After the Belfast Project Fiasco, Time For Another Look At Time Capsule Crypto? 170
JonZittrain (628028) writes "I'm curious whether there are good prospects for 'time capsule encryption,' one of several ways of storing information that renders it inaccessible to anyone until certain conditions — such as the passage of time — are met? Libraries and archives could offer such technology as part of accepting papers and manuscripts, especially in the wake of the 'Belfast Project' situation, where a library promised confidentiality for accounts of the Troubles in North Ireland, and then found itself amidst subpoenas from law enforcement looking to solve long-cold cases. But the principle could apply to any person or company thinking that there's a choice between leaving information exposed to leakage, or destroying it entirely. Some suggested solutions are very much out of the box."
Time capsule or doomsday timer (Score:1, Offtopic)
This is another form of DRM.
Of course content providers will salivate over making these devices do just the opposite - provide access to a given device or media for an "approved" period of time before rendering it unusable.
Re: (Score:3)
They already do that. most DRM schemes aren't infinite. Streams aren't designed to be downloaded and stored. DRM authentication servers go dark after 5-10 years.
This would at least ensure those files could be made available after the DRM servers died.
Re: (Score:2)
Re: (Score:2)
To quote MC Frontalot
You canâ(TM)t hide secrets from the future with math.
You can try, but I bet that in the future they laugh
at the half-assed schemes and algorithms amassed
to enforce cryptographs in the past.
Re: (Score:2)
Re: (Score:2)
So what do you do when technology and law provides such an attractive feast for "content 'owners'" that it becomes impossible to purchase anything outright, and everything you pay for comes in the Netflix model?
To answer the OP's question, there is a solution: TecSec*. It provides a crypto-wrapper of sorts that allows for external data (literally anything quantifiable; e.g., geolocation data, time data, etc.) to be used as a condition for decryption. The notable caveat here is that you need a trusted sour
Re: (Score:3)
The fundamental issue arises if data retention is a serious concern: for common uses of tamper-resistant hardware, it isn't. It's just being used as an access token of some kind, so the actual secret is largely irrelevant, so long as the attacker doesn't get it. If it gets wiped, IT/customer service will just issue you another one.
With some sort of library/archival pr
Re: (Score:2)
Even in jurisdictions where compelling key disclosure is unambiguously something the authorities can do, the assumption (reasonably enough) is that the goods are either crypto keys or actually-good passwords, and anyone who refuses to disclose is either hiding evidence or ha
Re: (Score:2)
Alas, there will customers keen on destroying any hope of retrieving the historical record. Most of these will be government agencies.
Subpoena would lead to impounding the key-protection device. Then the "investigators" will either engage a lax hacker stooge to trigger the self-destruct or they will pretend to misplace it.
If your encryption is secure, the key is the secrt (Score:2)
One part of the primary key is secretly delivered to the person. This is your standard PGP.
The other key is dispersed on a website after a certain time. Add the two keys together and you end up with a full key.
Re: (Score:3)
So who gets to keep the half that goes on the website? What's to stop them from getting subpoenaed, hacked, or otherwise compromised?
Re:If your encryption is secure, the key is the se (Score:5, Insightful)
Re: (Score:2)
Traveller [wikipedia.org] campaign: intercept "time-capsules" bound for Earth-orbit trajectory, discover hottest "blast from the past" media chum weeks-months before the story breaks and secure exclusive rights to the descendent's interview.
Re:If your encryption is secure, the key is the se (Score:4, Interesting)
So who gets to keep the half that goes on the website? What's to stop them from getting subpoenaed, hacked, or otherwise compromised?
Nothing in principle. However, there are secret-sharing techniques that would make this more practical: it is possible to divide a secret into N parts; but construct the divided pieces such that anywhere from 1 to N of them are required to reconstruct the original secret.
This doesn't solve the problem in any fundamental way; but it does help. You can now control both the risk of the secret being permanently lost(increase the number of parties who have parts, possibly even providing a given part to more than one party) and control the risk of enough parties being compromised to reveal the secret(set the number of required parts equal to, or close to N, and distribute the parts among different jurisdictions, storage mechanisms, and so on).
No perfectly elegant solution; but at least you get to pick your poison.
Laws of Physics make it Impossible (Score:2)
This doesn't solve the problem in any fundamental way; but it does help.
Actually I don't think it is possible to solve it at a fundamental level. The laws of physics are invariant under time. In fact this symmetry is what gives us conservation of energy. What this means is that any physical system must work the same regardless of when it is operated. The result is that the only way to make such a temporal crypto algorithm would be to use a tamper-proof physical device which will measure the passage of time - you cannot develop a time lock algorithm which will only run when the
Re: (Score:2)
While it wouldn't be perfectly precise, you could perhaps enforce a requirement to perform calculations which will take a certain amount of time in order to derive a decryption key. Of course, you'd probably need to put just as much time into deriving the encryption key beforehand.
1. Apply a key derivation function (e.g. scrypt) to a random seed with an iteration count high enough to take at least 10 years.
2. Use the result as a key to encrypt your data.
3. Destroy the plaintext and the key (but keep the s
Re: (Score:2)
Worse, if you want to maintain any schedule, you must make sure that the maximum effort is being carried out the whole time.
Basically, a secret that needs 10 years of cracking, has the issue that you need to motivate somebody to invest the energy (real and figuratively) into decrypting it.
Now you've got the issue, if there is enough motivation, your key might be cracked faster (because the adversary decided to throw a billion bucks into the game, or the hardware got much better in an unplanned way), or it m
Re: (Score:2)
As far as being a practical solution, it could hardly be worse; but it's basically the only game in to
Re: (Score:2)
Re: (Score:2)
I believe the dns-sec root keys are an example of a key in multiple parts.
The master key can be reconstructed by combining 7 keys together.
There are 14 people that have part of the key and I believe any 7 people can be used to recreate the whole key again.
Re: (Score:2)
Re: (Score:2)
Yeah, well, you have two of them.
Re:If your encryption is secure, the key is the se (Score:4, Interesting)
I was thinking about this task a few weeks ago from the point of view of a real-world application: you're travelling in a war zone and want to ensure that your files are safe *even from yourself, your friends, your employer, and everyone who cares about you*. Because if you're taken prisoner, they're not going to use a 30 million dollar supercomputing cluster to crack the encryption on your laptop; they're going to work you over with a pair of pliers, perhaps taking off a few body parts, until you tell them. And if you don't have the key, they'll just threaten harm to you to people you care about who do - assuming they can't outright capture said people as well. Nobody you now can be responsible for the key. The key has to be held by someone who by nature of their contract doesn't give a rat's arse about you and won't change their terms even to save your life.
But of course, what if they were compromised - legally (subpoena), or extrajudicially (someone with a pair of pliers)? So we get into the sitution where a server for a service that controls giving out of keys needs to be safe even from its owners. While terms for key storage involving personal judgement calls (such as "did the person contracting with us successfully make it out of the country and is no longer under coersion?") can't be automated, simple time locks can, so the issue simply comes down to, "Can you keep reliable running key storage system that can't be compromised even by physical access"? A potential solution to reliability (since any system tht locked will be immune to maintenance as well!) would be to store the every key on multiple running systems in different locations in hopes that at least one of them lives long enough to yield the key at the correct time. As for security, for example, even with full memory encryption, ram is vulnerable to cold boot attacks and the key to decrypting memory has to be stored somewhere, but one solution to that is storing critical portions of data only in CPU cache. But that's only one possible attack vector among many. At least you could respond to a subpoena, "Hey, maybe you have a way to get at this data, but I sure don't. If you'd like to fund a multi-million dollar research project on how to get ahold of it, I won't stand in your way, I'll be fully cooperative..." You could also make it harder by having a multi-part key, with each part held by different entities in different jurisdictions. Though that could increase reliability challenges.
In short, at the very least you can make it very, very difficult to get keys. Maybe you can't stop a secret NSA raid on all physical servers taking part the world over, but you could stop pretty much anything else.
Re:If your encryption is secure, the key is the se (Score:5, Funny)
A hobbit. They can be trusted. Don't you know nothin'?
No. Then it'd have to be a whole key ring.
Keep it simple (Score:4, Interesting)
You guys are thinking too much into this. Any third party you entrust your secret to (bank authorities, lawyers, software etc) is a potential point of breach.
Just keep your information in hard copy (papers, journals etc), put it in a box, lock it up and bury it. Entrust the secret and key to a son/daughter with strict instructions it is not to be opened until you pass away, with the warning that the secrets revealed may destroy the family.
The less people know about it, the more secure it is.
I'd rather trust family who have an interest in protecting your secrets rather than some stranger or worse, impersonal unthinking code. And having a living, thinking secret keeper who can respond to challenges and situations you may not even forsee is far more effective.
Re: (Score:2)
The less people know about it, the more secure it is.
Of course, it's also true that the fewer people know about it, the more likely it will be permanently lost.
Re: (Score:2)
Of course, it's also true that the fewer people know about it, the more likely it will be permanently lost.
Granted, there is always a risk. But in a situation where you have a secret that cannot be released now but which you hope to release for posterity in the future, usually the potential damage caused by premature disclosure far outweighs any possible benefits. Take the example of the Boston papers; I'm sure the parties who contributed their knowledge of the IRA activities would rather their information be destroyed rather than be disclosed now exposing them to criminal liability.
Re: (Score:2)
You guys are thinking too much into this. Any third party you entrust your secret to (bank authorities, lawyers, software etc) is a potential point of breach.
Just keep your information in hard copy (papers, journals etc), put it in a box, lock it up and bury it. Entrust the secret and key to a son/daughter with strict instructions it is not to be opened until you pass away, with the warning that the secrets revealed may destroy the family.
The less people know about it, the more secure it is.
I'd rather trust family who have an interest in protecting your secrets rather than some stranger or worse, impersonal unthinking code. And having a living, thinking secret keeper who can respond to challenges and situations you may not even forsee is far more effective.
I'm going to do this, and all that will be in the capsule will be a note saying, "You have been pwned! Dad has trolled you one final time."
Space (Score:3)
Launch the data into oputer space on a satellite, programmed to transmit the data after a set time period. For best results, send the machine on a massive period orbit to the outer solar system, or in a pinch, crash land it it on the Moon or Mars.
Governments will either have to give up, or else fund massive space project. Either way, we win.
Re: (Score:1)
Yeah, I can't imagine the gov't ever sending up secret military missions that would involve intercepting satellites to gain access to their data. That's just too unbelievable.
Re: (Score:2)
Governments willing to spend billions of dollars to get your data aren't the general use case for such a time lock service.
Re: (Score:2)
You'll also need a reasonably large space project to build and launch a satellite.
Re: (Score:2)
If you can't have space, you can have international ping times. Generate keys, deploy one in one place, one in the other, and keep bouncing messages off of each other.
Ocean (Score:5, Interesting)
Easier idea. Put the data in a tiny pressurized capsule and drop it deep in the ocean. After a set amount of time the capsule is designed to inflate an air bladder, rise to the surface and transmit via radio frequency.
There's no way to retrieve this ahead of time because:
1. The ocean is vast and the capsule is tiny.
2. The ocean is so deep that you would have to send a robotic submarine to find it and no one would know where to look. If you can lose a plane at the bottom of the ocean, you can lose a 1 foot capsule even more easily.
best in thread. (Score:3)
I think this post may be the best in the thread because it answers the question (time based, not coy power), it's somewhat practical unlike astronomical solutions, and recent events show it would be secure. If multiple motivated governments can't find an airliner, someone in a Snowden-like position could be reasonably confident that a small container dropped even just off the coast of California would remain there for quite a long time.
Re:Ocean (Score:4, Interesting)
work with the environment, not against it. You would have a weight, tether and float, your electronics go in the float portion, a solid state unit that is robust and has a average density just a fraction less than water. The tether is designed to corrode and fail after a year, or you perhaps have an electro magnetic clamp, or explosives, or several mechanisms of cutting the tether. As long as your device is below 750M it is below regular submarine depth and well below fishing depth and generally quite hard to get until it comes up.
Re: (Score:2)
Re: (Score:2)
More time that passes, less likely the detonation and more likely a malfunction.
So, at MOST, that's only a 50 year solution. Not a "few thousand".
Re: (Score:2)
Still, there are long term timers that could be made to work. You could literally do a Pitch Drop experiment and have the bottom plate be pressure sensitive and spring loaded (make sure you choose sprin
Re: (Score:2)
Do nothing (Score:4, Insightful)
Most modern cryptography works because it's difficult to solve certain math problems, but the limits of "difficult" keep getting bigger. It should be possible to make a rough estimate of how much processing power will be available to break your encryption by what date, to the parties of interest. Make your keys that strong, and hope you're close.
To build off of the Belfast Project example from TFS, a 50-year timespan might be reasonable. What kind of decryption ability might we have in 50 years? I'm no expert in cryptography, but an elliptic curve algorithm with a fairly-strong key seems reasonable to me. Encrypt it, destroy the plaintext, and forget about it. Forty-five years from now, a government might have the ability to decrypt the material, but they'd have to care, first. It might take sixty years for a data-crunching powerhouse like Google to decrypt it, and perhaps in sixty-five years, they'll see fit to run a PR stunt by unlocking the time capsule.
There's a lot of guesswork and estimation involved, but such is the nature of all time capsules. You're assuming that the capsule will be intact and unlockable at a future time, which necessarily involves predicting future capabilities.
Re:Do nothing (Score:4, Insightful)
Re: (Score:2)
This is where knowing your parameters is important.
If you want to protect against a government, assume they have a large number of powerful computers. If you want to protect against a large corporation, assume they have a small number of very powerful computers. If you want to protect against a local power, assume a small number of fairly weak computers. If you want to decode the data easily at a given time, consider how much power you will have available by then. Maybe your project is pressworthy enough to
Re: (Score:2)
Many of the advances in breaking encryption schemes come as people discover weaknesses that make the task easier, rather than a simple increase in computing power. These are impossible to predict and may make whatever system you use vulnerable.
Re: (Score:2)
Added bonus: If you use the "sink it to the bottom of the ocean and recover it later" approach you will be guaranteed to have a cool and low radiation environment for the material. Hopefully it will be dry too, but that's
safe deposit box? (Score:2)
A safe deposit box with the data stored in it. A key in the possession of a time keeper, such as a suitable law firm, and a third party to receive the information.
But what format to use that will remain useable after 50 years...
Phil
Re: (Score:2)
QIC tape format is 42 years old, ditto Ascii at 42 years old. It is highly unlikely ascii will be entirely disappeared in 8 years. Amazon and Google found several QIC tape readers for under $200. Tape is specifically invented and used for very long term storage. LTO tape readers will be around for a very very long time, for retention purposes. While not multi millennia solution, it's good for
Nope (Score:2, Interesting)
There is no way to do this purely in software, because there is no way for software to verify its inputs.
It ought to be conceptually possible to implement your "passage of time" example in tamper-proofed hardware, where the clock is part of the tamper-proofed payload.
Fundamental problem . . . (Score:2)
Re: (Score:2)
Re: (Score:2)
The unavoidable weakness of which is pad recovery. As in, the adversary prevents you from destroying your pad and recovers it. Or, not you; someone else trusted with the pad (such as your corresponedent, who's languishing in a jail as an imposter receives your encrypted messages and decrypts them with the captured pad).
This is why self-destructs are so popular in "no-kidding" grade crypto gear, and why they often don't get an opportunity to work.
Lawyer up (Score:4, Informative)
Communications with your lawyer are privileged. Give them your information with instructions on when and how to release it. Make sure to pay them in advance.
This is standard stuff in may novels because it kind of works.
Is it 100% effective? Maybe not. But it's a layer of protection. If you are especially paranoid, give one lawyer a 1-time pad encrypted hardcopy file. Give another the key.
Re:Lawyer up (Score:5, Insightful)
This is ,of course, the right answer: laws, not encryption. The smartest people are the ones that examine the entire premise, instead of going along with the implied boundaries of a task.
Re: (Score:2)
Fine, if you're afraid of the government in your lawyer's jurisdiction. What if you're afraid of a foreign intelligence service, or simply a local thug who's not above manhandling lawyer?
Re: (Score:2)
Re: (Score:2)
well, it would work for the belfast project then. just make the library claim that they're a lawyer...
Re: (Score:2)
Lawyers violate client confidentiality every day. They can't be compelled to do so -- except by their larger clients. There has to be something in it for the attorney. I've seen ample numbers of confidential documents from an attorney soliciting business from me. I think that showing off and acting like an industry kingmaker is the predominant motive, but I don't get to see the horse-trading among legal professionals.
Re: (Score:2)
There's a simple solution everyone is ignoring. Hire lawyers in competing countries. For example. US, Switzerland, Russia and China. Split the key, send a piece to all four. Good luck getting the legal systems of all four locations to concur.
Yes, there are banks and lawyers that specialize in key or software escrow, btw. It's getting more po
Re: (Score:2)
Except you can have said lawyer disbarred if you can prove they violated client confidence for unethical purposes. Contact your state bar association (for the US).
There's a simple solution everyone is ignoring. Hire lawyers in competing countries. For example. US, Switzerland, Russia and China. Split the key, send a piece to all four. Good luck getting the legal systems of all four locations to concur.
It would be a full-time job disbarring every attorney who violated client confidentiality in my presence. Moreover, when I'm there, it's not my confidentiality they are violating.
Lawyers do what they do because they know they can get away with it.
I gather you haven't yet sampled the trustwothiness of lawyers in China and Russia.
Fundamentally flawed (Score:2)
Computers don't know what time it is. They'll accept what ever time is set.
The only way to have something encrypted for a period of time is to not publish the encryption key for that period of time.
The first two links in the summary are basically "make it easy enough to crack based on an assumption of the computational power available in the future"
The 3rd is publishing a key on a network at a given time.
Re: (Score:2)
The only way to have something encrypted for a period of time is to not publish the encryption key for that period of time.
You can divide the secret key up into numerous pieces where M of N pieces need to be presented to reconstruct the secret key.
Then make sure the actors are sworn to keep their key share vaulted in a safe place and neither release their share of the key NOR reveal/disclose that they have a share of the key, until the release date, and M actors will not reside within the same legal j
Re: (Score:2)
OK, let's assume all the actors are peers and there is no central actor "in charge". That implies the actors are not unknown to each other. Otherwise, to whom do they swear - how do they know they are not swearing to the wolf[*]? The first problem you've got is that your entire organization of actors is exponentially exposed by the conspiracy's mutual knowledge of the identities of the others.
The case where you have one chief, and none of the others kn
Re: (Score:2)
So basically it's "hide the key until you want to public"
You've just taken the 3rd link in the summary and used people instead of computers.
A model based on social covenants (Score:3)
Example - 10 keepers chosen, 4 in UK, 1 in Iceland, 2 in Australia, 1 in USA, 1 in Uruguay and 1 in Morocco. Policy chosen so that the cooperation of 7 is required to decrypt. Each keeper then is thus issued 84 strings. 1 agent dies, another agent gets busted, and a third agent becomes opposed to the decryption. This leaves 7 agents. They each send their key packages in to the time capsule curator, who decrypts each package, identifies which string within each package is need to form the key, XORs these strings, then arrives at a final decryption key. Even if an intelligence organisation manages to extract keys from 6 of the agents, they won't be able to decrypt. If on the other hand, they kill up to 3 of the agents and stop them returning their keys, the decryption can still go ahead. Ideally, you would want to set n and m according to perceived risk, plus the size of the data set. For example, 36 agents and 20 required would produce a key set which would fit into a cheap 8GB USB stick.
Re: (Score:2)
Re: (Score:2)
Who is the implied subject here? Who is the one who knows the identities of all these actors and knows ("believes" being more accurate strictly) that they can be trusted? The subject is the single point of failure in the sense that he has the knowledge to give up the entire conspiracy. Then the wolves in the various jurisdictions can start to make deals with each other until all the actors are in the hands of the
Time release escrow (Score:3)
I started working on software to do this a few years back. I concluded that all the software is already written if you have a need and the problems are all regarding the way the user wants to protect the information, how much money they have to spend and how careful they are. In other words, it's a social/societal problem and you could setup a consulting service to help people do it, but software probably wouldn't be much benefit.
Here is an example:
First encrypt all the things. Then give the encrypted file to anyone since you're going to assume for the sake of this slashdot post that the crypto is unbreakable (if you're unwilling to accept this assumption then feel free to divide the data the same way the key is outlaid).
Next establish some trusts in your name and appoint a number of people as trust managers. This should probably be more than one trust and definitely more than one person. You may even need to obscure who creates the trust depending on what you're hiding and who might want to get it. Try to make some of the trust managers overseas might be good if you're worried about long term survivability of your data, since stability of a country might be in question in 100 years or so.
Now, cut your key into two halfs (or more), write out instructions that the managers are to meet at some location at a certain date. None of the managers should know any of the other managers. For survivability you might give a duplicate copy of parts of the key to multiple people so if one person doesn't show up there is still a chance to recover from it.
Ultimately nobody has knowledge of anything. On the date in question the responsible people show up only with the knowledge they are supposed to arrive with their bit of information. It could be that they don't arrive anywhere at all and their instructions are to publish the information. Without having context only the receiver would know what the completed key was for, and even they might have only been instructed to hold on to data for 100 years then accept the key when it arrives.
This scheme works best if there are multiple companies around the world formed with the purpose of doing this for people, or if it was a common service asked for at banks/law offices/etc. If the lawyer is holding on to only one key for 100 years they might become curious and try to figure out what it's for. If it's one key amongst thousands then it's nothing more than a tiny amount of data they're paid to deal with. They would also be less likely to publish the information out of turn because it could be they're storing it for something worth less than the amount they're paid to escrow it.
Re: (Score:3)
Mission impossible (Score:2)
Mission impossible figured this out it the 60s.
"This tape will self destruct in 5 seconds" *POOF*
But seriously, any truly secure system will have to take several things into account:
1. Any data transmitted in any way is vulnerable to interception.
2. Systems can be hacked using security vulnerabilities you're not even aware of.
3. Given enough time, all systems become circumventable with new technology.
So, so account for #1, you can't allow the data to be transmitted. So the data must be stored physically and
Re: (Score:2)
umm the problem for discussion is the opposite, how to bury the information so that it will be readable and found after certain time but not before.
for history preservation reasons, you know. destroying the information is pretty easy.
Over-thinking it? (Score:2)
I saw the movie (Score:3)
"Promise me, Red. If you ever get out... find that spot. At the base of that wall, you'll find a rock that has no earthly business in a Maine hayfield. Piece of black, volcanic glass. There's something buried under it I want you to have."
Security by burying things under rocks seems as good a technique as any, in geological time.
Time delay storage. (Score:2)
- Ceramic so metal detectors won't find it.
- how high up on the dune is determined by how fast the dune is travelling, and how long you want it to stay buried.
- make the average density of the pot plus contents the same as the sand, so it neither sinks nor floats.
Why I'm doubtful a software/encryption method. (Score:2)
If there's any form of encryption that has an existing key, all they need is the key. Of course, if they can't find it, it's no use for them, but it's pretty obvious that's not going to cut it since they are legally required to turn it over if given the proper paperwork. Going to jail for
Forget it (Score:3)
Just destroy the data reliably. There is enough vision-less scum around that anything else will be far too risky.
forget digital (Score:2)
""I'm curious whether there are good prospects for 'time capsule encryption,' one of several ways of storing information that renders it inaccessible to anyone until certain conditions â" such as the passage of time â" are met?"
The motivation for this question is vague. It could be that the OP has information about a criminal element that she wants released if she suffers an untimely death. It could be that the OP has solved the problem of nuclear fusion but is not ready to share it yet. The motiv
Is there something you could do with bitcoin (Score:2)
I can't wrap my head around exactly how, but it seems that the block chain is the closest thing we have to a cryptographic timestamp
Submitter is a fat idiot (Score:2)
It's called "Northern Ireland". Submitter is presumably an American, has never been within 2000 miles of Ireland, and couldn't even point to it on a map. A map of the Western half of the British Isles.
Re: (Score:2)
Ocean trench (Score:2)
Murdering Scum (Score:2)
>especially in the wake of the 'Belfast Project' situation, where a library promised confidentiality for accounts of the Troubles in North Ireland, and then found itself amidst subpoenas from law enforcement looking to solve long-cold cases.
Are we supposed to feel sympathy when murdering scum finally face the justice they deserve?
Re: (Score:2)
No, you're supposed to recognize that if these subpoenas are upheld then no one can trust a library's promise of confidentiality in exchange for disclosure, meaning that this sort of information is more likely to be permanently lost in the future rather than placed into a sealed archive to be revealed at a later date.
The point isn't to shield wrongdoers, it's to ensure that history is preserved for future generations. If those involved can't trust that the information will remain sealed as agreed, then they
Re: (Score:2)
Maybe it's better for the rest of us if murders can't hide behind confidentiality promises, so that other people are less likely to turn to murder as a solution to their imagined grievances.
Re: (Score:2)
You are missing the point. Without a credible promise of confidentiality, they won't tell anyone. That means that they still won't be prosecuted. The criminals aren't the ones who need these agreements upheld; we are. Refusing the honor confidentiality agreements would just mean that the rest of us are left guessing about what actually happened, rather than (eventually) having access to first-hand accounts.
Overruling confidentiality for the sake of prosecution is a trick that works perhaps once or twice. Af
Re: (Score:2)
I'm not missing the point. I'm pointing out a trade off.
Crowdsource it (Score:2)
Distribute pieces of the key to a large number of anonymous individuals, such that thousands of pieces are needed for decryption. A popular Linux distro like Ubuntu could run necessary software by default and, in exchange, give users ability to use timed encryption for their own needs.
Thinking about making this a service... (Score:2)
The difficult part is finding some place to put your device where it can transmit data that everyone can receive, but it can not be otherwise accessed. ("Recipe for unicorn soup: First, catch a unicorn...") However, there are some possibilities. On the Moon would be good for a decade or so. Even an ordinary orbit, with "destruct if anyone gets close" circuitry, would be a possibility.
Now, the easy part. Generate a bunch of ginormous public/private key pairs, one for each day of secrecy expiration you
Re: (Score:3)
This also. Crimes should be solved. Its not a fiasco. They gave written testimony to a third party that was not their lawyer, that is admissible in court.
However, I think the particulars of this situation are such ( the troubles were a terrible thing that I don't want to see reignited ), that I would not have advised the Brittish/Northern Ireland authorities to have pursued it. They're risking the peace that was very hard fought. The only innocent parties in the conflict were the innocent civilians that we
Re: (Score:2)
Murder is murder. You either bring justice to the situation, or a higher party holds you to account.
In this case, 'You' being the British/Northern Ireland Govt., and 'higher party' being God.
Re: (Score:2)
That doesn't have anything to do with my post. Of course crime and legality are merely human constructs by those in power for their own benefit. Over time, our laws have mostly evolved to those that also do good things like promoting the general peace. And in my humble opinion, thats what should be done in the interpretation of, and application of those laws today. Which is why, I would advise against prosecuting IRA members now that they've disarmed.
Now, I cannot say that what the IRA did was some how nob
Re: (Score:2)
1. Find some technical/legal/whatever solution that allows the people to come forward and tell their story and have it recorded in the history books, but avoid prosecution.
2. Lose the history and still prosecute nobody because obviously they won't want to come forward if it just puts them right in ja
The premise of this article is broken. (Score:2)
Is anyone so sure that this is a 'fiasco'?
It might be seen as some abstract fiaso of ethics in the USA, but that shit happened to people for real. Boston College screwed up, for sure, with a rather naive and slightly patronising project, but the rest is the law at work, in a way that it should work; uncovering truth and exposing wrongdoers to prosecution.
People have a right against self-incrimination. At least they do in the U.S.. I've heard what passes for "Miranda Rights" in the U.K., and you are effectively forced to incriminate yourself to assert an affirmative defense later. Basically, you have to make a decision up front, often without legal counsel, in order to be able to rely on the information in court later, should you choose that method of defense later.
The real question is whether or not Boston University was (A) capable of offering such guar
Re: (Score:2)
"You do not have to say anything, but it may harm your defence if you do not mention when questioned something which you later rely on in court. Anything you do say may be given in evidence."
pros and cons to it really, the US version, anything you say will be used *against* you. Anything helpful to you can be discarded by the police. In the UK you can say stuff helpful to yourself and it is worth doing that if it is true because the police have to note it down and you can use it. In the UK if you make up a
Re: (Score:2)
I will add that the UK[1] it doesn't apply until you've had at least the possibility to consult a lawyer.
[1] strictly speaking, England an Wales - Scotland has a different system.
Re: (Score:2)
You clearly haven't.
No you aren't.
No you don't. Not even close.
I'm perfectly aware of this - "You do not have to say anything, but it may harm your defence i
Re: (Score:2)
I'm perfectly aware of this - "You do not have to say anything, but it may harm your defence if you do not mention when questioned something which you later rely on in court. Anything you do say may be given in evidence." - which is what you're probably referring to..
Yes. This is exactly what I'm referring to.
However if your finger isn't too tired and you read the full act [legislation.gov.uk] you'll see that it goes on to say "[the judge, jury etc] may draw such inferences from the failure as appear proper.
and then "Where the accused was at an authorised place of detention at the time of the failure, subsections (1) and (2) above do not apply if he had not been allowed an opportunity to consult a solicitor prior to being questioned, charged or informed as mentioned in subsection (1) above.]"
The problem occurs when you are question prior to being in an authorized place of detention, at which point you don't yet have the opportunity to consult your solicitor (and depending on the circumstances, I'd think you'd want a barrister, instead, except in countries like Canada, where all solicitors are barristers).
Basically they can question the shit out of you at the scene, and then they can do it more on the ride to the station, and they can do it more on thei
Re: (Score:2)
well it is a fiasco for the College - and for eventual truth. plenty of people will just now shut up and die with their information so there's nothing to learn from their information.
Re: (Score:2)
He wanted to go before the TRC to get his story on the record. Off the record, certain folks let him know that he was free to testify to absolutely anything that the previous government did. If he testified against the ANC, CPSA/SACP and especially Umkhonto we Sizwe, he might end up with his head cut off or otherwise severely punished.
Re: (Score:2)
I think it would be deeply insightful if we aired all the dirty laundry of Hoover's FBI dragnet. A lot of it has already been brought to light when... huh... a leftist activist group burglarized a field office and released document to the media about COINTELPRO [wikipedia.org].
Now, what was exposed was the offical documented record of what happened. Imagine if the actual agents revealed what really went on. Why they did it. What the rational was. Who ordered what.
I imagine there would be a number of similarities between Ho
Re: (Score:2)
Doesn't really work. Even if you eg. find a quasar that sends out a very specific signal every 100 years, you need to record the noise in order to get the key, at that point your encryption system is vulnerable to replay attacks where someone simply replays the noise in order to unlock the secret.
One system that theoretically would work in such fashion (somewhat) would be to send off a probe with your key and a decryption algorithm into space near the speed of light (otherwise it could be taken over by a 'f