[Closed] Jailed for withholding computer password

Surely there are other ways to get access to the harddrive that dont need the password.

aracer - Member
> http://www.bbc.co.uk/news/uk-england-11479831

The implication is that this bloke was doing dodgy stuff - but it seems he's not been charged with anything to do with that, innocent until proven guilty and all that.

But he's not innocent. He's guilty of withholding a password. And that's what he has been found guilty of and sentenced for. In my simple term, I'd say that was obstructing the police in conducting an investigation.

Surrounded By Zulus - Member
Surely there are other ways to get access to the harddrive that dont need the password.

Eventually....

50 character password! that is admirable dedication, be hilarious if you then forgot it.

hmm sounds like he has some serious encryption. But I agree it seems wrong to be jailed just for not giving your password, they must have had some other evidence/suspicions..

I think - if the cops turn up at your house with a search warrant and you obstruct entry to your property, you are committing an offence and can go to jail. If the offence they got the warrant to investigate is computer-related, then it follows that obstructing access to the computer is an offence, no?

He should have used TrueCrypt's 'duress' system

I would have thought withholding information would come under the protective umbrella of the right to remain silent, obviously not the case though.

Another set of repressive legislation that should receive a review/repeal from the new government.

I think - if the cops turn up at your house with a search warrant and you obstruct entry to your property, you are committing an offence and can go to jail. If the offence they got the warrant to investigate is computer-related, then it follows that obstructing access to the computer is an offence, no?

I was thinking along these lines.

Trouble with computery stuff, is that it's not too difficult to encrypt individual documents as well as entire drives. A friend works in document security software; their products are banned in France apparently because they breach French laws on the level of security for electronic data. IE, too difficult to crack their codes.

It's also not too difficult to booby-trap files to self-destruct should any unauthorised attempt to access them be made. The police's job is a difficult and sometimes impossible one, when it comes to data investigation.

Of course, the old adage of 'if you've got nothing to hide...' comes up, but there are issues of privacy called into scrutiny in cases such as this; you should have the right to some ultimate privacy. Innocent until proven guilty, right to silence etc. A computer, like a diary, can contain very personal things, which others have no right to see regardless of any criminal investigation. It's part of a person's Human Rights.

I would have said that the "right to remain silent" would apply here.

It's also not too difficult to booby-trap files to self-destruct should any unauthorised attempt to access them be made.

Oh aye? 😛

A computer, like a diary, can contain very personal things, which others have no right to see regardless of any criminal investigation.

Yes Grum; one might have original designs and stuff that they wouldn't want rivals to see. Back up the files to a secure location, set automatic destruction should anyone try to access them on a network at a work computer.

Why, what were you thinking of? 🙄

ISTM there must be a market for a product which encrypts your data with two different passwords - one normal one, and one to give to the police, which hides/destroys anything [s]dodgy[/s] of a personal nature during the decrypt process.

So, say the filth came to my door with a search warrant and found a safe (booby trapped) in the wall where I got my gunz and shit. Do I have to give them the combination?

I would have just said I'd forgotten it.

Did the cops try the helpline?
I bet they didnt.
They'll read this & thank me.

Why, what were you thinking of?

Dunno just thought maybe you were a terrorist or something? I heard you talking about Islam in a non-derogatory way once you see. 😛

you have a right to say nothing!

unless he/she is accused of kiddie pron then he/she has NO rights ... in My world anyways 🙂 HTH

Imagine if he wasn't jailed. Imagine if you could have the same rights to prevent the police accessing your property...

'Have you any guns/drugs/bombs/illegal sex-slaves/abducted children in your house sir'

'No'

'Can we come in and have a look'

'No, it's locked and I'm not giving you the key, jog on'

'Ok Sir, as you were'

there must be a market for a product which encrypts your data with two different passwords

That's assuming it doesn't already exist. Truecrypt, to name but one.

Amateurs.

Dunno just thought maybe you were a terrorist or something? I heard you talking about Islam in a non-derogatory way once you see.

Oh yeah, good point actually. I'm Brown as well. 😯

Can't be too careful, can you? 😐

i find it hard to believe he has nothing to hide and as Yeti notes it would be odd if we allowed suspected criminals to refuse a search which is effectively what he has done. They got a warrant to search his computer for child sexual exploitation so they must have had some evidence in the first place. I see the human rights issue in general terms but not in this case.
If I was charged with child pron offences and all that was required was my password to clear my name then I would give my password to the plods.
I would not even need the threat of 4 mths in prison to persuade me. Would anyone not give up their password rather than do 4 mths in prison?

I can't help but suspect that the police investigate the said gentleman following information obtained as part of their child sex exploitation investigation and if he decided that a jail term was worth witholding the password for then I would also suspect that what he had on the hard drive might lead to a far heavier sentence.

I hope they crack the password and give him what is coming to him (be it a life of showertime buggery or a formal apology...)

So, say the filth came to my door with a search warrant and found a safe (booby trapped) in the wall where I got my gunz and shit. Do I have to give them the combination?

😆

Come lets be honest he is hiding his code cos he has disgusting images on his PC, He'll be away for a lot longer when they crack it.

On reflection I think they should have jailed him for the term of the suspected offence.
He can easily clear his name.... if he's innocent.

Question:

If he gets done for witholding the p/w and they later break the code & find nasty stuff, can he then be done for the pron too or is it too close to being the same offence?

he may just be standing up for his rights tho! ... i mean, how would You like anyone going through all your personal stuff on yer pooter??? i know i would'nt and im purer than the driven snow! Lol

but lets just hang him anyways Eh 😀

I'm Brown as well

but lets just hang him anyways

From a lamppost???

I'm sharpening my pitch fork already. 😆

*puts pitch fork back in cupboard*

Maybe he's Mark Datz and really doesn't want [i]anyone[/i] to know his true identity?

assuming they dont crack it hes got away lightly
16 weeks is considerably less than i imagine hed get for kiddie porn and entry onto the sex offenders list too

he should have used the pete townsend defense and claimed he was writing a book

[i]i'm brown as well[/i]

I didn't think all brown people were Islamic and I didn't think all Islamists were terrorists.

Have I been misled by the leftist liberals then?

Being brown (or white) doesn't stop (or make) you being a terrorist does it?

RACIST!

RACIST!

Yes it's true. 😳

Quite apart from the privacy issue (which is more than enough IMO) I would take the jail time because I don't trust the police's computer skills.

Can they tell the difference between me downloading kiddie porn and a virus hijacking my computer and using it as a server for kiddie porn?

http://www.cbc.ca/technology/story/2009/11/09/tech-internet-virus-child-porn.html

It's not the same as not allowing police access to your house and finding physical evidence.

I find this somewhat unsettling. On a more tangible example, would he be still be jailed for not telling the fuzz where his safe key is? Same situation really as could have pictures etc in a safe.

.

A computer, like a diary, can contain very personal things, which others have no right to see regardless of any criminal investigation. It's part of a person's Human Rights.

Rubbish. Don't write about things you obviously know nothing about.
Searching a house recently under the authorisation of a court search warrant meant the only things I couldn't read were letters to and from the householder's solicitors, as it could be private discussions between a defendant and his legal advisor.
If the householder had tried to prevent us from searching anything else in the house that was under the jurisdiction of the warrant then then could (and have been in the past) be charged with obstruction. And that's the same if I'm investigating something using the powers that I have with my personal warrant, as long as I am complying with the law as described by the Act under which my warrant is authorised.

It's not the same as not allowing police access to your house and finding physical evidence.

Aaaaaah so all criminals have to do is keep eveything on A computer as what's on it isn't "physical" evidence!!! Of course it is you fool.

Take it you got bullied a lot at school and that's why you joined the police, then. You've obviously feel the need to insult people but don't have the whit or physical presence to actually defend yourself without the authority granted to you by your job. Why don't you take some counselling or something. You never know, maybe it'll make you happier in the long run.

Anyway, how do you distinguish between data that someone intentionally downloaded and data that was downloaded by a virus? By the way, I didn't realise you could have digital versions of guns and drugs these days. Cool!

This is why the Regulation of Investigatory Powers act is such a farce. If the police showed up at *your* house, said you had encrypted materials and required you to decrypt it - but you don't know what it is or have a password to give them, you can go to jail just like this chap. Given that you wouldn't necessarily need software installed or a file called "secret stuff" there (you can encrypt and hide data in lots of different types of file or even hidden partitions on the HD, how on earth could you prove your innocence? Complete reversal of the usual "innocent until proven guilty" burden of proof.

In his case, assuming he's protecting dodgier stuff that would warrant a longer sentence, this is a nice way of bypassing all that. Bonkers.

He was witholding evidence? Something to hide huh? Deserves all he gets (and a beating in jail I hope).

Take it you got bullied a lot at school and that's why you joined the police, then. You've obviously feel the need to insult people but don't have the whit or physical presence to actually defend yourself without the authority granted to you by your job. Why don't you take some counselling or something. You never know, maybe it'll make you happier in the long run.

And I'm not even a policeman!

No, he's a lot, LOT worse than that! 😉

If the householder had tried to prevent us from searching anything else in the house that was under the jurisdiction of the warrant then then could (and have been in the past) be charged with obstruction. And that's the same if I'm investigating something using the powers that I have with my personal warrant, as long as I am complying with the law as described by the Act under which my warrant is authorised.

The maximum penalty for obstruction is 1 month imprisonment and the Magistrates' guidelines suggest a fine.

Complete reversal of the usual "innocent until proven guilty" burden of proof.

robdob - Member
If the householder had tried to prevent us from searching anything else in the house that was under the jurisdiction of the warrant then then could (and have been in the past) be charged with obstruction. And that's the same if I'm investigating something using the powers that I have with my personal warrant, as long as I am complying with the law as described by the Act under which my warrant is authorised.

Could you force him to tell you the combination to his safe and imprison him if he doesn't?

Oooooh someone got out of bed the wrong way this morning!!! LOL!
oh, and you couldn't be more wrong. Didn't get bullied, its got nothing to do with "defending" myself (what's that about?), I just know how search warrants work and what you can and can't do under PACE (Police and Criminal Evidence Act). Just because someone knows their job does this mean they need counselling?
And I'm not even a policeman!

I did get out of bed on the wrong side this morning and being called a fool by someone who couldn't even answer my question didn't improve my mood. For the third time, how do you tell if data was downloaded intentionally or if it was downloaded by a virus?

how do you distinguish between data that someone intentionally downloaded and data that was downloaded by a virus?

Can't comment on the Old Bill's L33T hacking skills, but I'd say that's fairly straightforward. "Is there a virus" for a start.

Stuff downloaded intentionally and saved, stuff browsed and then discarded, and stuff snagged by a virus will all be different behaviour, stored in different places at different times. All it'd take to clear a name would be a file creation date where he's got an alibi.

Cut his cock off with a rusty spoon. He looks guilty. Enough for me.

But given that it's straightforward to hide this stuff away and have an otherwise working, normal PC ([url= http://www.truecrypt.org/docs/?s=plausible-deniability ]see here[/url]) - it would be perfectly possible for the police to suspect you of wrongdoing and demand an encryption key that you don't have.

How do you prove that something hidden isn't there? How do you prove that you don't know a password rather than refuse to disclose? If police turn up with a search warrant, you can let them into your house and give them as long as they want to look through and try to find things. With this, they'll stand over you requiring you to decrypt or you face jail for non-compliance.

Has everyone forgotten their tinfoil hats today?

I was also surprised that this is an offence, but after reading the story, it seems reasonable (in this case)

A 50 character password (assuming a 50ish sized character set) would give you (approximately) 26,500,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000
possible combinations...,

So a fair bit of work to crack, especially if they are unable to automate the process.

And lets be frank here, most that any of us do are 'hide' files from the misses.

What if you genuinely had forgotten the password?

How do you prove you have forgotten something, rather than are just refusing to disclose it?

Genius imo! Surely the police would be able to crack the password. If they cant crack into a computer what hope is there!!

For the third time, how do you tell if data was downloaded intentionally or if it was downloaded by a virus?

Well, I know smeg-all about computers, but even I can think of a couple of ways you could tell, for a start!

A 50 character password for a start means hes overparanoid about something isn't he?

A virus would have to download a set of web url's into the browsers immediate history, into the hardrive, add in attached pics throughout the hardrive with various dates to show/simulate a viable viewing history no?

OK, let's say the authorities can without a doubt prove that you intentionally downloaded child pornography (afterall, the justice system never makes mistakes).

Let's say instead that he did have something to hide but not pornography. Let's say he has Asperger's syndrome and there is evidence on your computer that you've been hacking into US government computers looking for evidence of UFOs a la Gary McKinnon

http://en.wikipedia.org/wiki/Gary_McKinnon

If it was a choice between giving them the password and being extradited to spend the next 70 years in a US prison then I think I'd be a bit hesitant about giving up the password. I'd take the 16 weeks and the risk of being strung up from the nearest lamp post by the torch and pitchfork brigade.

It's going off on a tangent I know but what can I say, I have absolutely no faith in the UK justice system in general and specifically when it comes to computer crime and I can understand anyone who wants to protect their privacy when it comes to computers.

wonder if it's possible to have a "bomb key"

i.e. a correct password will unlock the computer, whereas the bomb key will nuke the harddrive?

He should have just thrown his computer in the bath, that's what they usually do when plod comes a knockin'.

Its not impossible for a virus to make it look like someones downloaded this stuff.

There was a case recently where someone had put indecent images on someones computer to get them into trouble. It was a rubbish attempt, and he got caught, but proves there could be a motive for doing so.

Not saying whats happened here though.

[i]wonder if it's possible to have a "bomb key"

i.e. a correct password will unlock the computer, whereas the bomb key will nuke the harddrive? [/i]

Since the police remove the hard drive before carrying out any investigation (as just starting up the machine alters so many files), they'd probably notice the 'bomb'...

hora - Member
A virus would have to download a set of web url's into the browsers immediate history, into the hardrive, add in attached pics throughout the hardrive with various dates to show/simulate a viable viewing history no?

No.

PeterPoddy - Member
Well, I know smeg-all about computers, but even I can think of a couple of ways you could tell, for a start!

Such as?

BruceWee - Member

OK, let's say the authorities can without a doubt prove that you intentionally downloaded child pornography (afterall, the justice system never makes mistakes).

Let's say instead that he did have something to hide but not pornography. Let's say he has Asperger's syndrome and there is evidence on your computer that you've been hacking into US government computers looking for evidence of UFOs a la Gary McKinnon

http://en.wikipedia.org/wiki/Gary_McKinnon

If it was a choice between giving them the password and being extradited to spend the next 70 years in a US prison then I think I'd be a bit hesitant about giving up the password. I'd take the 16 weeks and the risk of being strung up from the nearest lamp post by the torch and pitchfork brigade.

It's going off on a tangent I know but what can I say, I have absolutely no faith in the UK justice system in general and specifically when it comes to computer crime and I can understand anyone who wants to protect their privacy when it comes to computers.

Yep, spot on.

He didn't take it to PC World did he?

The last sentence on this page is interesting

http://www.yourrights.org.uk/yourrights/the-rights-of-suspects/the-rights-of-suspects-in-the-police-station/curtailment-of-the-right-to-silence.html

wonder if it's possible to have a "bomb key"

I imagine Paedo's have researched/visited forums under the guise of 'I've had my bank details phished countless times and want extra security' then shared this info with each other on their own forums to find the best security means.

Or..

They could just use the dodgy rockstar argument that they were researching a book.

PeterPoddy - Member
Well, I know smeg-all about computers, but even I can think of a couple of ways you could tell, for a start!

Such as?

Well, the documnets I have on my PC here are linked back to me, if I created them (Sensitive material is not necessarily downloaded at all. In fact, I know of one person who runs 2 PCs, one of which is never connected to the internet, for security reasons)

Browser history

🙂

I must admit this concerns me.

I have a number of files on my computer for which I have forgotten the password. I keep them there in the hope I'll find the original key. They're database, not nasties 🙂

Also, at one stage I was using a remote desktop system to control a computer in Oz. All files were downloaded on to it there and there was nothing on my computer.

Assuming some basic hacking skills, what was to stop me using a remote desktop to hide encrypted nasty pics on say a neighbour's computer, and enjoy browsing them from my computer. Wouldn't he get a lovely surprise when asked for the password? So the question is how can they prove he actually put those pics there?

Someone else didn't put them there, he refused to give the police the password as he had dodgy stuff on his PC. What's the issue?

I must say the Court wouldn't have sentanced him just for not revealing it.

They would have traced his IP address to a site(s)- possibly using a trojan/trick site themselves? Also, he might have used a credit card etc to access certain sites.

Otherwise one could say 'I really can't remember as stupidly I made it too complex'.

as he had dodgy stuff on his PC

This assumption - that's the problem

PeterPoddy - Member

PeterPoddy - Member
Well, I know smeg-all about computers, but even I can think of a couple of ways you could tell, for a start!

Such as?

Well, the documnets I have on my PC here are linked back to me, if I created them (Sensitive material is not necessarily downloaded at all. In fact, I know of one person who runs 2 PCs, one of which is never connected to the internet, for security reasons)

Browser history

🙂 most browsers have 'private' or 'incognito' modes now where no cache or history is kept. But, that is assuming he used the web to download, equally could have been IRC, FTP, BitTorrent or any number of protocols.

Anyway, the real point here is that just having something on your computer is not proof that it was you who put it there, same as having something on your desk at work is not proof that you put it there.

IP addresses can easily be hidden with Tor or similar, bot-clients can easily download stuff on behalf of remote users etc etc.

It would be pretty trivial to create a script which run at 2 am, set the clock to a time when victim would have been at the computer, pop up the browser, download dodgypic.jpg, set the time back to being correct then erase itself. It would appear that the files had been downloaded when the original user was present.

They would have traced his IP address to a site(s)- possibly using a trojan/trick site themselves? Also, he might have used a credit card etc to access certain sites.

Or somebody else could be using his pc (and hence IP address) as a relay

God, there's some really silly schoolboy dog-ate-my-homework stuff on here.

It won't be a single factor (eg that he refused to give the password) that will have been used to convict the bloke but rather a whole series of facts/information, put together for the jury to make a decision that goes beyond reasonable doubt.

Anyway, the real point here is that just having something on your computer is not proof that it was you who put it there, same as having something on your desk at work is not proof that you put it there.

thats not the issue here - he is not saying that stuff on his computer was put there by others, he is refusing to give his password

I don't know this law in detail but for it to stand up alongside the rest of UK law they police will have to show that he knew the password and that he was wilfully withholding it

to get the warrant in the first place they must have had reasonable grounds for suspicion.

Ah, I see, it's a conspiracy. The Freemason lizards planted it on his PC.

TandemJeremy - Member
thats not the issue here - he is not saying that stuff on his computer was put there by others, he is refusing to give his password

Yes, I phrased that post badly, what I put there was in reply to Peter who said "Well, I know smeg-all about computers, but even I can think of a couple of ways you could tell, for a start! "

TandemJeremy - Member
I don't know this law in detail but for it to stand up alongside the rest of UK law they police will have to show that he knew the password and that he was wilfully withholding it

So this law has taken away the right to silence? I think that was my original point!

GlitterGary - Member

GlitterGary - Member

Ah, I see, it's a conspiracy. The Freemason lizards planted it on his PC.

No, Illuminati. Derp.

I suggest he be held in custody until the password is cracked.

Rubbish. Don't write about things you obviously know nothing about.
Searching a house recently under the authorisation of a court search warrant meant the only things I couldn't read were letters to and from the householder's solicitors, as it could be private discussions between a defendant and his legal advisor.

So, how will you know what letters are of that type, without reading them?

You'd have to have a warrant stating specifically what you are in the house to search for. You would only be allowed, by law, to search for specific things; IE if you were searching for a stolen TV, then you'd have no legal power to search in someone's underwear drawer. Granted, a computer could have details of all sorts of crimes so could easily fall under a warrant's list of things to search/take.

I suppose if you were investigating a fraud, then all sorts of pieces of paper might contain relevant information. As might a personal diary. Certainly, information not relevant to any investigation can never be revealed. Trouble is, people can't be relied upon to keep their mouths shut. And these days, far too many others can get access to sensitive and private information, it seems. Under Right To Privacy Laws, you can prevent someone having access to your personal information if you can present a strong enough case that there is a significant risk of the private nature of that information being breached. Such as medical records, information relating to a person's sexuality, etc.

What do you do, Robdob? You're not a copper are you? 😯

RE this particular case; it is correct that this bloke is done for obstruction under current UK Law. He has no defence on that one. But it does open up the whole right to privacy debate once more.

Meanwhile, data protection/security software companies are doing quite well I understand...