Here's how police arrested Lauri Love – and what happened next Lauri Love was arrested on suspicion of offences under the Computer Misuse Act 1990 early in the evening of 25 October 2013, when a National Crime Agency officer wearing dungarees and posing as a UPS courier told Love's mother that Lauri himself had to come to the porch to collect his delivery. In his dressing gown and pyjamas …
'..Storing back-ups off-site would not render them protected.'
Of course, your definition of an off-site backup location might not match that of someone with something to hide. Consider the size of your average xTB drive, now, consider your surrounding geographical area for 'stash' locations..
Now, for added fun, consider that a 128GB micro SD card can be had for around 30 quid..and it's bloody well hard enough finding the ones you know you've got somewhere in the house (sharing a house with someone totally OCD on 'tidiness' doesn't help..can't leave anything down for more than 20 minutes before it's tidied away..)
I don't envy the police their task sometimes..
So true. My property was supposedly returned to me, although on the date of rerun I was in prison 600 miles away. Two lawsuits and three years later, I received a check for $158, despite losing tens of thousands of VAX gear.
What kills me about this thread is that most of the posters here complaining about the police becoming our masters are the same people who loudly denounce the U.S. because the citizenry is armed. THIS is why we are armed, people. We would like the police to respect us just a little. That won't happen when they are armed while we are disarmed and dependent on them for even the most minimal protection from evildoers (who will remain armed too).
It's a good theory, but in practice when the citizenry start using their weapons they usually find that the police have bigger, better weapons and a lot more of them - I can't remember one case where the armed citizenry has emerged anything except full of holes.
"In theory there's no difference between Theory and Practice, In Target Practice there is."
"....I was in prison 600 miles away...." Gosh, you mean they locked you up for delivering Christmas gifts to the children at the orphanage? Or could it be because you were convicted of a crime in a court of law? And it would seem a serious crime if you got porridge rather than a suspended sentence, or was it not your first offence? Yes, I find you such a reliable and trustworthy source for opinion on the MO of the coppers - not!
".....received a check for $158, despite losing tens of thousands of VAX gear." LOL! Unless this happened in the '80s I suspect you were overcompensated!
@macjules - you assume the computers are not laptops, or that he had no battery backup system (fairly inexpensive devices) attached to a desktop style computer.
such an assumption can not be made where a supposed encryption event could occur.
As to the "press of a button" those replying did click a button to do so, and was that some herculean feat to undertake?
*AND* macjules, had the system been a desktop, and had whole disk encryption been employed, simply cutting power means the system boots up, and asks for the password to decrypt the OS or other apps within the system which would cause a failure to boot otherwise.
wouldn't work for reasons already mentioned...
They have special means of keeping computers powered up while transporting them to their lair... they even have boxes called mouse jigglers to prevent screensavers kicking and then requiring a password.
If you're running an encrypted Linux file system then you need the key when booting the computers. Whilst they're up they are no encrypted. Cut the power and they're encrypted. However he would have a UPS.
How would one prove they do not in fact have these so called social media accounts? I don't have FB or Twatter, or LI or... or... but I do have an El Reg login.
Will it become a law that you are required to have such frippery?
Tramp because he probably doesn't have social frippery logins either
I still don't get how the burden of proof that you forgot something lies with you. In essence, you're supposed to prove that you do NOT remember something, which is impossible (how can you prove God does _not_ exist?). You can only prove that you DO remember (by providing the keys).
I think it's based on the perceived implausibility that someone would take steps to secure something and then forget how to get to it when they wanted.
Unlike key to a shed though, it's difficult to sort through ones thoughts and metaphorically find it at the back of the drawer.
Forget the password?
Maybe after 98 days of not using it most people would forget.
I have two main passwords to remember, the rest are in a manager or written down. I'd likely forget them a lot quicker than 3 months if I wasn't using both every day.
Personally I have encrypted stuff, only to forget the keys and after much cursing etc have to reformat losing the info - fortuneately I did have back ups well off site but not quite as upto date as I would have wanted
Mines the one with the little black book of passwords etc in the pocket
Context matters with memory. I had an instance inside a bank where I needed my banking PIN, but could not remember it.
I stepped outside to the ATM and it the memory came bank instantly.
If Lauri has the same thing he might need to sit in front of his computer to remember the code
That context isn't a 'Thing' you have it's actually a documented phenomenon with human recall. It's not called 'changing context', IIRC but it's essentially the same meaning, like moving from the living room to the kitchen to subsequently forget what you went for, only to remember immediately once you returned to the living room 'context'.
Something to do with hunter-gathering I seem (see what I did there) to remember ;o)
Really. Expecting highly trained and experienced "cyber investigators" and their superiors to know about, let alone understand, a concept like context memory is too much. Not now that the idiocracy has taken hold.
Back when I was a young public defender (before discovering that IT paid better and was a lot more fun), I had a case that turned on the time witnesses said they saw my client. Instead of asking them what time it was, I asked what was on TV. Armed with their answers, I entered a copy of the local paper into evidence,and showed the court its TV schedule: demonstrating that all of the witnesses had consistently testified they'd seen my client during a period that his boss and fellow employees said he was still at work (over an hour before the time noted in all the police reports). The case was a bit odd because my client's entire family were notorious troublemakers in the neighborhood with criminal records, and the crime he and his brother were accused of was burning down their own house. My theory even all these decades later is that some of the neighbors set fire to the house and then pointed the police towards "the usual suspects".
Does anyone else around here suffer from PIN Anxiety - the fear of forgetting your PIN such that when you come to type it in you are sure you've forgotten it, the car reader will reject your PIN and much embarrassment will be caused all round?
Just me then? Number of times that happens to me and it's some form of muscle memory that picks the right PIN and bails me out.
@tony2heads
He offered to do just that BUT was not allowed to have his computers back to aid his memory.
As stated there was no risk as the Disks could have been 'imaged' to allow for any risk of deletion of data.
If you are accusing someone of not giving Keys/Passwords to prove guilt of un-named/proved crimes, it helps if they do not remember them. :)
"I think it's based on the perceived implausibility that someone would take steps to secure something and then forget how to get to it when they wanted."
Perceived being the operative word. I dont like to use the same password for things, I also like to use complex passwords for things that I dont want people to guess.
I have often forgotten 17 character passwords or forgotton which characters I uppercased and which were replaced by special characters.
>>"I think it's based on the perceived implausibility that someone would take steps to secure something and then forget how to get to it when they wanted"
I've got a dozen old GPG keys, encrypted partitions and what-have-you that I can't remember the passwords for or that I've lost the key for. I could pull any old hard drive out of my filing cabinet and odds are there's something on there I can't access.
This is an unjust law that runs against the principles of innocent until proven guilty and of no self-incrimination.
It's entirely plausible that a long, complex passphrase could be forgotten, in whole or in part, in the months after equipment was seized, but before the key was demanded.
Especially given the stress levels Love would have experienced.
Human memory is unreliable at the best of times.
This is an extremely dangerous law that violates the right to silence and is ripe for extreme, unprovable abuse. All the police have to do is say that they believe you have the password and you are guilty if you do not hand it over. There is no defense beyond proving a negative. Of course if the first time you saw the USB stick was when an officer dropped it into an evidence bag, how are you going to prove that?
Obviously proving that you've forgotten passwords is difficult...
My run-in with Plod was made all the funnier because they'd never seen Linux before and made the assumption that I "must be hiding something" because I wasn't using Windoze or Apple. I steadfastly refused to provide passwords and pointed out that if their "computer specialists" were any good, they'd be in the machines in minutes.
When it got to Court, I demonstrated that the reason I used "something else" was to prevent any unauthorised access to my copyrighted work on my machines. I also demonstrated that breaking into a Windoze machine was trivially easy - which is why I won't use it.....
They were unable to gain access to my machines (except to a "Guest" account) and I refused to let them in. The Judge asked if there was anything that I didn't want revealed on my machines. I explained that there were details of my Bank Accounts, a lot of my work, and various private emails. The Judge asked if he could be allowed to have a private look at the contents - I acceded, on the understanding that it was restricted to him, in private. He had a quick look, concluded that there was nothing actionable on the machines and dismissed the case.
I received a settlement for unlawful detention and for the unlawful seizure of my gear - I don't need to work for a couple of years!
You're thinking of several years ago when we had something called "The rule of law". This was designed to prevent citizens being oppressed by the government, so of course it had to go.
Innocent until proven guilty, open trials, being allowed to see the evidence against you and confront your accuser, having to have actually broken a law rather than just annoyed the government, all that has been chucked in the rubbish.
And it's quite easy to forget passwords if you don't use them often. I had an email account with Bluebottle.com (sadly now defunct). I normally read email in Thunderbird and had forgotten the password. I wanted to log in to the web interface just before Bluebottle went away and check a non-inbox folder. I couldn't remember the password, no matter how hard I tried.
I did find it, although it shouldn't have worked. I admit that when I set the account up years ago, I set it up with plain text password transmittal [hanging head in shame]. I did finally remember that bit, so I used Wireshark and sniffed the password. Problem solved.
But, based on my own experience, I agree that if the plod seize computers and hold them for months during which the owner doesn't USE any of the passwords, it's not only reasonable, but LIKELY that the owner will forget the passwords.
Paris because my memory for passwords is about that good.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
