far most of the evidence submitted in court has originated from his laptop and personal diary (kept on the laptop).
I enjoy your snarkiness daniel, but I think it's a bit more complex than "I'm so clever", FDE is a feature of MacOSX, Ubuntu, and .. I dunno.. probably Windows by now? Who cares.
They can essentially use all the tactics they would get you to use to reveal any other information, and if they have probable cause for that drive, the encryption keys are what they'll ask for.
Destroying them could put you in a tough situation, because they might not believe you destroyed them. Proving that nowhere in the world do you have access to a few kilobyte is pretty hard, and although the burden of proof is generally on the prosecution, it's up to them and law enforcement to interpret that outside of court. Because federal judges are protected by Federal Marshals - DOJ employees - they also have an IMO unhealthy relationship with the DOJ.
Full disk encryption isn't an "I'm so clever" excuse - take Ulbricht for instance even if he had shut down his computer before being arrested FDE wouldn't be help from someone asking his password. If you've been seen using the computer recently it's going to pretty hard to convince the courts that you don't know the FDE encryption password.
"I'm so clever" is running something that destroys all the data on your laptop and then claiming that you didn't do that in response to an investigation (and therefore obstructed justice).
Even with Truecrypt installed there's still plenty of ways evidence can be collected that can be used to demonstrate that you realistically have access to encrypted and hidden data. It isn't as simple as installing Truecrypt and thinking you're safe. Be it recently accessed documents lists for folders that don't exist, Truecrypt being installed, having software installed (and with recent execution dates) that don't have any corresponding data files anywhere on the system etc etc.
Think of it like Cold War espionage - you could live your life by "Moscow Rules" where you do everything possible to be able to claim, convincingly, that you're not being so clever. However even very talented agents and intelligence assets failed to not slip up on many occasions, and it involved huge amounts of time, effort and money on their parts.
Not sure which country you hail from, but I know that there are laws compelling you to hand over keys generally worldwide[1]. So I guess it depends if the crime you're guilty of (Otherwise why would you even need to hide everything) outweighs the punishment for withholding keys.
Thankfully, the USA still has a fair amount of really strong legal protection from the bill of rights (1st-10th amendments). The 5th amendment protects US citizens from being forced to reveal their encryption keys.
Forced key disclosure with sentencing for failure to disclose (like in the UK) is particularly odious. If I have a hard drive full of random data, the UK government can imprison me for up to five years just by accusing me of terrorism or child pornography possession and demanding that I turn over the key to the hard drive. They don't have to prove that I did what they're accusing me of, or that I even have a key.
In the UK, if you can meet the evidential burden to raise the issue that your hard disk is in fact full of random data, then it must be proved beyond reasonable doubt that that is not the case. In other words, unless you aren't even permitted to use that as a defence, the prosecution does actually have to prove that you have a key. Now that we have some experience of successful RIPA prosecutions, the smart advice appears to be 1) don't claim to have created a key that you refuse on principle to turn over, or 2) to have created a key that you've since forgotten: you will be asked how long it is – if short, it won't be reasonable to have forgotten it, if long, unreasonable not to have recorded it elsewhere. Basically don't admit to use of encryption unless you're capable of producing a key.
> you will be asked how long it is – if short, it won't be reasonable to have forgotten it, if long, unreasonable not to have recorded it elsewhere.
Bullocks. Just yesterday they replaced the keypad on a door I've used a hundred times before and I completely blanked on the combination. It was the same 4-digit number it was before but the keypad was different and that was all it took. On the other hand, the passwords for the computers are 14 random characters, and nobody ever wrote them down because a) they were explicitly forbidden to and b) everyone used them so often they didn't need to. Except that half the time anyone would go on vacation for more than a week they would forget and have to beg the backup admins to restore their home directory because the local data was encrypted but the backups weren't.
The idea that it isn't "reasonable" for people to do these things is belied by the fact that they regularly do. And having the police break into your house and turn your life upside down by carting off with half your stuff is exactly the sort of shock that will interfere with your ability to remember.
They aren't calling it unreasonable because it's unreasonable, they're calling it unreasonable because they'd rather put innocent people in prison than let guilty people go. The prosecutor is willing to lie about what is reasonable and the judge is willing to believe the lie. But at that point it doesn't matter what you actually do because facts and logic are no longer in play. They're just making things up. If they don't get you for not providing your encryption key then they'll just make up something else for you to be guilty of.
> The 5th amendment protects US citizens from being forced to reveal their encryption keys.
IANAL, but it does not. It protects against self incrimination. They can make you incriminate someone else just fine, and if you try to object on 5th amendment grounds they can grant you immunity to whatever they might find there.
I wonder, though, if your key were a confession to a crime you did actually commit (perhaps you stole a pack of gum) and you cannot be compelled to testify against yourself, how would that turn out?
This has gone both ways so far in cases in the United States[1]. One of the fundamental questions is whether or not you giving up the key is testimonial or not. There is a litany of things which have been held to not be testimonial, and thus not implicated by the 5th amendment, including giving up your saliva, blood, fingerprints, standing in a line up, etc.
The really interesting legal question to me is as neuroscience advances, it is likely in the near future that scientists may be able recover one's key (or other relevant information regarding crime) through studying one's brain by imaging or the use of other sensors. Under current case law there is a really really good argument this would not be testimonial (i.e. it is similar to taking your fingerprints or blood), yet provides the same information they could obtain by compelling your testimony.
Does the 5th Amendment prohibit the government from scanning your brain to obtain information about a crime? I think there is a significant number of judges who would find under current law it does not.
I knew the key and would readily input the key frequently in the past so that I could access my information, but now that you want that information I have conveniently forgotten the key.
Yes, they would put you in jail, but more for being a bad liar than for having a faulty memory.
What if you used it before, but not like yesterday? What if you last used it a month ago? A week ago? What is "frequently", once a day? Once every two days? Once a week?
It works for so many Presidents and Congressmen though!
Honestly, if I have a 32 character master-password on a strip of paper in my wallet and I just happen to lose my wallet before I get raided, then I'm pretty sure that I could show that I simply don't know the key.
The hard part would be to prove that you "just happened" to lose your wallet before you got raided, rather than disposed of it in expectation of the raid. Or that the whole story of that being where the key was is true, in the first place.
Isn't the burden of proof on the police to prove that you are lying? So if neither side has proof it must be assumed that you did indeed just happen to lose it.
Because realistically would you write down the pass key in only one place? That's all of your data after all. Your livelihood if you're a developer etc. You may get asked what sort of things losing that password has cost you, if you're the sort of person who has that level of security that probably means you're locked out of all sorts of other systems (thanks to now not having access to private keys) so they can be subpoenaed to see if you've managed to log into your hosting account recently despite not having the private key to do so. And if you magically have preserved your private keys elsewhere why should you be believed that your passkey solely exists on a piece of paper in your wallet...
What about your friends, co-workers etc who might be compelled to testify as to having seen you work on your computer and have never seen you get your wallet out at any point.
And as soon as that isn't believed all other testimony you may give is tainted because you've just lied to the court. Good luck with any mitigation in the event of a guilty plea as well because you've demonstrated you haven't acted in good faith.
Yes, but "proof" in the legal sense isn't mathematical/logical proof; even the criminal "beyond a reasonable doubt" standard does not involve elimination of all doubt: a fairly typical jury instruction [0] on the standard says of reasonable doubt that "[i]t is such a doubt as, in serious affairs that concern you, you would heed; that is, such a doubt as would cause reasonable men and women to hesitate to act upon it in matters of importance."
I think part of the problem with these discussions is that there are countless cases where the police won't stop just because there's a law that says so and so.
They often work hard to find workarounds or ways to charge you with other things to punish you anyway. The most obvious example is being innocent until proven guilty, and yet there are a lot of cases where the police shot someone to death because they raided the wrong home for example (which is why the tool is called SWATd I believe)
No. But if you say "I forget" and "they" don't believe you and a judge/jury doesn't believe you then you can likely be convicted and imprisoned for perjury and/or criminal contempt.
IANAL as well, and obviously depends on the jurisdiction, but as far as I understand previous discussions: using a tamperproof or encrypted disk is mostly fine. Actively triggering anything that destroys data after you've been become aware of the fact that law enforcement has a warrant is not.
Dead-man switch kind of things are harder to categorize, e.g. having a daemon format the disk if GPS reports locations outside a certain area, or if you don't press a key kombination every 2 minutes (is one allowed to lie about them if asked?)
if you just use encryption you might be forced to turn over the keys.
Digital laws are so barbaric and unbalanced today. I'd be worried they'd find a copy of an xfiles episode in some subfolder somewhere or god knows what. All of a sudden I'm facing federal prison and fines sizeable enough to ruin my entire life just because I was being 'accused' of xyz?
Not to be picky, just interested. What's the reason behind using a daemon instead of simply running sensor check scripts in Cron? Or even better, raise interrupt when sensor fails, so you don't have to wait 30s (in worst case).
IAALBIANYL, so I will leave whether or not this would be operationally useful to those smarter than me, but from a legal standpoint, one should be aware that operation of a system like this as far as the United States would likely result in additional charges for obstruction of justice[1].
It is by no means unusual for the government to fail in the prosecution of the original crime they investigated, but succeed in convicting a defendant for obstruction. (See, e.g. Martha Stewart[2]). In fact it is not at all impossible (though not likely) to imagine a scenario in which someone committed no crime, was running a utility like this, and was eventually charged with obstruction. Say I'm Brian Q. Krebs, some nice people on the Internet decide to swat[3] me confusing me with someone with a similar name[4], police enter my house, swatd deploys and ambitious and creative young prosecutor decides to charge me with a violation of 18 USC 1519. Might not succeed, but boy will he get some press.
As always, the best advice if you are going to engage in a wide-ranging criminal conspiracy is to make sure you have some goofy-reasoned memos from DOJ lawyers approving your activities[5] and Congress on call to provide you retroactive immunity[6].
IAALBIANYL - I'm thinking this means "I Am A Lawyer But I Am Not Your Lawyer"? I haven't seen this before but it seems to make sense. Or does it mean something else?
I really didn't want this to blow up. It's absolutely NOT a solution to getting raided by the police. While that was the original inspiration for writing the tool, I was half-joking when I wrote the README about it being a defense against law enforcement.
I've moved the code into a different branch and added a disclaimer to the README. The most important line of the disclaimer is: "If you need to rely on SWATd, you have already lost."
Willful destruction of evidence is a criminal act in many cases, and even in cases where it isn't, judges can instruct juries to make adverse inferences.
If you're handling sensitive material, you should have a consistent policy/practice to periodically purge, destroy or deal with data. You're less likely to get into hot water over deleting data if its a long-standing process. If you are involved in a criminal scheme and the police are busting down the door, they have evidence already.
Previous jobs had me involved in alot of civil litigation from the IT side. Many really serious problems were avoided by having good deletion policy. The place that let employees squirrel away email for 20 years would either lose cases because of stupid employee chatter or win pyrrhic victories after spending thousands (or millions in one case) of dollars on discovery.
Thank you for sharing a clever script that has many uses!
However ...
Ideally, your computer should be secure against physical access and not need to run a script.
This is a solved problem in the intelligence and defense communities which have policies such as physical key storage, e.g. PIN enabled encrypted USBs, encrypted file systems, multifactor authentication and such to defeat forensic tools operated by an adversary.
Suppose you are a military or intelligence officer carrying around a laptop with secret stuff on it. How do you think that laptop is secured so that its safe even in the hands of an adversary.
Far more likely than a police raid, is the accidental trigger of the script, e.g. the house painter needs to move your server a bit to get to the wall behind it!
> This is a solved problem in the intelligence and defense communities which have policies such as physical key storage, e.g. PIN enabled encrypted USBs, encrypted file systems, multifactor authentication and such to defeat forensic tools operated by an adversary.
That doesn't really help if they grab your pc while you are in the middle of a session while your data is already decrypted.
It's difficult to think of things you could watch that would only occur during a raid. The examples given: ethernet and wi-fi, both go down much more often than you would like to think. Usually it's only for microseconds, but if you have a program that happens to check right then, there goes your encryption keys.
A tweak to the code would be to make sure that the sensor stays in the fail state for a particular duration. Even a few seconds would get rid of a lot of the false positives.
I think you could accomplish a similar function using the proximity of a cell phone to a laptop (like this: http://www.novell.com/coolsolutions/feature/18684.html). If the script shuts the laptop down when it's too far from the phone, that's perfect for me.
Well, for non-destructive actions that's probably good enough.
For destructive actions (say zeroing an RSA private key or some sort of master key, wiping an HSM, etc.) than you would want a system where the likelihood of false negatives is minimized only so far as the likelihood of a false positive is very remote.
In the former case, you could be compelled to provide the password (or equivalent). In the later case, even if you do they have to brute force the crypto container (assuming no backup of the destroyed data can be found.)
HSMs generally behave destructively to tampering and normally are the exclusive holder of a specific key. They tend to have a metal casing that protects the tamper detection mechanisms from accidental triggering and redundant batteries to avoid running out of power (which is normally a trigger for self-erasure through de-powering SRAM or running off of a capacitor with an high-priority non-maskable power-loss interrupt to trigger zeroing.)
This is where you need to separate the data from the encryption, and where external hardware based authentication becomes useful. If you have a hardware authentication you can destroy the device without losing data, and depending on the ease of getting a new device hold up the ability to access said data. There are all sorts of things you could look at wrt securing/destroying the device, GPS location etc.
If you were to have the devices be stored / issued from somewhere outwith the jurisdiction of your state you might even have something that could stand up to the law. But then you have to worry about someone tampering with the devices - but by that point you're up against intelligence agencies and realistically you can't do anything to stop them - after all your device is Tempest secured, air gapped from the internet etc etc.
You basically have to script your own, depending on your system.
Case instrusion sensor, availability of your network, inertial sensors.
Hotplug events are especially interesting. There are Firewire memory dumpers or attempts to reboot from an USB stick. And they simply might have to unplug things if they want to physically move the machine, even if they have spliced the power source.
Alternately, always have the recording going to something local, but trigger offsiting it with something like this and otherwise have a very limited timeframe for keeping it.
The other VERY VERY important piece of this I suspect would be notices posted at every possible entrance to the house, something like "Video and audio recording occur on these premises. By entering, you consent to this recording and to the use and public disclosure of these recordings. If you do not consent to these recording, use and disclosure policies, please call (xxx) xxx-xxxx and schedule an appointment." Perhaps I should call this a kick-through license - I'm not sure it'd stand up, but I suspect you'd have a pretty decent chance of that.
Of course, I'm boring, not inclined to activities likely to inspire either police interest or SWATing, and I live in a mostly-white townhouse community in the 'burbs. My most likely home invasion would be because "you are in a maze of twisty drives and townhouse units, all alike."