Forgot your password?
typodupeerror

Comment: Re:How do you (Score 1) 952

by Kijori (#47518307) Attached to: The Daily Harassment of Women In the Game Industry

Brianna Wu saying "every man" is just like a racist saying "every Jew", and it also makes it difficult to take what are certainly very real issues seriously.

Some people would think that you put "every man" in quotation marks because it's a quotation, but it isn't. Brianna Wu does not use the phrase "every man" a single time. She doesn't claim that all men are sexist, or say anything like it, so you can safely put your righteous indignation aside.

The biggest generalisation that she does make is saying that "it’s telling that men in the gaming industry, or simply commentators, refuse to listen to the reality of these situations and try to help" - which seems borne out by reactions like assuming her article is a sexist overgeneralisation when you clearly haven't read it.

Comment: Re:No limits on storage or security (Score 1) 150

by Kijori (#47509999) Attached to: New York Judge OKs Warrant To Search Entire Gmail Account

The court actually took a pretty sensible view on this, I think.

The judge's reasoning was that the use of data that was recovered and stored was (as a matter of law) subject to the same test of reasonableness as what could be recovered in the first place. He considered trying to decide how long was reasonable now, but decided that he wasn't in a position to do so, since he didn't know how the investigation would go. Better for a later court, looking back on all the facts, to decide whether what was done was reasonable, than for him to try to decide what would be reasonable based on a guess as to what would happen.

In other words, there are limits on storage and use of the data, although they aren't rigid, and a court may be called on to decide whether they have been breached at a later date.

Comment: Re:Unconstitutional (Score 1) 150

by Kijori (#47509963) Attached to: New York Judge OKs Warrant To Search Entire Gmail Account

"No difference"?

[Writs of assistance] were permanent and even transferable: the holder of a writ could assign it to another. Any place could be searched at the whim of the holder, and searchers were not responsible for any damage they caused. This put anyone who had such a writ above the law. [Wikipedia]

[The court grants] a warrant to obtain emails and other information from a "Gmail" account, which is hosted by Google, Inc., and to permit a search of those emails for certain specific categories of evidence. [Judgment in this case]

Yep, exactly the same...

Comment: Re:Limitations on law enforcement (Score 1) 150

by Kijori (#47509901) Attached to: New York Judge OKs Warrant To Search Entire Gmail Account

I think it is easy to imagine circumstances where what you call a 'blanket' search - a search for specific categories of evidence, but which isn't limited by particular approved keywords - would be justified. I would expect it to be common, because I would expect it to be the only reasonable way to conduct the search in a great many cases.

I am a litigator. We regularly conduct similar searches during what Americans would call discovery - the pre-trial process where you look for evidence. Even if you know exactly what sort of thing you're looking for and are using specialist software designed for this process, it can take hundreds of man-hours and cost well over a hundred thousand dollars to search a large body of correspondence. I can tell you from experience that it is very difficult to pick keywords in advance without making them incredibly broad. If the person may have done something that they don't want to set out explicitly in an email, it can easily be impossible.

There is a strong public interest in effectively investigating crimes and bringing the perpetrators to justice. There has to be some mechanism to get access to email correspondence in order to conduct that investigation. In a big investigation, I can't see that it would be reasonable to require Google to carry out the searches required - it should be done by the police. I therefore think it is entirely plausible that a 'blanket' search warrant would be granted, and I haven't seen any reason not to trust the judge's assessment - after all, he has heard the evidence and you haven't.

Comment: Re: Seems appropriate (Score 1) 353

by Kijori (#47437525) Attached to: UK Computing Student Jailed After Failing To Hand Over Crypto Keys

How do you square the fact that you say in relation to the password question it would be impossible to prove, but when considering the other examples you are happy to draw inferences if there is sufficient surrounding evidence. Why can't you draw inferences from surrounding evidence when considering the question of whether someone remembers a password?

Comment: Re: Seems appropriate (Score 1) 353

by Kijori (#47437333) Attached to: UK Computing Student Jailed After Failing To Hand Over Crypto Keys

I would make two points in response.

First, your factors that might make someone not remember a password are all real, but the judge can take them into account. The judge can weigh up the different possibilities - that's what they are employed and trained to do - and decide whether it's plausible that the defendant cannot recall the password. Often they will probably conclude that the prosecution hasn't proved that the defendant could remember the password; sometimes, though, there will be enough evidence. Unless you are arguing that there is no amount of evidence that can prove this beyond reasonable doubt - in which case, see my second point, which is that this is not restricted to this situation - I don't think your factors prevent the law working (although obviously they must be borne in mind).

Second, your example of the seemingly pre-meditated murder is at the extreme end of the evidence available, but there are lots of situations that are much more difficult. For example:
i. A person gives incorrect financial information to an investor and profits as a result. If they knew it was incorrect they may be guilty of fraud. Did they know it was incorrect at the time?
ii. A person is a passenger in a stolen car. If they knew it to be stolen at the time they may be guilty of an offence. Did they know it was stolen when they got in (assume they weren't involved in the theft)?
iii. An accountant receives money from his client, which unknown to him was stolen. If he suspected at the time that the client might be engaged in criminal conduct, he may be guilty of a money laundering offence. Did he suspect?

You could find hundreds more examples - those are just three that occurred to me off the top of my head, and probably aren't the most troublesome. The point is that proving whether a defendant actually knew a particular fact, or actually had a particular thought, is a common issue in criminal prosecutions. It can be difficult to prove, but it's not impossible and the courts are used to dealing with these types of case.

Comment: Re: Seems appropriate (Score 1) 353

by Kijori (#47429887) Attached to: UK Computing Student Jailed After Failing To Hand Over Crypto Keys

I would agree with you if we had to answer the question "does he remember the password" in a vacuum, but we don't.

The court can look at factors that make it more or less likely that he forgot it: did he use it regularly? Does he have a good memory? Is he accustomed to using long passwords? Did he use it shortly before his arrest?

It can also look at factors that bear on his credibility: did he immediately say that he had forgotten the password, or was this the last in a line of excuses that had been proved untrue? Has he been generally truthful and cooperative? Did he seem honest in the witness box, or was he evasive and defensive?

If (in theory - I don't know the facts of the actual case) the defendant had used the password five minutes before his arrest, had an unusually good memory, repeatedly lied to the police after being arrested and only claimed to have forgotten when his previous claims were proved untrue, I think it would be perfectly legitimate for the court to apply something like Bayes' theorem to infer that it was sufficiently likely that he remembered the password to be proved beyond reasonable doubt. I don't see why it is different in principle to other situations where the court looks at all the evidence to decide whether someone is lying.

Comment: Re:Seems appropriate (Score 1) 353

by Kijori (#47427515) Attached to: UK Computing Student Jailed After Failing To Hand Over Crypto Keys

I once had a baby rattle (when I was a baby). Why is it reasonable to presume I still have it in my possession? I can't prove that I don't since you can't prove a negative.

You wouldn't have to prove you don't have it - you just have to show enough evidence to show that the question is in issue. If in the circumstances it is reasonably likely that it isn't in your possession - such as where you have not had it in your possession for years - the question is in issue, and the prosecution will have to prove it beyond reasonable doubt.

As for 3b, he told them his best recollection of the password and it didn't unlock the drive. So there we go, where is the proff that he does correctly remember the key but chose not to tell them?

I don't think there's much point in speculating as to whether he did it. The person who saw all the evidence and who was able to listen to Wilson and assess his credibility was the judge - without any evidence I don't see how we can really question his judgement.

Frankly I think giving 50 incorrect passwords is more likely to be a sign that you were being obstructive than that you were genuinely trying to remember but couldn't, but again - I don't know, because the journalists didn't report any details.

There may be indications and reasons to suspect, but the standard for jailing someone is proof. Where memory is involved, there can never be proof. At least not with today's technology.

The standard for jailing someone is proof beyond reasonable doubt - not absolute proof. I presume that there was sufficient evidence for the judge to conclude, beyond reasonable doubt, that Wilson was lying. If not, I hope he will appeal and be vindicated - but we haven't seen any of the evidence so we don't know.

I would say that courts deal with lots of people who say they "can't remember" or "don't know" something, and have to decide whether they are telling the truth or not - whether that's people who can't remember where they were when a crime took place, or who don't know where some money went, or a million other possibilities. It's a difficult question, but it's an inevitable one for a criminal court to grapple with and they have plenty of experience doing so.

Comment: Re:Could Not Do It (Score 1) 353

by Kijori (#47427145) Attached to: UK Computing Student Jailed After Failing To Hand Over Crypto Keys

Or that he appreciated that people could forget passwords, but didn't believe the defendant in this case. We don't know on what the judge based his decision - the journalists declined to report that minor fact - but we do know that the judge had a lot more evidence on which to come to a conclusion (including, unless he chose not to appear, hearing the defendant's explanation from his own mouth) and it may be that having heard that evidence he was sure the defendant was lying.

Comment: Re:National security (Score 1) 353

by Kijori (#47426887) Attached to: UK Computing Student Jailed After Failing To Hand Over Crypto Keys

It's regrettable that the journalists present chose not to report the judge's actual explanation of the orders he was making instead of just a few quotes taken out of context - which makes it impossible to know whether the finding was reasonable or not. (In England, while almost all higher court judgments are transcribed at public expense and put online, Crown Court hearings are not.)

Comment: Re:What if he forgot it? (Score 1) 353

by Kijori (#47426717) Attached to: UK Computing Student Jailed After Failing To Hand Over Crypto Keys

It doesn't matter. In the UK, you face jail time for not turning over passwords... even if you can prove you never had them. If the cops think that a photo has steganographically hidden data, you must produce the decryption key, or face jail time. If some anonymous so and so sends you a floppy disk, or USB stick, you must produce the decryption keys to any files on it.

This is completely false. I have set out an overview of the process of proving that someone has the decryption key here.

Comment: Re:Seems appropriate (Score 1) 353

by Kijori (#47426653) Attached to: UK Computing Student Jailed After Failing To Hand Over Crypto Keys

Real question...what happens if somebody legitimately forgets their password? If they're paranoid (or realistic) enough to use AES to begin with, they're likely going to have a good strong password. That's a lot of entropy for a human to remember for a number of years, especially if they don't decrypt it very often.

Then you should not be found guilty - I've set out the process that is followed in another comment. (In reality, if it is plausible in the circumstances that you have simply forgotten the password, it is unlikely that it would actually get anywhere near court to begin with.)

We don't know the facts of this case - unfortunately the journalists chose to give us a few selected quotes out of context, rather than a transcript of the judge's entire remarks - but it sounds like the judge may have thought that the claim to have forgotten the password was just the latest in a series of lies that the defendant has told to try to avoid giving up the data. If that is the case, and the defendant has genuinely forgotten his password, that is very unfortunate (although no different to any other trial, in that if you squander your credibility you may find that your truthful remarks are not believed).

Real Programmers don't write in PL/I. PL/I is for programmers who can't decide whether to write in COBOL or FORTRAN.

Working...