Good news for Americans:
U.S.
Magistrate Judge Jerome Niedermeier
ruled that a man charged
with transporting child pornography on his laptop across the Canadian border
has a Fifth Amendment right not to turn over the passphrase to prosecutors. The
Fifth Amendment protects the right to avoid self-incrimination.
If this becomes a precedent, it will
be distinctly different from European countries such as the U.K, where a new
law provides for up to
two years of jail time simply for refusing to reveal a key.
As people's digital storage
increasingly becomes an integrated part of their identity, the right to keep
certain data private will become increasingly important. The right to
keep encryption keys private will increasingly mean the freedom to keep certain
thoughts private, whether they are stored in wetware or digital form.
More: Crypto and Self-Incrimination
FAQ
Various tech bloggers
are
reporting that Microsoft
will
include the NSA-recommended random algorithm suspected of
containing
a backdoor vulnerability in the upcoming Windows Vista service pack.
According to Microsoft, the "Dual Elliptical Curve (Dual EC) PRNG from SP
800-90 is also available for customers who prefer to use it," so this
algorithm is an option, not the default. Why would Microsoft
intentionally include an inefficient and unsecure algorithm? Very likely, because it will eventually be
required in governments contracts.
It is hard to blame Microsoft for not wanting to lose government contracts,
or to alienate customers who depend on them.
The real danger is the (inevitable?) attempts by the state to force this
algorithm on everyone else, including requirements that make it mandatory for
government contracts, and thus attempt to influence the default configuration
by virtue of the state's dominant market share.