surrendering one's passphrase to authorities

David Shaw dshaw at
Wed Mar 4 01:58:31 CET 2009

On Tue, Mar 03, 2009 at 07:31:03PM -0500, Robert J. Hansen wrote:
> Atom Smasher wrote:
> > most people don't use pass-phrases that strong.
> Let me see if I have this clear:
> - He knew he was approaching a border
> - He knew he had child porn on his system
> - He knew his laptop might be searched at the border
> - And you think, knowing all this, he'd use a weak passphrase?

This particular fellow was not necessarily the brightest bulb in the
bunch.  Remember that he also waived his Miranda rights (for the non
US readers: see Wikipedia for the details, but this is the "You have
the right to remain silent, etc" speech that you've probably seen on
US television and movies), and willingly showed the decrypted disk,
child porn and all to the border agents.

It was only after his arrest and the accidental re-encryption of the
disk did this passphrase issue arise.

> > in any case, we're talking about something that can realistically be
> > broken in a reasonable amount of time
> If you're talking about a chump who hasn't bothered to think things
> through, sure.

There is, of course, a dramatic difference between how someone may act
when they're setting up their encryption at home and have time to
think things through, and how they may act when caught transporting
child porn over a border.

Even so, there are many things he could have done to try and hide his
illegal material *before* approaching the border.


More information about the Gnupg-users mailing list