-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Tuesday 19 August 2014 at 11:48:29 PM, in
, Robert J. Hansen wrote:
> Yes, it's pure semantics. It's *law*. What, were you
> expecting something else?
Fair comment, but what has been described as "bargaining" is still
coercion.
> The
> In my opinion that is pure semantics.
In other news, water is wet, bricks are heavy, and politicians lie.
Yes, it's pure semantics. It's *law*. What, were you expecting
something else? Wake up and realize the essential nature of what you're
talking about: law is *all about* formalism, syntax
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Tuesday 19 August 2014 at 10:05:23 PM, in
, Robert J. Hansen wrote:
> What the prosecutor is offering there is, "you will plead guilty to
> lesser charges, but I'm only willing to do this if you're willing to
> show me the full extent of y
Not coercion?
Nope. That's a trade.
Passphrase coercion is like so: "you will produce the passphrase, or you
will sit in jail until you decide to produce the passphrase, and we're
just fine if you sit in there the rest of your natural life, and once we
get the passphrase then we'll decide whet
On Mon, Aug 18, 2014 at 10:43:49PM -0400, Robert J. Hansen wrote:
> On 8/18/2014 9:32 PM, Bob Holtzman wrote:
> > There are quite a few ways police and prosecutors can coerce a
> > suspect to hand over his encryption key(s).
>
> Your examples which involve coercion are illegal, and the ones that
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Monday 18 August 2014 at 1:25:41 PM, in
, Robert J. Hansen wrote:
> Basically, if the fact you know something would tend to
> implicate you in the commission of a crime, then you
> can't be compelled to reveal that you know it. Whether
> i
On 19-08-2014 4:43, Robert J. Hansen wrote:
> real life. The DA is allowed to threaten prosecution of only those
> crimes the DA reasonably believes a person violated,
But that is a very vague criterium. "You liked Wikileaks on Facebook so
I'm going to sue you for terrorism and treason".
> Don'
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Monday 18 August 2014 at 7:11:57 PM, in
, Robert J. Hansen wrote:
> If you're a witness
> to a crime, you can be compelled to testify about what
> you see.
Yes, but they can't make you remember accurately what you saw, or tell
you what to
On 8/18/2014 9:32 PM, Bob Holtzman wrote:
> There are quite a few ways police and prosecutors can coerce a
> suspect to hand over his encryption key(s).
Your examples which involve coercion are illegal, and the ones that are
legal do not involve coercion.
> Dangling the prospect of a lighter sen
On Sun, Aug 17, 2014 at 04:42:52PM -0400, Robert J. Hansen wrote:
> > Unfortunately most of us do. Including the US, UK and the Dutch are
> > aklso pushing for such laws.
>
> Speaking only for the U.S., this is not the case.
Dream on.
> The United States Constitution protects an individual's ri
On 18-08-2014 20:11, Robert J. Hansen wrote:
> Err -- *what* right to remain silent? No country has a universal right
> to remain silent. If you're a witness to a crime, you can be compelled
> to testify about what you see.
Yes, unfortunately.
> If you're in possession of documents
> that are
> Well, I see some ridiculous sentences of US judges published here,
> but I realize that only the most stupid ones reach the press here.
> However, since US law has something called "subphoena", which I
> consider a grave violation of the right to remain silent, I have not
> much trust in US l
On 18/08/14 16:15, Aaron Toponce wrote:
> Also, many big mail vendors have already enabled SSL/TLS/STARTTLS, such as
> Google, Yahoo, and Microsoft.
Unfortunately, so long as TLS is not demanded, a downgrade attack can
easily disable it.
My 2c
Peter.
--
I use the GNU Privacy Guard (GnuPG) in c
On 18-08-2014 14:31, Robert J. Hansen wrote:
>> And who determines wether it has any "testimonial value"?
> Johan, we're entering paranoid fantasy here. If you truly believe the
> whole of the USG is corrupt,
Well, I see some ridiculous sentences of US judges published here, but I
realize that
On 18-08-2014 11:04, Rob Ambidge wrote:
> But it is just legal theory, and I am no expert in law, american law, or
> even cryptography. So what happens in practice is anyone's guess really.
I've seen what happens in practice: some group of people was accused of
organized growing of hennep. They a
On Mon, Aug 18, 2014 at 12:24:43PM -0400, Mark H. Wood wrote:
> Sure, it does encrypt mail. My SMTP has mail from me to deliver. It
> contacts an SMTP that it thinks can get the mail closer to its
> addressee. My SMTP sends STARTTLS, the receiving SMTP agrees, they
> handshake, and the rest of t
On Mon, Aug 18, 2014 at 08:15:49AM -0600, Aaron Toponce wrote:
> On Mon, Aug 18, 2014 at 09:59:33AM -0400, Mark H. Wood wrote:
> > Perhaps it would be a start if sites providing SMTP would turn on
> > STARTTLS.
>
> STARTTLS does not encrypt mail. It only provides safe passage over the
> network.
On Mon, Aug 18, 2014 at 09:59:33AM -0400, Mark H. Wood wrote:
> Perhaps it would be a start if sites providing SMTP would turn on
> STARTTLS.
STARTTLS does not encrypt mail. It only provides safe passage over the network.
It is also client/server encrypted and decrypted. Thus, an administrator wit
On Sun, Aug 17, 2014 at 12:41:52AM +0100, Nicholas Cole wrote:
> On Sun, Aug 17, 2014 at 12:08 AM, Robert J. Hansen
> wrote:
[snip]
> > OpenPGP's biggest problem, BTW, which goes *completely unmentioned* in
> > this blogpost: OpenPGP can't protect your metadata, and that turns out
> > to often be
Am 18.08.2014 um 14:31 schrieb Robert J. Hansen:
> On 8/18/2014 2:01 AM, Johan Wevers wrote:
>> And who determines wether it has any "testimonial value"?
>
> Johan, we're entering paranoid fantasy here. If you truly believe the
> whole of the USG is corrupt, and that our independent judiciary is
On 8/18/2014 2:01 AM, Johan Wevers wrote:
> And who determines wether it has any "testimonial value"?
Johan, we're entering paranoid fantasy here. If you truly believe the
whole of the USG is corrupt, and that our independent judiciary is in
cahoots with a corrupt Executive and Legislature in ord
On 8/18/2014 5:04 AM, Rob Ambidge wrote:
> I read an article or something a while back stating the legal theory
> that if your passphrase is an admittance to a past crime, to hand
> over said passphrase would constitute as having said "testimonial
> value" and you could get away with not disclosin
I read an article or something a while back stating the legal theory that if
your passphrase is an admittance to a past crime, to hand over said passphrase
would constitute as having said "testimonial value" and you could get away with
not disclosing the passphrase.
But it is just legal theory,
On 17-08-2014 22:42, Robert J. Hansen wrote:
> The only time production of a passphrase is permitted is when
> it lacks any testimonial value.
And who determines wether it has any "testimonial value"?
That sounds like a fine legal loophole to pressure someone into telling
the passphrase. In thos
> Unfortunately most of us do. Including the US, UK and the Dutch are
> aklso pushing for such laws.
Speaking only for the U.S., this is not the case.
The United States Constitution protects an individual's right not to
testify against themselves. If the production of a passphrase would
have any
On 17-08-2014 17:08, Michael Anders wrote:
> Your private key is compromized if your system
> has been hacked(if you don't live in a police state where authorities
> can force you to reveal it).
Unfortunately most of us do. Including the US, UK and the Dutch are
aklso pushing for such laws.
> On
I share most of Greene's arguments agaist PGP to a limited extent,
however, he seems strongly biased against it.
There are two points, in which I strongly disagree with Greene:
A) For me forward secrecy is not of utmost importance for asymmetric end
to end mail encryption. Your private key is comp
On 8/16/2014 7:41 PM, Nicholas Cole wrote:
> There are 25 years invested in making PGP work. Many subtle bugs and
> security errors in the protocol and the gnupg implementation have been
> worked out. Throwing out PGP would be a bit like making this
> mistake:
More or less, yeah. Someday I'm go
On 2014-08-17 at 01:41, Nicholas Cole wrote:
> On Sun, Aug 17, 2014 at 12:08 AM, Robert J. Hansen
> wrote:
>> OpenPGP's biggest problem, BTW, which goes *completely unmentioned* in
>> this blogpost: OpenPGP can't protect your metadata, and that turns out
>> to often be higher-value content than y
On Sun, Aug 17, 2014 at 12:08 AM, Robert J. Hansen wrote:
> On 8/16/2014 1:14 PM, Kristy Chambers wrote:
>> Sorry for that crap subject. I just want to leave this.
>
> Meh. Color me unimpressed.
This was a terrific post. Thank you, Robert.
[snip]
> * "No forward secrecy." Not everyone needs
30 matches
Mail list logo
