Feds unlock suspect's encrypted drive, avoid Constitution meltdown

Digital age plays havoc with 5th Amendment


Investigators have cracked the encryption key for a laptop drive owned by a Colorado woman accused of real-estate fraud - rendering a judge's controversial order to make her hand over the passphrase or stand in contempt of court irrelevant.

The government seized the Toshiba laptop from Ramona Fricosu back in 2010 and successfully asked the court to compel her to either type the key into the computer or turn over a plain-text version of the data held on her machine.

Her lawyer's argument that compelling her to hand over encryption keys would violate her Fifth Amendment rights against self-incrimination was rejected. Prosecutors offered Fricosu limited immunity in this case without going so far as promising they wouldn't use information on the computer against her.

The Electronic Frontier Foundation filed a brief supporting the defence in the case, arguing that Fricosu was being forced to become a witness against herself. District Judge Robert Blackburn refused to suspend his decision for the time it would take to convene an appeal. The regional 10th U.S. Circuit Court of Appeals refused to review his decision.

Fricosu was left with the stark choice of either coughing up her encryption keys by the end of February or risk a spell behind bars for contempt of court. Philip Dubois, Fricosu’s attorney, claimed that his client had forgotten the encryption passphrase.

The closely watched case set the scene for a legal showdown that would test the US Constitution's Fifth Amendment rights in the digital age. However the Feds handed the plain-text contents of the laptop to Dubois on Wednesday. It seems more than likely that the authorities had come across the right passphrase without Fricosu's forced assistance.

"They must have used or found successful one of the passwords the co-defendant provided them," Dubois told Wired.

Fricosu, and her ex-husband co-defendant Scott Whatcott are both accused of mortgage fraud.

The development comes days after a federal appeals court ruled in a separate case that a defendant did not have to hand over keys to decrypt a laptop drive believed to be storing images of child abuse. The ruling by the Atlanta-based US 11th Circuit Court of Appeals in the case of an unnamed Florida suspect upheld the defendant's right to resist forced decryption.

This was the first appellant court to rule on the balance between Fifth Amendment rights against compelled self-incrimination and the public interest in allowing police to potentially unearth evidence in criminal cases involved encrypted computers and storage devices. However the ruling is not binding in other regions, especially in the absence of a Supreme Court ruling on the issue.

The US Fifth Amendment holds that no one "shall be compelled in any criminal case to be a witness against himself". Supreme Court rulings have previously ruled that a criminal suspect can be compelled to turn over a key to a safe possibly containing incriminating evidence, but is not obliged to supply the combination of a safe to investigators. ®

Similar topics

Broader topics


Other stories you might like

  • Telegram adds paid tier as it cracks 700 million users
    Without so much as a mention of encryption, but with a pastel-hued emoji-heavy nod to ‘sustainable monetization’

    Messaging app Telegram, which came to prominence for offering end-to-end encryption that irritated governments, has celebrated passing 700 million active monthly users with a pastel-hued announcement: a paid Premium tier of service.

    A Sunday post celebrates the 700 million user milestone by announcing a $4.99/month tier. The Premium tier distinguishes itself from the freebie plebeian tier with the ability to upload 4GB files, unthrottled downloads that come as fast as users' carriers will allow, and the chance to follow up to 1000 channels, create up to 20 chat folders each containing up to 200 chats, and to run four accounts in the Telegram app.

    Paying punters will also get exclusive stickers and reactions and won't see ads once they sign up to hand over coin each month.

    Continue reading
  • Protecting data now as the quantum era approaches
    Startup QuSecure is the latest vendor to jump into the field with its as-a-service offering

    Analysis Startup QuSecure will this week introduce a service aimed at addressing how to safeguard cybersecurity once quantum computing renders current public key encryption technologies vulnerable.

    It's unclear when quantum computers will easily crack classical crypto – estimates range from three to five years to never – but conventional wisdom is that now's the time to start preparing to ensure data remains encrypted.

    A growing list of established vendors like IBM and Google and smaller startups – Quantum Xchange and Quantinuum, among others – have worked on this for several years. QuSecure, which is launching this week after three years in stealth mode, will offer a fully managed service approach with QuProtect, which is designed to not only secure data now against conventional threats but also against future attacks from nation-states and bad actors leveraging quantum systems.

    Continue reading
  • Cheers ransomware hits VMware ESXi systems
    Now we can say extortionware has jumped the shark

    Another ransomware strain is targeting VMware ESXi servers, which have been the focus of extortionists and other miscreants in recent months.

    ESXi, a bare-metal hypervisor used by a broad range of organizations throughout the world, has become the target of such ransomware families as LockBit, Hive, and RansomEXX. The ubiquitous use of the technology, and the size of some companies that use it has made it an efficient way for crooks to infect large numbers of virtualized systems and connected devices and equipment, according to researchers with Trend Micro.

    "ESXi is widely used in enterprise settings for server virtualization," Trend Micro noted in a write-up this week. "It is therefore a popular target for ransomware attacks … Compromising ESXi servers has been a scheme used by some notorious cybercriminal groups because it is a means to swiftly spread the ransomware to many devices."

    Continue reading

Biting the hand that feeds IT © 1998–2022