Setec Astronomy
August 8, 2013 2:45 PM   Subscribe

Lavabit, the email service allegedly used by Edward Snowden, has been shut down by its owner. "I have been forced to make a difficult decision: to become complicit in crimes against the American people or walk away from nearly ten years of hard work by shutting down Lavabit. After significant soul searching, I have decided to suspend operations..." - Ladar Levison, owner. via Reddit, Slashdot, and The Guardian.
posted by urbanwhaleshark (180 comments total) 49 users marked this as a favorite
 
Ars had this further bit on their offering, via Lavabit's Google cache:

The secure mail storage process uses asymmetric encryption to ensure the privacy of messages while being stored on the Lavabit servers. Asymmetric encryption is a process that uses public key and private key encryption to make messages unreadable without knowing a user's plaintext password. Presently we use Elliptical Curve Cryptography (ECC) with 512 bits of security to encrypt messages. The private, or decryption, key is then encrypted with a user’s password using the Advanced Encryption Standard (AES) and 256 bits of security. The result is that once a message is stored on our servers in this fashion, it can’t be recovered without knowing a user's password. This provides a priceless level of security, particularly for customers that use e-mail to exchange sensitive information.

Ars also points out: ...ECC has been approved by the NSA for Suite B, meaning the agency thinks it's strong enough for government use.
posted by jquinby at 2:50 PM on August 8, 2013 [3 favorites]


I read this in the Snowden thread. Nitpick, they haven't said that this is permanent. "A favorable decision would allow me resurrect Lavabit as an American company."
posted by jessamyn at 2:51 PM on August 8, 2013


But why would they want to, when it could just happen again?
posted by ChurchHatesTucker at 2:52 PM on August 8, 2013 [4 favorites]


Not arguing the point, just saying there are options available to them and they have not been clear in that posting which direction they are taking moving forward.
posted by jessamyn at 2:53 PM on August 8, 2013


Mod note: edited the post per OP request carry on
posted by jessamyn (staff) at 2:54 PM on August 8, 2013


Someone(tm) please write an open-source version of this concept so I can use it please.
posted by Skorgu at 2:56 PM on August 8, 2013 [2 favorites]


So the solution is to move away from companies that have a physical presence in the United States? Sounds pretty difficult.

The fact that this company cannot even disclose to its customers or to the general public exactly what is going on is a symptom of how far things have come.
posted by antonymous at 3:00 PM on August 8, 2013 [10 favorites]


It sounds like Lavabit was issued a national security letter. One of the problems with NSLs is that if (for example) the Patriot Act is up for re-approval and the head of the House Judiciary Committee or the Attorney General incorrectly states that zero libraries have been served with national security letters, served librarians cannot legally point out that our leaders are mistaken at best. This is not a hypothetical concern.

I know I have been beating this drum a lot in the Snowden/NSA threads, but please forgive me for saying this one more time:

The law should not prevent a body politic from exercising informed consent over the methods used to police it. Any such law is unjust.
posted by compartment at 3:04 PM on August 8, 2013 [84 favorites]


The fact that this company cannot even disclose to its customers or to the general public exactly what is going on is a symptom of how far things have come.

Secret laws. Secret courts. Free-speech zones. Torture camps. Extrajudicial executions via remote-controlled drones. All under a Democratic president, no less.
posted by Blazecock Pileon at 3:05 PM on August 8, 2013 [64 favorites]


It's probably a bit early to ask for alternatives :)

Honestly, my first reaction - as you can tell from the post tags - was FFS. I'd used Lavabit for about 18 months and because it integrated so well with Thunderbird I had a number of accounts for different area of my life (job hunting, accounts). Fortunately I don't get a great deal of email, but it's such a shame it's gone because it was a great service.

My second reaction was: I completely understand the decision.

As an aside to jquinby's comment, because of the way that EEC works, if you lost your password or couldn't remember it, you could kiss your account goodbye. There was no way to get a password reset.
posted by urbanwhaleshark at 3:06 PM on August 8, 2013


I only did that once.
posted by urbanwhaleshark at 3:07 PM on August 8, 2013 [3 favorites]


Relevant Hacker News discussions (they are #1 & #2 on the front-page):

Lavabit abruptly shuts down

Edward Snowden’s Email Provider Shuts Down After Secret Court Battle

#3 is this:

Encrypted E-Mail Company Hushmail Spills to Feds (2007)

------

To put this in perspective, Hushmail, when faced with the same situation created a secret backdoor for the Feds, vs. Lavabit which shut down the whole service when faced with the secret request.
posted by wcfields at 3:08 PM on August 8, 2013 [12 favorites]


My Socrates Note?
posted by AlonzoMosleyFBI at 3:09 PM on August 8, 2013 [3 favorites]


Today in "Things that feel ripped from a Neal Stephenson novel but aren't..."
posted by sparkletone at 3:10 PM on August 8, 2013 [18 favorites]


Secret laws. Secret courts. Free-speech zones. Torture camps. Extrajudicial executions via remote-controlled drones. All under a Democratic president, no less.

Wait, didn't he say on Leno there is no domestic spying program?
posted by KokuRyu at 3:12 PM on August 8, 2013 [3 favorites]


Someone(tm) please write an open-source version of this concept so I can use it please.

I'm pretty sure that the service relied on in-browser JavaScript crypto, which is generally considered to be a pretty bad idea. There are lots of open source projects that are much better (any email provider + GPG, for instance), they are just less idiotproof. But you can set up your own mailserver and have everything encrypted at-rest with asymmetric keys, so that only you can read the messages, in an afternoon or two.

Honestly I'm surprised that they went after Lavabit in such a heavyhanded way. Based on my understanding of how it worked, they could have snooped messages into and out of the service pretty easily by compromising at the ISP or colo facility switch level, and then replacing Lavabit's Javascript with a compromised version. No cooperation by Lavabit would have been required. Transparent to users. Almost impossible to prevent assuming the attacker can forge the right certificates (which, if they are the government and can have access to a commonly-trusted root, they can).

I assume that the folks at the NSA aren't complete morons, and that they've thought of that, and that shutting down Lavabit was something else.
posted by Kadin2048 at 3:13 PM on August 8, 2013 [2 favorites]


"...I would _strongly_ recommend against anyone trusting their private data to a company with physical ties to the United States any entity connected to a government or corporation."

Fixed that.
posted by BlueHorse at 3:14 PM on August 8, 2013


Someone(tm) please write an open-source version of this concept so I can use it please.

It is a service. You would have the same result no matter who you hosted it with, be it colo or Amazon, or what have you.

This is Hushmail all over again. At the very least, it makes their eventual return, if the legal parts get fixed, all the better, because you can trust them to fight.
posted by zabuni at 3:16 PM on August 8, 2013 [1 favorite]


All under a Democratic president, no less.

Some of us still remember Clinton's Clipper Chip.
posted by Slothrup at 3:23 PM on August 8, 2013 [8 favorites]


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

I'm very surprised that an NSA tech isn't using vanilla GPG. These services really only exist for the less skilled who are interested in secure coms.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.20 (Darwin)
Comment: GPGTools - http://gpgtools.org

iQEcBAEBCgAGBQJSBBr5AAoJEG9mxKTgRArCJo8H/0F3QHC1E4+/IOpOPtMEr3pZ
lhNU4LUDq7BEtRumHiAChizoXZuF5o3CkAvfJ9z3ufx3CCDTBRrXIGjfah+Y4ebr
PnzdK8fWu+KXtgHk1sRMm57E/EP7aV9gcAzd5p3gLLEkOuYLRgbiLJQoxGcjbECN
B5Eq3gyuKnNhX/rPWmK25eWCczN0OSvdhYTjUHh1vTm9SZejKXBnPTSknW9X15H2
0XGjhZWEHe8lsjPB1CCTTa9M2EY+OE47z2f2NhSu9WyzH5SCMew4WluhREJ1KYdO
YMi2pFUqbLzImjCS1EXXx9ZlhAXlRVxhlxJ5sVbBgU7yqiJCl8NJsUxyvalzp7A=
=7Y68
-----END PGP SIGNATURE-----
posted by butterstick at 3:26 PM on August 8, 2013 [7 favorites]


Aaaaand the EFF just gained me as a monthly donor.
posted by nicebookrack at 3:26 PM on August 8, 2013 [15 favorites]


All under a Democratic president, no less.

I don't see what Obama being a Democrat has to do with this. The quest for total control transcends political parties.
posted by Noms_Tiem at 3:27 PM on August 8, 2013 [14 favorites]


I don't see how political affiliation matters when it's possible to blackmail just about anyone with only the flimsiest of pretenses. This is the kind of thing that kept J. Edgar Hoover in power for so long. Who's the modern-day equivalent (by which I do not mean who is the current FBI director)? Whoever it is, I am pretty sure their position doesn't have term limits.
posted by feloniousmonk at 3:36 PM on August 8, 2013 [8 favorites]


I feel like this is one of those situations where a strong American media is missing in action.

It's the sort of situation the guy in the street puts low down his priorities because the ramifications are hard to care about compared to the obvious ones of the economy etc, and those are the situations newspapers and TV used to be great at screaming about until they got fixed.

But ever since the Iraq war, I feel like TV has fallen deep into partisan squabbling and Fox-led lying, while the papers are punch-drunk from the collapse in revenue and loss of circulation.

In effect, there's not really a functioning fourth estate, and these are the sort of excesses that are easier to get away with.
posted by bonaldi at 3:37 PM on August 8, 2013 [13 favorites]


I don't see what Obama being a Democrat has to do with this

Obama ran on a platform of eliminating the civil rights violations of the Bush administration, and giving us the most transparent administration in history.

He has delivered neither.
posted by COD at 3:38 PM on August 8, 2013 [38 favorites]


Noms_Tiem: "I don't see what Obama being a Democrat has to do with this. The quest for total control transcends political parties."

Yeah, the takeaway I've gotten from this whole thing is that we basically have one party, called Power, and it has two wings.
posted by mullingitover at 3:39 PM on August 8, 2013 [24 favorites]


Someone(tm) please write an open-source version of this concept so I can use it please.

I have written a service very much like Lavabit, but with a slightly different target use case. (I won't link it here, since I have commercial aspirations for the service, but would be happy to tell you about it privately.) It uses client-side key selection and data encryption via JavaScript, but the protocol is open so you can write your own (faster) interfaces if you like. We have two-factor authentication baked in as well.

I admire Lavabit's response, and urge everyone who hasn't yet thought about all the people who are collecting your data, to give it some thought, and to do something about it. It's not tremendously hard, but it won't get easier quickly enough unless more average people take an interest and try to improve their own privacy and information security.
posted by spacewrench at 3:42 PM on August 8, 2013 [3 favorites]


Oddly, the paranoid fantasies of the right before the 2008 election -- that Obama would usher in a terrible new era of repressive state control -- are now the depressing reality for the left.

And now that it's actually happening, the right don't even give a shit.
posted by dontjumplarry at 3:47 PM on August 8, 2013 [7 favorites]


That's because they've always been anti-black dude, not anti-police state.
posted by Celsius1414 at 3:48 PM on August 8, 2013 [12 favorites]


The unfolding surveillance story, of which this is but a part, seems to really cut at the core of the legitimacy of our political system. There isn't supposed to be a massive domestic spying program, but there is. Who says it isn't spying on Congress? How many votes have been swayed? Whose seemingly nuts positions are the result of the timely delivery of an envelope with some Facebook chat transcripts? We know it won't be Lavabit transcripts, at least.
posted by feloniousmonk at 3:50 PM on August 8, 2013 [6 favorites]


Apparently there is literally nothing that is not Obama's fault. Right and left seem to share in this obsession, to the extent that we can hardly have a single headline go by without immediately having to relate it directly to Obama and every other event that has occurred during his presidency.
posted by kiltedtaco at 3:50 PM on August 8, 2013 [2 favorites]


Obama ran on a platform of eliminating the civil rights violations of the Bush administration, and giving us the most transparent administration in history.

I’m not at all sure this is within the President’s power any more.
posted by bongo_x at 3:52 PM on August 8, 2013


Those drone kill orders don't sign themselves.
posted by dontjumplarry at 3:53 PM on August 8, 2013 [12 favorites]


I’m not at all sure this is within the President’s power any more.
"I have this feeling man, 'cause you know, it's just a handful of people who run everything, you know … that's true, it's provable. It's not … I'm not a fucking conspiracy nut, it's provable. A handful, a very small elite, run and own these corporations, which include the mainstream media. I have this feeling that whoever is elected president, like Clinton was, no matter what you promise on the campaign trail – blah, blah, blah – when you win, you go into this smoke-filled room with the twelve industrialist capitalist scum-fucks who got you in there. And you're in this smoky room, and this little film screen comes down … and a big guy with a cigar goes, "Roll the film." And it's a shot of the Kennedy assassination from an angle you've never seen before … that looks suspiciously like it's from the grassy knoll. And then the screen goes up and the lights come up, and they go to the new president, "Any questions?" "Er, just what my agenda is." "First we bomb Baghdad." "You got it …" "
-Bill Hicks
posted by Pope Guilty at 3:54 PM on August 8, 2013 [37 favorites]


Apparently there is literally nothing that is not Obama's fault. Right and left seem to share in this obsession, to the extent that we can hardly have a single headline go by without immediately having to relate it directly to Obama and every other event that has occurred during his presidency.

ahem
posted by phaedon at 3:56 PM on August 8, 2013 [7 favorites]


"I feel like this is one of those situations where a strong American media is missing in action.

It's the sort of situation the guy in the street puts low down his priorities because the ramifications are hard to care about compared to the obvious ones of the economy etc, and those are the situations newspapers and TV used to be great at screaming about until they got fixed.
"

It's like most Americans don't believe the NSA is real. It's an imaginary thing, like Santa Claus. Santa knows if you've been bad or good, and the NSA can read all your email. They don't buy it on a gut level.
posted by Kevin Street at 3:59 PM on August 8, 2013 [3 favorites]


The law should not prevent a body politic from exercising informed consent over the methods used to police it. Any such law is unjust.

How much info is needed to be informed? Exactly how we are conducting intelligence operations? In an open society, that means compromising many of the operations that are working.

For example, if the American people knew of all of the capablilities our foreign intelligence services had, so would the very persons the government is attempting to monitor, rendering the monitoring useless.

Second, what law do you need to know? If you had knowledge of every FISA court decision, how would that help the American people? I knew early on in law school that the government could, with the FISA court's approval, tap a conversation I had with someone overseas. It is in the law. I also knew that the Government didn't need a warrant for a pen register. So, in your opinion, what level of specificity is needed here?

Another question is should there be a service where the government could not get the information even with a warrant? How do you stop terrorists, foreign intelligence services and child porn purveyors from completely shielding their communications from judge-approved warrants?

Finally, what is your idea of the solution to this problem? How is the government supposed to deal with the question of how to execute its national defense duty and balance the 4th Amendment rights for the populace?
posted by Ironmouth at 4:03 PM on August 8, 2013 [2 favorites]


ECC came from the NSA. ECC is mathematically proven to have a backdoor key. What math cannot prove is whether the NSA has that key. Anyone want to hazard a guess?
posted by idiopath at 4:04 PM on August 8, 2013 [7 favorites]


How much info is needed to be informed? Exactly how we are conducting intelligence operations? In an open society, that means compromising many of the operations that are working.

OK.

If that's the cost of having a functioning democracy, I'm OK with that.
posted by Horace Rumpole at 4:10 PM on August 8, 2013 [24 favorites]


Apparently there is literally nothing that is not Obama's fault.

The bounds within which the executive branch must function are set by Congress and codified in law. The exact nature of executive branch function within -- or outside -- those bounds is defined by the chief executive. The courts strike down or uphold laws, and they are supposed to remedy executive branch lawbreaking.

No branch of government is receiving sole blame. There are problems across all branches of government and both major political parties. This is not a my-guy/your-guy argument. The support and criticism for our surveillance regime cuts across party lines.

To the extent that Obama is being criticized here, it is in large part because he is "our guy", and we wanted and expected better of him.
posted by compartment at 4:14 PM on August 8, 2013 [2 favorites]


I’m not at all sure this is within the President’s power any more.
Only six people in the entire Galaxy understood the principle on which the Galaxy was governed, and they knew that once Zaphod Beeblebrox had announced his intention to run as President it was more or less a fait accompli: he was the ideal Presidency fodder ... The President ... is very much a figurehead - he wields no real power whatsoever. He is apparently chosen by the government, but the qualities he is required to display are not those of leadership but those of finely judged outrage. For this reason the President is always a controversial choice, always an infuriating but fascinating character. His job is not to wield power but to draw attention away from it.

Douglas Adams - The Hitchhiker's Guide to the Galaxy
posted by Grangousier at 4:15 PM on August 8, 2013 [22 favorites]


So, am I to understand this news framed as the government effectively shutting down a private means of secure communication because it happens to be used by a man wanted by the state?

Or what?

What does this mean?
posted by jnnla at 4:16 PM on August 8, 2013


The US Govt didn't shut it down. The owner did to protect his clients.
posted by urbanwhaleshark at 4:23 PM on August 8, 2013 [2 favorites]


Presidents come and go but the Spooks are forever...
posted by jim in austin at 4:26 PM on August 8, 2013 [1 favorite]


ECC came from the NSA. ECC is mathematically proven to have a backdoor key.

No, ECC was invented independently at IBM and the University of Washington. That article is talking about a random number generator based on elliptic curves, which nobody actually uses because it's slow and blatantly backdoored. ECC is currently believed to be extremely secure, and there's no need to discourage people from using it by scaremongering.
posted by teraflop at 4:33 PM on August 8, 2013 [18 favorites]


ECC came from the NSA. ECC is mathematically proven to have a backdoor key. What math cannot prove is whether the NSA has that key. Anyone want to hazard a guess?

Please don't make statements like this. The article you linked explains that an ECC-based random number generator designed / championed by the NSA appears to have a backdoor. That means that, if you use that random number generator, someone at the NSA might be able to guess the random numbers you picked (or, at least, might have a better chance at guessing them).

That is certainly a reason not to use that particular random number generator, but it doesn't appear that Elliptic Curve Cryptography (ECC) is entirely broken; just that this particular RNG might be.

(I vaguely remember hearing about some ECC news coming out of the recent Defcon, but I haven't chased it up yet. However, the link you posted seems to be information from 2007.)
posted by spacewrench at 4:35 PM on August 8, 2013 [8 favorites]


How much info is needed to be informed? Exactly how we are conducting intelligence operations? In an open society, that means compromising many of the operations that are working.

Speaking as a non-American, I could give a sweet fuck about the sanctity of your intelligence operations.
posted by KokuRyu at 4:44 PM on August 8, 2013 [24 favorites]


Whose seemingly nuts positions are the result of the timely delivery of an envelope with some Facebook chat transcripts?

How did the national enquirer know about john Edwards? Was Anthony wiener really dumb enough to post a penis pic publicly in twitter, etc? What about Eliot spitzer?

Any public scandal that gets revealed through an anonymous tip is suspect now.
posted by empath at 4:46 PM on August 8, 2013 [8 favorites]


Look folks, we went to war in Iraq because, in large part, the Democrats would not stand up against the scant evidence and say they couldn't justify the war. Why? They were scared of being labeled as weak liberals and losing elections. This domestic spying issue is just another symptom of a disease that just keeps spreading.

The true sign of the fall of democracy is the recognition and acceptance of the fact that our elected leaders are not really in control.

Perhaps the single biggest loss to our checks and balances in the last decade happened on October 25, 2002, when Paul Wellstone died.
posted by Muddler at 4:47 PM on August 8, 2013 [10 favorites]


Speaking as a non-American, I could give a sweet fuck about the sanctity of your intelligence operations.

Speaking as an American, I agree.
posted by empath at 4:48 PM on August 8, 2013 [16 favorites]


i've been waiting for the thinnest excuse to put this somewhere.
posted by echocollate at 5:02 PM on August 8, 2013 [2 favorites]


Idiopath: That's an elliptic-curve-based PRNG, which is a different case from elliptic curves used as an asymmetric cipher. If the NSA has some secret way to break ECDSA/ECDH/etc crypto, it's based on some deeper mathematical knowledge than what might be behind a backdoor to Dual_EC_DBRG.

The NSA kinda has two jobs: to break "their" secrets and to protect "our" secrets. People have always been, quite reasonably, suspicious about exactly where the NSA draws the line between "them" and "us", but historically they've turned out to be acting in good faith when they design cryptosystems for US standards. This makes sense; the military and government make use of exactly those cryptosystems for their own communications. It'd be hard for the NSA to promulgate one set of algorithms for military use and a different set for civilian use.

posted by hattifattener at 5:03 PM on August 8, 2013 [1 favorite]


Autistici might be a good move. Anyone had any experience with them?
posted by urbanwhaleshark at 5:05 PM on August 8, 2013


All under a Democratic president, no less.

From where stems the idea that democrats are supposed to be any better? The liberal-conservative consensus has been around longer than any member of metafilter.
posted by klue at 5:07 PM on August 8, 2013 [2 favorites]


Speaking as an American, I agree.

Likewise.
posted by jessamyn at 5:11 PM on August 8, 2013 [2 favorites]


Based on my understanding of how it worked, they could have snooped messages into and out of the service pretty easily by compromising at the ISP or colo facility switch level, and then replacing Lavabit's Javascript with a compromised version. No cooperation by Lavabit would have been required. Transparent to users. Almost impossible to prevent assuming the attacker can forge the right certificates (which, if they are the government and can have access to a commonly-trusted root, they can).
While the government can get a cert issued for cn=lavabit.com at will, I'd be more surprised if they could recover the private part of lavabit's existing key material without forcing lavabit to turn it over. If I was Snowden, I would be manually checking that important site certificates hadn't changed each time I went to log in, assuming I hadn't removed the default roots and switched to explicit trust of known certificates.
posted by russm at 5:17 PM on August 8, 2013 [1 favorite]


Speaking as an American, I agree.

Speaking as an American who was born in Britain and has children with 3 passports each, the distinction between what the US can do to USians and what it can do to non-USians seems kinda silly.
posted by grubby at 5:25 PM on August 8, 2013


dontjumplarry: "Those drone kill orders don't sign themselves."

They will, and AT&T will bring it to you.
posted by symbioid at 5:36 PM on August 8, 2013 [7 favorites]


Relevant
posted by lalochezia at 5:38 PM on August 8, 2013 [2 favorites]


I'm speaking as a reptilian.
posted by Brandon Blatcher at 5:40 PM on August 8, 2013


So, the US is to have no intelligence operations? Okaaay, then.
posted by Ironmouth at 5:43 PM on August 8, 2013 [2 favorites]


All under a Democratic president, no less.

Well, you know, only Nixon could go to China.
posted by condour75 at 5:47 PM on August 8, 2013 [3 favorites]


I would sooner live in a country that made an honest go of it with no secret laws, secret courts, or torture - and failed, than one which did these things and "succeeded".
posted by Ryvar at 5:49 PM on August 8, 2013 [18 favorites]


So, the US is to have no intelligence operations? Okaaay, then.

Who are you talking to?
posted by Drinky Die at 5:59 PM on August 8, 2013 [4 favorites]


So, the US is to have no intelligence operations? Okaaay, then.

Who are you talking to?


The Americans who agreed with this:

Speaking as a non-American, I could give a sweet fuck about the sanctity of your intelligence operations.
posted by Ironmouth at 6:02 PM on August 8, 2013 [1 favorite]


Ahh, well in this case I think they might agree because an executive branch representative has lied under oath about these programs to Congress and apparently gotten away with it so in order to discuss the appropriate scope of intelligence gathering we need to find out what is actually happening right now.

Some people take the importance of the law very seriously, so they just aren't willing to look the other way on the blatant perjury that has prevented them from getting to the bottom of this. For some people having the executive branch follow the law isn't as important a priority so they might not be as concerned.

Either way, the point is we need to discuss the proper scope of intelligence gathering, and wanting accurate facts for that discussion does not imply any final decision on that scope.
posted by Drinky Die at 6:11 PM on August 8, 2013 [7 favorites]


Either way, the point is we need to discuss the proper scope of intelligence gathering, and wanting accurate facts for that discussion does not imply any final decision on that scope.

How much information is needed? Because you bump up against the problem of disclosing too much to make any decision meaningful--you end up destroying the very programs you are deciding on. This isn't a new problem, either. In the Continental Congress, they hid the names and details in hearings, just as they do now.

Its a hard thing, to strike that balance. I'm wondering, specifically, how we are to strike that balance.
posted by Ironmouth at 6:27 PM on August 8, 2013


Finally, what is your idea of the solution to this problem? How is the government supposed to deal with the question of how to execute its national defense duty and balance the 4th Amendment rights for the populace?

There's no balance. Protect the Constitution. Everything else is secondary.
posted by ChurchHatesTucker at 6:28 PM on August 8, 2013 [8 favorites]


I'm no fan of secret courts; but in this context, it doesn't make loads of sense to say you'd rather live in a country that tried to make an honest go of it and failed. Failure in this context means some form of you no longer living in this country.

That might seem a trivial semantic point, but I don't think so. These are big issues that smart, well-meaning people struggle with and disagree about. If we're tempted to perceive them in simple terms and wonder why nobody has chosen the simplest solution, then it's worth taking a fresh look at the stakes.
posted by cribcage at 6:31 PM on August 8, 2013 [4 favorites]


Either way, the point is we need to discuss the proper scope of intelligence gathering, and wanting accurate facts for that discussion does not imply any final decision on that scope.

How much information is needed?


In a situation where the government is willing to allow it's agents to lie under oath about the information we will need to see a great deal of it because the system we designed for oversight by our representatives has clearly broken down. If that means more needs to be exposed than would otherwise be ideal, that sucks, but the Obama administration has created that reality, not Snowden.
posted by Drinky Die at 6:38 PM on August 8, 2013 [11 favorites]


The US government has proven that it cannot be trusted with secrecy, and if denying it secrecy is necessary to fix that, so be it.
posted by Pope Guilty at 6:55 PM on August 8, 2013 [17 favorites]


I’m not at all sure this is within the President’s power any more.

Congress makes the laws. Congress is not cooperating with the president's agenda. Clearly, this is the president's fault.
posted by gjc at 7:04 PM on August 8, 2013


How did the national enquirer know about john Edwards? Was Anthony wiener really dumb enough to post a penis pic publicly in twitter, etc? What about Eliot spitzer?

They heard rumors and they stalked him. Yes. Men (and women, I'm sure, there are just fewer cases) in powerful positions think themselves immune to exposure and expose themselves in stupid, stupid ways. Hanlon's razor is pretty sharp.

I'm not saying the NSA is above such stuff... I'm just saying that Wiener was dumb enough to sext again after getting caught the first time. Carlos fucking Danger doesn't require an NSA tip.
posted by maryr at 7:06 PM on August 8, 2013 [1 favorite]




posted by feloniousmonk:
I don't see how political affiliation matters when it's possible to blackmail just about anyone with only the flimsiest of pretenses. This is the kind of thing that kept J. Edgar Hoover in power for so long. Who's the modern-day equivalent (by which I do not mean who is the current FBI director)? Whoever it is, I am pretty sure their position doesn't have term limits.

I don't know of anything to support that he is purposely amassing power, but Chief Justice Roberts, with the sole ability to appoint FISA judges (as well as selecting each of the over 200 members of the committees of the United States Judicial Conference), does have a tremendous individual influence on how the Executive branch is able to act, and how the Legislative branch's laws are interpreted.

The framework for a thrilling bestselling novel exists in this setup; hopefully nothing exists beyond that.
posted by 1367 at 7:11 PM on August 8, 2013 [2 favorites]


How much info is needed to be informed? Exactly how we are conducting intelligence operations? In an open society, that means compromising many of the operations that are working.

For example, if the American people knew of all of the capablilities our foreign intelligence services had, so would the very persons the government is attempting to monitor, rendering the monitoring useless.


In order to be informed about the methods used to police us, we need to know what methods are being used. For example, if your call records, my call records, my grandmother's call records, President Obama's call records, Eliot Spitzer's call records, your pastor's call records, and your lawyer's call records, and Mister Roger's and Ronald Reagan's and Big Bird's call records (if they were alive/real) are all deemed "relevant" to a terrorist investigation for no reason other than that all phone records are now relevant, the body politic would need to know about that in order to actually consent to it.

You can have a secret panopticon without informed consent, or you can have a non-secret panopticon with informed consent. You cannot have both. I would rather live in a just society at risk of attacks than an unjust society shielded by a surveillance regime of unknown efficacy.

Moreover, news reports from the last week suggest that revealing intelligence-gathering methods does not compromise the methods themselves. Mobsters know about phone taps, and we still catch mobsters. Terrorists know about the leaked NSA programs, and, if Saxby Chambliss can be believed, those programs are still giving us ample warning that dozens of our embassies are in danger right this very moment.

Finally, terrorists are criminals. If we are to give them a fair trial — one where they are allowed to see and refute the evidence against them — we will invariably have to reveal the methods that we used to catch them.


Second, what law do you need to know? If you had knowledge of every FISA court decision, how would that help the American people?

All of them. I do not want to live in a country with secret laws. I don't know how to word this any more strongly. There should be no secret law.

The FISA courts are creating a secret body of constitutional law. They are a surrogate Supreme Court, creating case law without adversarial debate, crafting decisions that cannot be appealed. If we do not know the bounds constitutional law, we can not make an informed decision about whether or not to amend or live with the current form of the Constitution.


I knew early on in law school that the government could, with the FISA court's approval, tap a conversation I had with someone overseas. It is in the law. I also knew that the Government didn't need a warrant for a pen register. So, in your opinion, what level of specificity is needed here?

We don't need to know how an atomic bomb works in order to know what it does. A democratic society can make informed decisions about the use of nuclear weapons without knowing the specifics of their design.

Similarly, we don't need the NSA to open-source the codebase that powers PRISM code. But we do need to know what it does.

We don't need to know every phone number for which FISA has granted a warrant to tap. But we do need to know what kinds of case law they are writing. We do need to know what kinds of unconstitutional abuses they have ruled against. And we do need to know what they allow.

Did first-year law school students six months ago know that the government could, with the FISA court's approval, obtain the call records for every single person in the United States without individual suspicion?



Another question is should there be a service where the government could not get the information even with a warrant? How do you stop terrorists, foreign intelligence services and child porn purveyors from completely shielding their communications from judge-approved warrants?

We can rely on the terrorists' family members and associates that walk into US embassies and warn us in advance, as was the case for the underwear bomber and the mastermind of the Mumbai terror attacks. Before the next 9/11 happens, this time we can expect the CIA to tell the FBI that two known terrorist suspects are living in California, renting a house from an FBI informant.

Until they plan to hurt someone, human beings have the right to associate and communicate with one another in any way they see fit. For every terrorist, there are tens of thousands, if not hundreds of thousands of human rights activists across the world for whom such tools are vital.


Finally, what is your idea of the solution to this problem? How is the government supposed to deal with the question of how to execute its national defense duty and balance the 4th Amendment rights for the populace?

Balls-to-the-wall twenty-first century steroidically enhanced Church Commission with extra bonus charity rock concerts weekly on the National Mall. Statutorily mandated lifetime hammer pants dress code for anyone caught breaking the law.
posted by compartment at 7:13 PM on August 8, 2013 [30 favorites]


There's no balance. Protect the Constitution. Everything else is secondary.

Constitutional rights don't work like that. Every question of governmental action vis-a-vis citizens is a question of balance. That's how the courts address it. We have a right to individual liberty of action, right? But can Ted Bundy use that right of liberty to avoid jail, because the Constitution alludes to a liberty interest? No. The government may take his liberty if it follows the rules set out in the Constitution. It must follow due process to put him in prison. Similarly, may the government criminalize certain types of speech? The answer is also yes. Our government and laws do not allow for a person to make or distribute child porn, or to freely share insider information on stock trades. There is a balance.

The same goes here. And the Court long ago ruled that the government asking a phone company for the billing information of phone calls is not a search under the 4th Amendment.

One of the things that really frustrates me is that there is not enough knowledge of the history of these issues--much of the outrage is based on personal assumptions about what the Constitution says, and that these are entirely new questions. They've been grappled with before, and the constitutionality of many of these actions has already been decided. The Wiretap Act was passed 45 years ago. FISA was passed 35 years ago. The decision holding that the government did not need a warrant for a pen register is 34 years old. To approach these questions without learning what has gone before makes figuring out the policy answers way, way harder.
posted by Ironmouth at 7:18 PM on August 8, 2013 [3 favorites]


it doesn't make loads of sense to say you'd rather live in a country that tried to make an honest go of it and failed.

Al Quaeda is not an existential threat. Undermining the Constitution is.

To approach these questions without learning what has gone before makes figuring out the policy answers way, way harder.

W/r/t technology, elders are just old.
posted by ChurchHatesTucker at 7:23 PM on August 8, 2013 [6 favorites]


We don't need to know how an atomic bomb works in order to know what it does. A democratic society can make informed decisions about the use of nuclear weapons without knowing the specifics of their design.

Similarly, we don't need the NSA to open-source the codebase that powers PRISM code. But we do need to know what it does.


This analogy is inapt. Knowing what the A-Bomb can do doesn't provide other countries with the ability to make one. But knowing what PRISM can do ends its effectiveness, because the people it was designed to find information about will take countermeasures.
posted by Ironmouth at 7:24 PM on August 8, 2013


Or they will hold a conference call to discuss their imminent terror attacks anyway.
posted by Drinky Die at 7:25 PM on August 8, 2013 [1 favorite]


Knowing what the A-Bomb can do doesn't provide other countries with the ability to make one.

That's exactly the point. Knowing what PRISM does doesn't allow other countries to make one. Iran, Syria, Russia, China, take your pick.
posted by compartment at 7:28 PM on August 8, 2013


One of the things that really frustrates me is that there is not enough knowledge of the history of these issues

I know. I've seen people get all kinds of facts about these issues breathtakingly wrong. One time someone spent multiple comments arguing that the mass surveillance approval from the FISA courts was a one time thing in response to the Boston bombing attacks even though that was completely false and had no factual basis. One time I saw someone assert with certainty that Snowden would be arrested in Hong Kong because of his violations of American law just days before he left there. Another time I saw someone (hours before asylum was granted) argue over and over that Snowden was going to be denied asylum in Russia because Glenn Greenwald had published additional information after Putin had stated further harming of American interests would not be allowed. People get some crazy ideas about this situation and then go on to act like they are some sort of infalliable authority on the subject so I can really sympathize with your frustration.
posted by Drinky Die at 7:39 PM on August 8, 2013 [32 favorites]


maryr: " Carlos fucking Danger doesn't require an NSA tip."

Indeed. The NSA reserves the tip for the American people.
Just the tip.
posted by symbioid at 7:40 PM on August 8, 2013 [2 favorites]


One time someone spent multiple comments arguing that the mass surveillance approval from the FISA courts was a one time thing in response to the Boston bombing attacks even though that was completely false and had no factual basis. One time I saw someone assert with certainty that Snowden would be arrested in Hong Kong because of his violations of American law just days before he left there. Another time I saw someone (hours before asylum was granted) argue over and over that Snowden was going to be denied asylum in Russia because Glenn Greenwald had published additional information after Putin had stated further harming of American interests would not be allowed. People get some crazy ideas about this situation and then go on to act like they are some sort of infalliable authority on the subject so I can really sympathize with your frustration

There's a difference between guessing what might be happening and taking the time to learn information that is 45 years old and undisputed.
posted by Ironmouth at 7:45 PM on August 8, 2013


You know what? I might be somewhat receptive to some of these things if there was just compensation, or something tangible that worked to my benefit. Like, "here's a tax break or discount on your data plan for letting us occasionally snatch your communications" or "hey, anytime you're in a civil litigation and you need access to some sort of data for evidence, fill out this form..." At least, with certain limits.

In exchange for allowing his goons to check up on your family and keep an eye on your purchases, Henry Ford increased salaries of his workers.

That's right... Henry fucking Ford was a smidgen more honorable than our current industrial overlords. What does that say?

On another note, if this goes the way of the Stasi, and they put it to a vote asking American an international citizens if they wanted the collected data available for personal perusal if you want to know what they had on you, would you vote "Yes"?
posted by Bathtub Bobsled at 7:46 PM on August 8, 2013 [1 favorite]


Ironmouth: "But knowing what PRISM can do ends its effectiveness, because the people it was designed to find information about will take countermeasures."

I dunno, I don't think the voting public are suddenly going to stop using phones and the internet.
posted by mullingitover at 7:47 PM on August 8, 2013 [4 favorites]


Kadin,

The people who hate JavaScript crypto, generally ship no crypto at all. I've worked with Nadim and JS is unquestionaby a challenging environment. But Turing Complete is Turing Complete.
posted by effugas at 7:52 PM on August 8, 2013 [3 favorites]


There's a difference between guessing what might be happening and taking the time to learn information that is 45 years old and undisputed.

It is your choice of framing to assert disagreement with you means ignorance of the cases and not a disagreement with the outcome of those cases and how future cases on these issues should be decided. You have discussed the issue with other lawyers here who disagree with you, you have been given quotes from Supreme Court justices that suggest disagreement on future cases, we clearly have prominent legal groups like the ACLU standing in disagreement. You can not in good faith assert your arguments are undisputed or that you have been here discussing this issue with people who are ignorant of the previous decisions. It's a broken record at this point though, so whatever do your thing.
posted by Drinky Die at 7:52 PM on August 8, 2013 [14 favorites]


Sometimes, though, I wonder, why don't we just call it a fascist dictatorship and be done with it. Everybody pretty much knows the gig. Then we can just smile, admit it, stop lying and pretending to ourselves that our system is built on anything other than the need for the national security state, imperial acquisition of resources and continuous upward redistribution of wealth/return to serfdom.

Once we can just admit it to ourselves, we can at last say "at least it's a nice kind of fascism."

We get hung up on this "liberty" and "freedom" bullshit, then whine and cry about how awful it is that we aren't living up to those ideals. Fuck it I say. Ignore the ideals, Instead, look at how awful it could be. Just rename it to fascism and say "at least we're not as bad as the other historical fascisms. Our fascism is more just and humane than any that came before."

I wouldn't mind if our subject colonies were at least granted citizenship. Of course, that would require citizenship to mean something, like it did in the Roman Empire. These days, it doesn't get you a whole heck of a lot beyond some mealy mouthed vague assurances that "our rights are protected" which of course, is the point - we all know it's just a facade.

So let's get on with it then, shall we? Let us take up the sign of the fasces. Let us bundle our rods and sticks together as a nation and let the One True Party (OTP!) lead us to a glorious future of the nation.

Fuck, you can almost believe in the ideals of fascism. They actually mean it when they say it.
posted by symbioid at 7:52 PM on August 8, 2013 [5 favorites]


One of the things that really frustrates me is that there is not enough knowledge of the history of these issue

To the contrary, I think that knowledge has been extremely present but you have seemed reluctant to engage it. For example, the history of these issues is at odds with your claims that the pen register decision settled the metadata issue. At least one SCOTUS judge is even on the record suggesting otherwise.
posted by anonymisc at 7:52 PM on August 8, 2013 [3 favorites]


This analogy is inapt. Knowing what the A-Bomb can do doesn't provide other countries with the ability to make one. But knowing what PRISM can do ends its effectiveness, because the people it was designed to find information about will take countermeasures.

Ah, see here's where you're severely missing the boat:
1) The "people it was designed to find information about" is every god damn person using the Internet, even casually
2) it's one thing to design a mechanism that requires stealth to be effective. I mean, that's the idea of intelligence gathering. It's another thing entirely when the stealth is required because you are doing something criminal. It's the difference between hiding a wire in a criminal's home and hiding a camera in a toilet that could be used by a criminal and any other citizen taking a shit.

But by all means, continue. With luck, the spooks are pulling this thread and seeing that your position, being a proxy of theirs, is utterly unethical, and maybe will inspire the next Snowden.
posted by Bathtub Bobsled at 7:57 PM on August 8, 2013 [3 favorites]


Did first-year law school students six months ago know that the government could, with the FISA court's approval, obtain the call records for every single person in the United States without individual suspicion?

Yes. Actually, in many places it's a 2L course, but that's beside the point. As Ironmouth mentioned above, this stuff has been on law school CrimPro exams for years. It's hard to take the trash out to the curb or or make a cellphone call without thinking about certain Supreme Court cases.
Metadata isn't just for intelligence work; ask any family law attorney how useful it can be in a nasty divorce case.
posted by Dr. Zira at 8:00 PM on August 8, 2013 [1 favorite]


Dr. Zira, I should have been more clear. What I was wondering is if law students six months ago knew that all call records for all Americans at once met the statutory definition of relevance under section 215 of the Patriot Act.
posted by compartment at 8:04 PM on August 8, 2013 [2 favorites]


If you want to know how unjust regimes are toppled, look at the lengths the USG is going to in order to go after Assange, Manning and Snowden.

They're scared, because what these people have done actually works.
posted by anemone of the state at 8:05 PM on August 8, 2013 [1 favorite]


There is some discussion of what practical changes can be made here.

Essentially a good start might be to end bulk data collection, narrow FISC powers, and add an adversarial role to the proceedings.
posted by delicious-luncheon at 8:14 PM on August 8, 2013 [3 favorites]


They're scared, because what these people have done actually works.

Not trying to be a smart ass, but could you define "works" for me?

Near as I can tell the backlash is little more than a commercial break until the next episode of NCIS or Bing Bang Theory. News media muffles the message and brings us 'round the clock coverage of the British Monarchy's latest slit-shit, and it repeats the next time some skinny computer geek sacrifices the right to walk free in his home country in an effort to show us the men behind the curtain(s).

I'm truly hoping you can show me where I'm wrong on this.
posted by Bathtub Bobsled at 8:21 PM on August 8, 2013 [3 favorites]


Umm, with your word for baby.
posted by Drinky Die at 8:30 PM on August 8, 2013 [3 favorites]




Ironmouth is all caught up on the legality of these issues, and seems to be unaware that one of the things we as Americans can do is change the law.

We have the right to be upset about this even if it is technically legal, and seek a change in the law to make it illegal.
posted by empath at 8:35 PM on August 8, 2013 [11 favorites]


Well, we can change the law, so long as the people in question show themselves to care about the law.
posted by CrystalDave at 8:40 PM on August 8, 2013 [1 favorite]


Because information only needs to flow one way: Apple patents tech to let cops switch off iPhone video, camera and wi-fi
posted by Joe in Australia at 8:40 PM on August 8, 2013 [8 favorites]


You have a choice. You can live in a safe totalitarian state, or you can live in an unsafe democracy. It really is that simple; except that you don't have a choice.
posted by I-Write-Essays at 8:44 PM on August 8, 2013




I'm very surprised that an NSA tech isn't using vanilla GPG.

I am tempted to put this down to another Wikileaks counter ops victory. First was the Amazon server fail. The most spectactular was the downing of the Bolivian Presidents plane. The US Gov is digging itself a big hole* and Wikileaks is making sure the cover is repeatedly removed so we can see how deep it gets.

*For your own safety!
posted by bigZLiLk at 9:28 PM on August 8, 2013




You can live in a safe totalitarian state

But you're not safe in a totalitarian state.
posted by empath at 9:35 PM on August 8, 2013 [2 favorites]


Honest question for you Ironmouth: Do you think FISA court judges are allowed to see the evidence that the intelligence apparatus feels justifies the surveillance they are being asked to authorize?

I can accept that some secrets can't be fully public. There have always been Black Ops and such. But even then, there were checks and balances, e.g. congressional committees who had the clearance to review or at least be informed of the actions of the executive, and the intelligence apparatus it ostensibly oversees, with respect to national security.

But even that has changed. Now we have pseudo courts that are meant to give the appearance of oversight except that the executive won't tell even that shell of a system what it is they're overseeing.

The American legal system has been bringing down gangsters, prohibitionists, drug lords, mafia, corrupt politicians, and yes, terrorists, for a very long time, all through open court and an independent judiciary. Amazingly, gangs keep trying to to business and keep getting arrested. So I call bullshit on the notion that trying enemies of the state in open court would make it impossible for us to catch them. The state will always have enemies. They will always think they're smarter than the Feds. That is a strawman; a pitiful self-justification for the unchecked concentration of power.
posted by dry white toast at 9:36 PM on August 8, 2013 [2 favorites]


Empath> But you're not safe in a totalitarian state.

The safest place is 6 feet under ground.
posted by I-Write-Essays at 9:46 PM on August 8, 2013


Consensus elsewhere on the 'net has seemed to be favoring CounterMail as a more-or-less drop-in replacement for Lavabit. I know very little about them.

They claim to get around the huge MITM weakness of browser encryption by sending you a USB stick with the client software (a Java applet, not JavaScript) on it. They also do some additional encrypted tunneling between the client and server, inside and in addition to HTTPS/SSL, but I think that's arguably theatrics. The really important part is that they have a sidechannel to provide you the client software other than the browser, hopefully well in advance of when you start being of interest to the NSA or whomever.

Unfortunately they still offer a braindead all-browser system, which I think offers a pretty false sense of security to the kind of people who feel they need such a service in the first place, but at least they offer an option that seems to be resistant to the MITM problem.
posted by Kadin2048 at 9:51 PM on August 8, 2013 [1 favorite]


I wish being a prohibitionist was illegal. :P
posted by Drinky Die at 9:52 PM on August 8, 2013 [2 favorites]


This analogy is inapt. Knowing what the A-Bomb can do doesn't provide other countries with the ability to make one. But knowing what PRISM can do ends its effectiveness, because the people it was designed to find information about will take countermeasures.

I find this so disingenuous. What: One million people in the US have access to many of these secret documents? Snowden is such a singular superhero that he acquired documents that China with all its vast resources could not? It’s just nonsense.

While I'm firmly in the non-secret-panopticon camp myself, I have no problem understanding how reasonable people could disagree. The nature of the technology certainly seems to push towards the poles of either voracious indexing and concomitant abuse or the creation of new and dangerous untappable channels. But any hope of a good regime must at least be based on knowledge. This star-chambered, opaque information kleptocracy is foolish and evil.
posted by ~ at 9:52 PM on August 8, 2013 [3 favorites]


Because information only needs to flow one way: Apple patents tech to let cops switch off iPhone video, camera and wi-fi

The patent was filed in 2008. If they were going to implement it, they probably would have by now.
posted by empath at 10:11 PM on August 8, 2013 [3 favorites]


Apparently there is literally nothing that is not Obama's fault. Right and left seem to share in this obsession, to the extent that we can hardly have a single headline go by without immediately having to relate it directly to Obama and every other event that has occurred during his presidency.

Frankly, it's a matter of feeling lied to. One doesn't have to have been an Obamabot in 2008 to feel utterly disillusioned by the events happening under his administration, in stark contrast to the rhetoric that was presented.
posted by Apocryphon at 10:46 PM on August 8, 2013 [4 favorites]


Frankly, it's a matter of feeling lied to

Understandable, he has been disappointing. However, we should move on and accept what he is, which isn't all bad, and better than Romney.
posted by Brandon Blatcher at 10:50 PM on August 8, 2013


That seems like a strawman. And at least the previous administration was honest about its dishonesty.
posted by Apocryphon at 11:04 PM on August 8, 2013 [1 favorite]


You have a choice. You can live in a safe totalitarian state, or you can live in an unsafe democracy.

And two more choices are living in an unsafe totalitarian state and living in a safe democracy. Very good.

The "danger versus submission" choice you present is an entirely false dichotomy; it's a framing which is pushed by people who want you to choose submission, who tell you that they will keep you safe if only you give up a few more rights, a little more dignity. There are two problems with it: one is that giving up your rights does not generally make you any safer; the other is that becoming safer does not require you to give up your rights.

There's little if any evidence that what the NSA is doing with PRISM and related programs is making any of us safer. "Evidence", by the way, means something other than vague handwavy statements from an organization that's shown itself perfectly willing to lie under oath in order to keep its programs/budgets.
posted by hattifattener at 11:20 PM on August 8, 2013 [5 favorites]


Frankly, it's a matter of feeling lied to

Understandable, since he allows his subordinates to lie under oath without repercussion.
posted by Drinky Die at 11:25 PM on August 8, 2013 [2 favorites]


Understandable, he has been disappointing. However, we should move on and accept what he is, which isn't all bad, and better than Romney.

Overseeing the implementation of an out of control surveillance state is pretty bad, though I'm sure that Romney, McCain, or Hillary would have done the same thing.
posted by empath at 11:33 PM on August 8, 2013 [2 favorites]


spacewrench:
Please don't make statements like this. The article you linked explains that an ECC-based random number generator designed / championed by the NSA appears to have a backdoor. That means that, if you use that random number generator, someone at the NSA might be able to guess the random numbers you picked (or, at least, might have a better chance at guessing them).

That is certainly a reason not to use that particular random number generator, but it doesn't appear that Elliptic Curve Cryptography (ECC) is entirely broken; just that this particular RNG might be.

(I vaguely remember hearing about some ECC news coming out of the recent Defcon, but I haven't chased it up yet. However, the link you posted seems to be information from 2007.)"


teraflop:
No, ECC was invented independently at IBM and the University of Washington. That article is talking about a random number generator based on elliptic curves, which nobody actually uses because it's slow and blatantly backdoored. ECC is currently believed to be extremely secure, and there's no need to discourage people from using it by scaremongering.


The RNG is the security of the encryption. If you break the RNG you break the encryption, if you compromise the RNG, you compromise the encryption. Of course the NSA would be OK with usage of an algorithm that the NSA has compromising information for. The asymmetric nature of the algorithm means that nobody else is likely to independently find the key. Mathematicians found proof that said key will exist, but no proof of what that key was. That the NSA are OK with the algorithm as they published it being used for their own secrets is no different than my being OK with GPG messages being encrypted to my public key (I've had it on my profile for a while now). And as Schneier mentions, a new key could be used for a given implementation of the algorithm - but would you trust the one who implements the algorithm for you more than you trust the NSA? Because the nature of the algorithm is that this number used in establishing the parameters compromises it.

I don't know what your respective backgrounds are with cryptography, but Schneier, (the author of the article I linked) is enough of a legend in the field that it is even a meme. I would like a citation that these concerns are "scaremongering". Preferably a retraction from Schneier himself.
posted by idiopath at 11:35 PM on August 8, 2013 [2 favorites]


Overseeing the implementation of an out of control surveillance state is pretty bad, though I'm sure that Romney, McCain, or Hillary would have done the same thing.

Obama has been disappointing, but I think Romney would have been much worse.
posted by homunculus at 11:42 PM on August 8, 2013 [1 favorite]


On this specific issue, I can't see him being any better or worse.
posted by Drinky Die at 11:43 PM on August 8, 2013 [1 favorite]


Another note I should have mentioned. In cryptography you don't fuck around. Experimenting with cryptography is OK, but implementing it for production is a situation where you fuck one goat and you are a goat fucker forever. Meaning that you only deploy a solution for production that is vouched for and tested and has a real standing pedigree of being sound. And you strictly implement a known standard method. And ECC based on the NSA / ANSI recommendation, has been found to definitively not be sound, if you don't trust the NSA.

Someone could in the future come up with a competing ECC standard implementation, but it would not be worth actually using until it has a history of challenges and analysis under its belt.
posted by idiopath at 11:48 PM on August 8, 2013


The RNG is the security of the encryption. If you break the RNG you break the encryption, if you compromise the RNG, you compromise the encryption.

The method of encryption and the random-number generator are different things. You can use elliptic-curve cryptography without using the RNG that people think might be backdoored.
posted by one more dead town's last parade at 11:55 PM on August 8, 2013 [4 favorites]


Thank you for that clarification.
posted by idiopath at 12:00 AM on August 9, 2013


empath: “Understandable, he has been disappointing. However, we should move on and accept what he is, which isn't all bad, and better than Romney.

Overseeing the implementation of an out of control surveillance state is pretty bad, though I'm sure that Romney, McCain, or Hillary would have done the same thing.”
Precisely. Because, as I've said, I don't think any elected official is meaningfully in charge of the security apparatus of the United States anymore.
posted by ob1quixote at 12:05 AM on August 9, 2013 [1 favorite]




Taken together, the closures signal that e-mails, even if they are encrypted, can be accessed by government authorities and that the only way to prevent turning over the data is to obliterate the servers that the data sits on.
-- NYT: Two Providers of Secure E-Mail Shut Down

There are two sad lessons to learn from the (potentially temporary) demise of Lavabit.

First, communications service providers are at a severe disadvantage when it comes to resisting even abusive or overbroad government surveillance demands. [...]

Second, the fact that neither Americans nor foreigners trust the U.S. government and its NSA anymore puts the U.S. communications companies at a severe competitive disadvantage.

--Jennifer Granick: Give Me Complicity or Give Me Death: Lavabit Chooses Death

Moving forward, we need more transparency so the public can know and understand what led to a ten-year-old business closing its doors and a new start-up abandoning a business opportunity.
--EFF: Lavabit Encrypted Email Service Shuts Down, Can’t Say Why
posted by KatlaDragon at 3:23 AM on August 9, 2013 [1 favorite]


Has anyone tried SecureGmail? Is it any good?

It's Chrome & Gmail only, but...
posted by sodium lights the horizon at 5:08 AM on August 9, 2013


I've set up my own mail server with encrypted storage about a month ago. It was much easier than I had anticipated; it's a difficulty level somewhere close to hosting your own WordPress installation, i.e. something that lots of people will be able to do and to provide as a service to people in their social circle.
posted by dhoe at 5:14 AM on August 9, 2013


Idiopath, I was also curious about the encryption of Lavabit recently. So I emailed them and they responded with the following email:

Good question. The Dual_EC_DRBG is not an encryption method. Rather, it's designed as a pseudorandom number generator that uses some components of Elliptic Curve cryptography. We do not use Dual_EC_DRBG in any way. We use the standard random and psueudorandom number generators on Linux systems, /dev/random and /dev/urandom, which do not use Dual_EC_DRBG. See http://en.wikipedia.org/wiki//dev/random for details.

Our system uses pretty bog-standard Elliptic Curve crypto for securing encrypted messages. See http://en.wikipedia.org/wiki/Elliptic_curve_cryptography for details about ECC in general. We prefer ECC over other common methods like RSA because ECC is much more efficient, are faster, and can offer comparable security with much smaller key lengths (according to http://www.keylength.com/en/4/, one would need a 15,360-bit RSA key to have 256-bits of security while an ECC key would only need 512 bits. We use a 571-bit ECC key.)

In short, according to major cryptographers and experts ECC is secure when used properly. Dual_EC_DRBG is shady and probably intentionally compromised as a PRNG, and we don't use it.


Where things get somewhat curious is I also stumbled across a conversation about the Linux kernel mailing list on Cryptome where there was a discussion about Intel offering a kernel patch around random number generation. It seems unlikely that there has been any intentional manipulation of the native Linux random number generator as it's used for so many things with presumably a large enough security auditing community to be aware of such changes.
posted by a womble is an active kind of sloth at 5:28 AM on August 9, 2013 [1 favorite]


I've set up my own mail server with encrypted storage about a month ago.

Do you have physical control of it? If not, it doesn't really matter. Also, if you're not a security expert and aren't patching it regularly, still not much more secure than a gmail server.
posted by empath at 5:30 AM on August 9, 2013


Yes, I have physical control. And it's easily more secure than something that hands over my email on request - the cost to get to my mail is higher. I'm doing this mostly to see if it can be done, as I was under the impression that modern mail infrastructure makes life hard for independent providers; and I don't have that impression so far. Incoming mail is encrypted with a public key, and decrypted only on the client; Android clients using GPG exist, there's no inconvenience from this for me.
posted by dhoe at 5:48 AM on August 9, 2013 [1 favorite]


Greenwald: What is particularly creepy about the Lavabit self-shutdown is that the company is gagged by law even from discussing the legal challenges it has mounted and the court proceeding it has engaged. In other words, the American owner of the company believes his Constitutional rights and those of his customers are being violated by the US Government, but he is not allowed to talk about it.
In other news
Welcome to post constitution America
posted by adamvasco at 5:52 AM on August 9, 2013 [13 favorites]


Welcome to post constitution America

I said pretty soon after the insurgency in Iraq got going that we are not going to want to have an army capable of putting down an insurgency, because as soon as they're not needed overseas, they're going to bring that technology home.
posted by empath at 6:13 AM on August 9, 2013 [2 favorites]




Adam Curtis on his BBC blog:

The recent revelations by the whistleblower Edward Snowden were fascinating. But they - and all the reactions to them - had one enormous assumption at their heart.

That the spies know what they are doing.


When the governernment publicizes a terrorist threat like last week my current assumption is the probablility is 99.9 % that they are totally wrong.
posted by bukvich at 6:51 AM on August 9, 2013 [4 favorites]


I preface this question with the acknowledgement that I know little to nothing about encryption and security other than being paranoid. I happen to believe that the "if you have nothing to hide then" is bs. We all have everything to hide no matter how mundane it is The government has no business accessing or having the ability to access any of my communications.

Here is what I don't get. Both Lavabit and Silent Circle shut down to avoid having to either actually or potentially provide data to the USG. But, if everything on their server is encypted and the folks with the keys are the end users, what exactly are they avoiding turning over? If the email account is encypted, how will turning over the encrypted data do harm unless you assume the USG can break the encryption? And if they can break the encryption, the encryption isn't doing much in the first place is it? I am missing something fundamental here right?
posted by JohnnyGunn at 7:19 AM on August 9, 2013


When the governernment publicizes a terrorist threat like last week my current assumption is the probablility is 99.9 % that they are totally wrong.

My assumption when I hear of a massive worldwide threat with no specifics, and where everyone publicly speaking in favour of the threat level announcement uses the same talking points about "listening to chatter" is that the real point is to build support for a surveillance society by increasing fear.
posted by chapps at 7:35 AM on August 9, 2013 [6 favorites]


Here's lavabit's old explanation of their crypto.

I'd like to self-host this on my own owned box in a colo. It can still get search-warranted and seized and snooped at the ISP boundary, sure but those attacks can be mitigated to some degree. It seems not vulnerable to an NSL as I understand it because the operator who would be served the NSL would be the same as the target (i.e. me) so not so secret.

I'll probably end up with postfix/dovedot and enigmail.
posted by Skorgu at 7:46 AM on August 9, 2013


Slightly off-topic, but considering the unsurprising revelation that the NSA is sifting everyone's mail for keywords and noting the results, if everyone just started using a signature that had every keyword in it with a disclaimer "This email contains no terrorists threats, talk of bombings, anything about Snowden, blowing up the NSA, Al-Queda, jihads, stealing nuclear material, killing, death, guns, weapons manufacture, 9-11, nukes, dirty bombs, beating airport security, etc....." could we overwhelm them with false positives and render the whole thing useless? You'd have to get a lot of people to do it, but a lot of people think our government has turned into an insane, yowling junkyard dog at this point, so maybe. Or would that be a simple workaround for our cagey spook overlords?

I would love if their own snoopiness drowned them in bullshit. Turnabout, fair play, all that.
posted by umberto at 7:55 AM on August 9, 2013 [4 favorites]


Finally, terrorists are criminals. If we are to give them a fair trial

snicker
posted by Slothrup at 7:58 AM on August 9, 2013 [1 favorite]


What exactly is the NSA protecting, and from whom?

Increasingly it appears their function is to protect the Government from its citizens, because really what evidence is there of citizens or non-citizens with both the means and opportunity to kill Americans in any great number?

I believe the events in Iran, and later Egypt etc. scared the Government into believing their very existence is more fragile than previously believed.
posted by cell divide at 8:04 AM on August 9, 2013 [3 favorites]


That seems like a strawman. And at least the previous administration was honest about its dishonesty.

No it wasn't! It denied it to the bitter end, even when its lies were completely obvious to the rest of the world.

Are you forgetting it took years before the previous admin even admitted to having set up a secret prison system and acknowledged the existence of all the detainees in Guantanamo and scattered elsewhere around the world? We didn't even know we had been secretly rounding up Muslims without trial in Afghanistan and elsewhere through extraordinary rendition and putting them into secret prisons until years later, and initially, the Bush/Cheney administration completely denied the existence of the secret prison system! These secrets all began then--it's only the continuation of parts of these programs the Bush admin established, which congress and apparently the admin, too, came to view as "routine"--that the current admin really deserves some share of blame for.
posted by saulgoodman at 8:10 AM on August 9, 2013 [1 favorite]


Might have something to do with this:
Search warrant
posted by zabuni at 8:11 AM on August 9, 2013


While I don't particularly trust Mega, it's worthwhile to note that Kim Dotcom has promised he has the "solution" - coming in 2014.
posted by antonymous at 8:21 AM on August 9, 2013


Here is what I don't get. Both Lavabit and Silent Circle shut down to avoid having to either actually or potentially provide data to the USG. But, if everything on their server is encypted and the folks with the keys are the end users, what exactly are they avoiding turning over?

A good question. If Lavabit/Silent Circle didn't shut down, they would have been obligated to install snooping boxes/code on their system, thereby getting emails and passwords as users logged in.
posted by anemone of the state at 8:46 AM on August 9, 2013 [2 favorites]




The recent revelations by the whistleblower Edward Snowden were fascinating. But they - and all the reactions to them - had one enormous assumption at their heart.

That the spies know what they are doing.


I am struck by how the paranoia of MI5 is shown to interfere with them doing their job well as least as often as it's actually an asset. It makes me wonder if it's actually possible to have a spy agency that doesn't get caught up in paranoia or if the nature of the job makes that essentially impossible.
posted by mstokes650 at 9:34 AM on August 9, 2013


anemone of the state: "Here is what I don't get. Both Lavabit and Silent Circle shut down to avoid having to either actually or potentially provide data to the USG. But, if everything on their server is encypted and the folks with the keys are the end users, what exactly are they avoiding turning over?

A good question. If Lavabit/Silent Circle didn't shut down, they would have been obligated to install snooping boxes/code on their system, thereby getting emails and passwords as users logged in.
"

So it is not so much the old data stored on the server as much as new emails where the encyption key may be compromised?
posted by JohnnyGunn at 9:36 AM on August 9, 2013


I have to get back to the Occlumency lessons.
posted by chapps at 9:38 AM on August 9, 2013


So it is not so much the old data stored on the server as much as new emails where the encyption key may be compromised?

Correct, although Silent Circle is apparently cautious enough to go to extra lengths.
posted by ChurchHatesTucker at 10:10 AM on August 9, 2013


Ironmouth: "But knowing what PRISM can do ends its effectiveness, because the people it was designed to find information about will take countermeasures."

I dunno, I don't think the voting public are suddenly going to stop using phones and the internet.


We're not talking about them. The NSA's job is to look at foreign powers and terrorists. It can look at content going to a country or out of a country. It uses the numbers from the database when it finds something in the in going or outgoing traffic to one of those numbers.
posted by Ironmouth at 10:29 AM on August 9, 2013


We're not talking about them.

Actually...
posted by ChurchHatesTucker at 11:01 AM on August 9, 2013 [4 favorites]






New thread.
posted by homunculus at 2:03 PM on August 9, 2013


Same old homunculus!
posted by Brandon Blatcher at 2:05 PM on August 9, 2013 [1 favorite]


Consistency is the homunculus of great minds. Or something like that.
posted by homunculus at 2:33 PM on August 9, 2013 [4 favorites]


There are several different attacks the NSA might request, JohnnyGunn and ChurchHatesTucker, most gain access to all old emails by compromising the end user's password or session.

Imagine the NSA asked to install some anonymous box chez Lavabit, like they the feds did with XMission, well alternatively they'd make Lavabit changing their code which definitely compromises old emails. You cannot know if that box is merely sniffing the incoming SMTP traffic, employing a man-in-the-middle attack against user's sessions, or pushing malicious javascript that steals the user's password.

There is simply no way to securely deliver javascript to browsers because the certificate authorities are compromised by the NSA. You might imagine many police states aside from the U.S. never compromised a certificate authority, but recall..

"Everybody that I've taught anything other than Tor to is in jail." (previously)

Is that quote saying Iran compromised a certificate authority? Not necessarily, Tor addresses traffic analysis, maybe that's what matters most when your government imprisons for mere association.
posted by jeffburdges at 2:36 AM on August 10, 2013


I'll clarify slightly : GnuPG should remain unbreakable, even for the NSA. At present I believe the recommended key size is 2048 bits, certainly 1024 bits is considered unsafe, but just use 4096 bits if your worried, the email is slow enough that you'll never noticed the extra computational time.

If you post your public key to the keyserver then anyone can send you encrypted email through gmail or whatever. In cryptographic strength terms, you're infinitely better off doing this rather than trusting companies like Lavabit. Yet, the NSA still knows with whom you correspond.

Lavabit and Silent Circle encrypted all the email they received, so that only your private key could read it, and provided a browser based decryption too. As I said, this part sucks because (a) any javascript based crypto like this suffers from the inherent insecurity of the certificate authorities and (b) an attacker could easily sniff the unencrypted incoming SMTP connections. So (a) buys them the user friendliness of a web service while (b) buys you the user friendliness of your email buddies not needing to do anything different GnuPG.

We maybe need offline mail clients that auto-encrypt whenever they find GnuPG keys in the keyserver. I suppose that, if an attacker hasn't logged all the incoming SMTP connections, services like Lavabit provide slightly more resistance to traffic analysis than GnuPG, but one might achieve similar effects by using foreign providers like maybe web.de.
posted by jeffburdges at 6:47 AM on August 10, 2013 [1 favorite]


I haven't looked at GPG in years, but this thread inspired me to check in on it and I found that the GPG tools suite now has a native Mail.app plugin for OSX. Got it up and running in a matter of minutes and it's fairly painless to use.
posted by jquinby at 9:08 AM on August 10, 2013


I've minor contributions to their GPGServices program, well I updated it and briefly maintained it when Lion came out. It works well enough but flaky bits still existed as of 1.5 years ago. Almost all offline mail readers should've GnuPG plugins by now, but usually they're not quite user friendly enough, like they don't automatically check the keyserver.
posted by jeffburdges at 10:05 AM on August 10, 2013




@sodium lights the horizon asks:
Has anyone tried SecureGmail? Is it any good?

It's Chrome & Gmail only, but...
All someone who wants to snoop on your email would have to do is persuade Streak.com to serve you an update for the SecureGmail extension that allows them to snoop. Plus, SecureGmail uses javascript for encryption, which may have other security issues.
posted by gregor-e at 5:05 PM on August 10, 2013










Is that quote saying Iran compromised a certificate authority?

Iran -- or rather, hackers using Iranian IP addresses, which is not quite the same thing as "Iran" but close enough -- absolutely did compromise a certificate authority. Back in 2011, a number of certs were obtained from Comodo "for mail.google.com, www.google.com, login.yahoo.com, login.skype.com, addons.mozilla.org and login.live.com."

Just the list of domains requested makes it pretty clear that the attacker was interested in snooping on communications. The attack went undiscovered for at least two months before anyone noticed.

The SSL/X.509 PKI system is terribly, horribly, probably irretrievably broken.

At least as of right now, if you are worried about government-level or even APT-level (aka Chinese "hacker army") level threats, you can't trust SSL/TLS in anything approaching the default configurations of most OSes and browsers. This isn't because there's some underlying problem in the crypto -- I'm not assuming that the NSA is using quantum computers to break keys, etc. -- but just because of the way trust is handled, and in particular about how a compromise to a CA results in a silent failure of security to all users who have that CA marked as trusted, up until they (or a software update) removes that CA from their trusted root list.

The only current "fix" for SSL/TLS is to delete all the Certificate Authorities from both your OS and browser, and only load into those lists Certificate Authority certs produced by your own organization, distributed (or at least fingerprint-verified) using an out-of-band mechanism. To my knowledge, nobody is currently doing anything* like that.

* The DoD is the closest that I'm aware of. They have their own CA certificates that anyone wanting to exchange secure email or view DoD sites over HTTPS has to download and mark as trusted in their OS or browser. But it's imperfect because there's no OOB method for verifying that you have an uncompromised certificate. Presumably they don't bother because in their eyes, the public internet isn't worthy of the effort when you have the SIPRNet instead. And really, given that their recent problems have almost all stemmed from human rather than technical failures, it's probably not where they need to be spending their time...
posted by Kadin2048 at 1:37 PM on August 14, 2013 [5 favorites]


MIT's Muriel Médard has shown a systematic error in strength estimates for many cyphers, but obviously you should still encrypt your communications.
posted by jeffburdges at 7:08 AM on August 16, 2013


Lavabit's owner threatened with arrest multiple times.
posted by urbanwhaleshark at 12:02 PM on August 16, 2013


Google: Gmail users shouldn't expect email privacy.

Yes, Gmail users have an expectation of privacy
posted by homunculus at 12:52 PM on August 16, 2013


Wow. In light of the Lavabit shutdown, Groklaw is closing its doors.
I'm just an ordinary person. But I really know, after all my research and some serious thinking things through, that I can't stay online personally without losing my humanness, now that I know that ensuring privacy online is impossible.
posted by teraflop at 3:18 AM on August 20, 2013




Related thread on GrokLaw shut down in wake of Lavabit closure.
posted by jeffburdges at 7:56 AM on August 20, 2013




Ironmouth: "How much information is needed? Because you bump up against the problem of disclosing too much to make any decision meaningful--you end up destroying the very programs you are deciding on. This isn't a new problem, either. In the Continental Congress, they hid the names and details in hearings, just as they do now."

It has long been suspected/known that the NSA engages in a vast amount of electronic eavesdropping. Disclosing the extent to which it happens and how many people's data in the system is domestic vs. foreign isn't going to change anything except NSA's susceptibility to oversight one iota. But yes, I suppose if you define compromising NSA's methods as not getting to do exactly as they please and lie about it, even when they break the law, you are correct.

If, like the rest of us, compromising NSA's methods involves measurably decreasing their ability to take on the legal and authorized activities they are supposed to be engaged in, you sound pretty much full of shit. Nobody is asking them to release heretofore unknown attacks on commercial crypto. Nobody is asking them to disclose exactly what information they are receiving from their spying. What we want to know is how many Americans have been spied, what of our data are they collecting, what of our data do they still hold "just in case," when did it start, and who authorized it.

The NSA cannot legitimately hold my data, so in what way is it damaging to their authorized activities to disclose the extent of their unauthorized activities. Oh, right, it's not, because one is something they're supposed to do and the other shit is a power grab.
posted by wierdo at 1:52 PM on August 22, 2013 [1 favorite]


(Yes, that's a late reply, but I think Ironmouth's comment bears some rebuttal even at this late date)
posted by wierdo at 1:53 PM on August 22, 2013


I wonder if the U.S. government had any hand in this?
PayPal Freezes MailPile's Account
posted by jeffburdges at 1:37 AM on September 8, 2013


Nah. PayPal does that to everyone and have for years and years. They're just dicks.
posted by sparkletone at 9:09 AM on September 8, 2013


« Older I’m pretty sure I’ve read this book before, but...   |   Talking at the Movies, Cultural Hegemony, and... Newer »


This thread has been archived and is closed to new comments