If I encrypt a file with 7zip using AES-256 would the police be able to open it up if they got a hold of it?

What if I input a very long password I really have no hope of knowing by heart, write it down in a password keeper app and then delete the app when the police arrives so I would have no way of knowing and recovering the pass myself?

as long as you're using a proxy to post in this thread

has a Sup Forums post ever been used in a criminal prosecution?

Or you could get an electric-powered supermagnet and keep it next to your hd just in case

>hdd

is this 2002?

>If I encrypt a file with 7zip using AES-256 would the police be able to open it up if they got a hold of it?
Technically, no.

But depending on the country/state you are in, you can get in a lot of trouble for refusing to give them the password.

>muh innocent until proven guilty

You're not different from people saying "I forgot the password" then.

But they don't have to believe you. They can prosecute you or keep you in jail until you "remembers".

But I have no way of remembering it.

And they don't give a fuck.

If saying "I don't remember the password" was enough, everybody would do it.
But they don't have to believe you.

depends if you live in 3rd world country or not where giving password isnt considered self-incrimination

>If I encrypt a file with 7zip using AES-256 would the police be able to open it up if they got a hold of it?
depends on the strength of the password.

how do I take advantage of this?

currently its "password1"

You don't. Those shit drives store the encryption nonce into a chip on the board, in plain text, and you can extract it with an 8pin clamp and an arduino.

Better encrypt on your own with truecrypt or LUKS or whatever.

It's shit, I bet those cunts have a backdoor.

Use TrueCrypt.

Why TrueCrypt instead of Veracrypt?

...

Did you ever unpack the content of the ZIP?
If yes (and you didn't overwrite the space where the files were stored) the police is able to recreate the file.

That's why TrueCrypt has hidden volumes!

Except the cops in the civilized world do not drug you and beat you with a wrench.

They simply keep you in a cell and ruin you financially via the court system until you give up.

I dunno, I've used TrueCrypt for a decade and never touched VeraCrypt.

its still pretty telling that "the innocent guy" still hasnt given up the password. whats he gonna be thinking when he realises he held out longer then the jail term would of been in the first place?

>nonce

>You don't. Those shit drives store the encryption nonce into a chip on the board, in plain text, and you can extract it with an 8pin clamp and an arduino.
source or you are full of shit faggot, because it would not comply to the mentioned standards idiot

Maybe he honestly does not remember.
Maybe he believes in the constitution and will die pleading the fifth.
Maybe the logic "well you wouldn't use encryption software if you had nothing to hide" is very dangerous.

They both seem basically the same. Does anyone know a good a specific reason why you shouldn't use Veracrypt?

Through the ATA security extension. or OPAL capable systems with TPM

Your motherboard does not have TPM

so ATA security is your only option

in this case, his actual argument is the fifth, the right not to self incriminate, not that he forgot

"That didn’t stop digital forensics experts from finding incriminating content, including an image of a pubescent girl in a sexually provocative position and logs showing the device had been used to visit sites with titles commonly used in child exploitation. The forensic investigation also revealed that Rawls had downloaded thousands of files known by their “hash” values to be child abuse images, although the files themselves couldn’t be accessed."

hes got multiple images with matching hashes, and the odds of two images matching hashes in is the millions, and hes got a bunch, so the odds are in the billions upon billions. consider that. the odds he does NOT have child porn on those drives is lower then your odds of winning the lottery 12 times in a row

>browses paranoid tech board
>doesn't use VPN
something something state of Sup Forums

>downloaded thousands of files known by their “hash” values to be child abuse images
Oh, I didn't know that.

Well, that's enough proofs for me.
I hope he dies.

you should encrypt the entire hard disk, that's the only way to be (((safe)))

encrypting single files don't do shit if they have access to the disk where you decrypted it, but it's (((effective))) if you will store them in an non-encrypted external disk. However, I woudn't trust 7-zip alone, there're probably several security holes discovered by authorities, and there's the possibility of backdoor.

You're never 100% safe, so the best thing to do is not being a criminal. If you're a pedo, I recommend you to destroy all your data and start a new life.

just use a seagate

plausible deniability

people always complain your guilty until proven innocent, but in this case the odds of him not being guilty astronomically low and they havent just made up a rule or considered him guilty yet.

>Both a federal judge and the 3rd US Circuit Court of Appeals did not agree with Rawls' contention that forcing him to unlock the drives amounted to a violation of his Fifth Amendment right against being compelled to testify against oneself. The courts also concluded that it was a "foregone conclusion" that kid porn was on the drives because a forensic examination revealed that the "hash" values of the files have been linked by the authorities to known child pornography.

kek

how is it self incrimination if they already know whats on it?

Did you securely delete the files after packing it? If not, they could be recovered.

Does 7zip use temp files and securely delete them after operations? If not, the unpacked files could be sitting in your temp folder.

The difference is that there is a witness (the sister) who claims the suspect typed out the password from memory.

This case is very unusual. Personally, (as the government) I could believe the suspect really does remember the password based on the sister's testimony. BUT, it's been 17 months, and it's entirely feasible that the password has been forgotten in that time. I know I have passwords that I've forgotten when I haven't recalled them in months.

>trade longer prison time for not being marked as a sexual offender
Good trade, IMHO.

>longer
what part of indefinitely do you not understand

How can they hash the images if they can't see them because they're encrypted? If they know they're there and have hash proof, why don't they just convict him?

Veracrypt is a compromised fork.

iunno, ask them

The part where he isn't going to realistically be held indefinitely. He'll get out eventually. Unless he yells "ALLAH ACKBAR" and they send him off to Guantanamo.

Because people have been found not guilty by jury because the jury believes that if they really did have pics, the government should be able to show them and not just say "he has them, trust us, it's complicated."

So now the government wants SOLID PROOF when going to trial so they can wave it front of the jury and say "SEE? KIDS FUCKING!"

Veracrypt is a fork of Truecrypt. Truecrypt got randomly abandoned by the creator who said he wouldn't update it anymore, which is the only reason why Veracrypt exists.

I guess Veracrypt might have some newer features? Not really relevant for most people. Truecrypt passed the independent audit, so unless some backdoor has been added in Veracrypt it should be the same. A backdoor would be trivial to find though.

>it's entirely feasible that the password has been forgotten in that time

It's entirely possible this is the case. It's a very interesting case because it is such a weird set of circumstances. I'm not sure what the correct solution to this is, most likely he should just be given a life sentence for the hashes and move on.

they probably said realistically 15 months ago. heres the trick here, he dosent have to self incriminate, but hes still guilty of obstructing justice so yeah, they sorta can. everytime he gets let out, they will unlock the cuffs...then slap them back on because guess what, hes still committing that specific crime, and the judge will continue to order him to unlock the drive over and over as long as he has to

What if he really doesn't remember the password?

Holy shit, now I'm siding with the law.

Does this make me a bad person? I'm so confused...

Yes. Moot dropped a dime on this faggot.
thesmokinggun.com/sites/default/files/assets/poole-testimony.pdf

Why would it? Encryption of information goes beyond what the law can deal with in modern court.

In a just society the judge would just hang him as there is no reasonable doubt, this is a technicality that exists because of the rights the accused has, but like I said these are concepts that were designed without encryption technology in mind.

Really, the guy is smug as fuck and he is trying to get away on a technicality.

Yeah, but then I'd need to get a Sup Forums pass and probably get mined even harder for analytics by chink moot.

theres nothing siding with the law. millions of cases every year happen that are executed fairly and justly, its just you only hear of the cases that go bad and it makes them sound evil. youll see like 1 or 2 cases a day where an officer makes a bad decision or shoots a dog, but do you hear about the 1.5 million drunk driving arrests they make every year? the road is THAT much more safer now but the only thing that appears in the news is ONE single arrest that goes south and is the departments fault

That's why this is such an interesting case. How do you prove someone knows a password? Maybe he really did know the password back then, but after 2 years?

>Sorta can, yes. But there are agencies fighting for him, so at some point, something's gotta give. Maybe when the EFF and ACLU stop fighting for him.

If there no reasonable doubt, then it should be easy to get a conviction. If they can't get a conviction, then the evidence was shitty to begin with. No technicalities here.

>It is called Animu & Mango?

my fucking sides

you didn't answer this guy's question >How can they hash the images if they can't see them because they're encrypted?

How do they know that he has files that match any specific hash if they can't read the files in the first place?

unless those agencies can literally change the law about obstructing justice for just one single guy who is assuredly guilty...hes not.

>If there no reasonable doubt, then it should be easy to get a conviction. If they can't get a conviction, then the evidence was shitty to begin with
wrong. they cant prove the child porn because they cant get the files. that, yes, has no hard evidence because they cant get to it. but thats its own charge
what hes being held on is obstruction of justice, by not releasing the password. he is demonstrably not doing this every time hes court ordered, and will not. they have hard evidence of THIS charge, the record showing they asked him, and he refused.

see, hes being held for obstruction, not child porn.there dosent need to be any evidence of the child porn because thats NOT what hes being held for. until he complies, hes committing a crime. what happens AFTER is meaningless...(although we know what it is, prison for child porn).

it dosent matter if they find the evidence they need or dont need beause the crime being committed here is refusal to share the password.

an example being a warrent to search your house. it dosent matter if you dont have anything illegal IN your house, if you obstruct the officers from fulfilling the warrant, your committing THAT particular crime. thats what this man is doing, continuously obstructing a warrant to open his front door. the contents of the house are irrelevant until searched

ask them. you think their entire case would ride on a blantent lie? the hashes were store obviously somewhere accessible, or the hashes are hashes the websites had, that he requesting to download from his pc.
>he tried to download this from this site
>we also have a record of this, since we closed and arrested the owners of it, and we know its hash
bam

No
You can't prove somebody even remembers their password. And assuming everyone who uses encryption is a pedophile is just retarded.

>You can't prove somebody even remembers their password
they can prove he used his ip to download file with those hashes.

Maybe his downloader has a log that records the filename and hash. Maybe he stored the files in a password-protected archive, but didn't check the "hide filenames too" checkbox.

>wrong. they cant prove the child porn because they cant get the files. that, yes, has no hard evidence because they cant get to it.
They can certainly get a guilty conviction. That's how they can convict people of murder with no body recovered, or no murder weapon. It's how people are SO SURE HE HAS CP, that he's already guilty in the public eye and in this thread.

As for being held for obstruction: again, how can you prove he knows it? What if he TRULY doesn't remember the password? How can you compel him to do something he is completely unable to do?

no they cant or they would of.
>As for being held for obstruction: again, how can you prove he knows it?
dosent matter if he knows it or not, thats not how a warrant works. its not legal to obstruct officers from entering your house if they have a warrant, regardless if you know your innocent of the crime.

and again, they have evidence of him using it up until the point he was arrested.

Can someone answer this clearly? How did they see his Hases if the computer is locked out of their reach?

I’m really lost

sauce me on that nigga

...

>although the files themselves couldn’t be accessed."
>can match them to some hashing function
>can't "access" them.

what the fuck am I reading?

>needing to access to files to know he tried to download them from another area you could access the files from
new to Sup Forums huh. the idea that someone could acquire a list of phone numbers you called even if you threw your phone in the ocean must also blow your mind

>ask them. you think their entire case would ride on a blantent lie?

yes. very much so. most of these pedo cases seem sketchy at best.

yeah gee why would information about where and how people acquired illegal content not be public information.
not to mention if he does turn out to be innocent, you think its a good idea to share all his personal details? welcome to law enforcement 101

so basically a literal botnet or even accidental caching of malicious files is now a crime? land of the free right here.

literally convinced for sure now that most convicted "pedos" are just bullshit.

Police, no. NSA, yes. Serpent is the only popular cipher they haven't broken yet.

transformation is a simple permutation

>NSA has broken AES 256
sounds like bullshit

Why else did they attack TrueCrypt? They're the only popular encryption suite that offers anything other than AES.

>dosent matter if he knows it or not, thats not how a warrant works. its not legal to obstruct officers from entering your house if they have a warrant, regardless if you know your innocent of the crime.
That's completely wrong. If they have a warrant to search your house and you obstruct them, they can forcefully remove you and break down your door. If they have a warrant for your safe, they can move you aside and hack it open. According to the 5th amendment, you have no obligation to help them gather evidence against you. You can just step aside and let them do their thing. The thing is, now that there's a door they can't bash down, a safe they can't crack. And that's pissing the government off.

>and again, they have evidence of him using it up until the point he was arrested.
And again, that was 2 years ago. If he took a lie detector test (a magic one that actually works) and it's absolutely true that he doesn't know the password, how can keep him in contempt "until he gives up the password"?

>and again, they have evidence of him using it up until the point he was arrested.
And again, if it was good evidence, they don't need the actual files.

It's already been covered in the thread how it could have happened.

>implying NSA has "cracked" anything
>implying they don't just have your intel processor use its Always On® built-in wireless connection to send them your passwords

Tripfag stupidity.

>NSA has broken AES 256

People say this stupid shit but no one has proof or a source when you try to pin them down to it.

Moot snitched, no wonder that piece of shit sold Sup Forums.

What if the reason x86 doesn't scale to low power devices is because it has a built in radio transmitter that uses the radio network for spying on us all.

>And again, if it was good evidence, they don't need the actual files.

except they do. because at best it's reasonable doubt without it. "muh hacked wifi." especially since network security is mostly a crapshoot that all fails once physical security is broken.

and what was "covered" in the thread was the same moronic shit you just said.

it is not proven it has an easy way of decrypting it. Or maybe (((they))) not let us know

If it is reasonable doubt, then you cannot keep in jail for pleading the 5th.
But really, the entire point of this case is to make a grandstand against encryption. The govt doesn't really give a shit if they nail this pedo or not, they just want to make it a point that you can't "forget" your password and whenever someone reasonable comes along and says that is fucking retarded, they can say b-b-but THE KIDS and yet have not concrete evidence against him.

It is honestly disgusting.

>the judge said that contempt-of-court offenses carry indefinite prison terms

>Rawls' lawyers contended that a legal nuance meant that he could only be imprisoned for 18 months, an assertion Rufe rejected. Although Rufe took the government's position, she noted that each side raised "interesting and complex arguments."

Arguing against indefinite detention is an "interesting and complex argument". Kill me now Abrohom Linkon

>What is a "b tard"?

topkek

>and what was "covered" in the thread was the same moronic shit you just said.
What are you going on about?

I just assume there's a 'hidden' vulnerability in 7zip that gives NSA backdoor access if need be.

Meltdown and Spectre have been exploitable for nearly a decade. NSA kept it well hidden.

7zip is free software.

So?
It could be open source and still be vulnerable. Hiding in plain sight.

The land of the free

I'm really hoping the supreme court has the brains to slap the shit out of the lower federal courts on this. Their "foregone conclusion" nonsense is a fucking cop out. If it is a foregone conclusion, then the password is wholly unnecessary, because this implies that you have sufficient evidence outside of being able to open up the drive, and can prosecute on that evidence alone. If they can prosecute him without being able to open the contents of the drive, then the defendant's sixth amendment rights to a speedy trial demands that they stop their tomfoolery and proceed to trial immediately with whatever evidence they have, as is. If they do not have the ability to prosecute him without opening up the drive to verify that there really is illegal content on it, then it logically is not a foregone conclusion, and they need him to provide evidence against himself, which is a violation of his fifth amendment rights.

>truecrypt passed the independent audit

Audits only really prove there's no deliberate backdoor, not that they're not vulnerable.

pcworld.com/article/2987439/encryption/newly-found-truecrypt-flaw-allows-full-system-compromise.html

Pretty much this. They should hang them all and.without trial.