
Lavabit founder turned over the private SSL keys as an 11 page printout - lukashed
http://thenextweb.com/us/2013/10/03/you-wont-believe-what-email-provider-lavabit-did-to-avoid-giving-the-us-government-its-data/
======
speeq
"At approximately 1:30p.m. eDT on August 2, 2013, Mr. Levison gave the FBI a
printout of what he represented to be the encryption keys needed to operate
the penregister. This printout, in what appears to be 4-point type, consists
of 11 pages of largely illegible characters.

Moreover, each of the five encryption keys contains 512 individual characters
- or a total of 2560 characters. To make use of these keys, the FBI would have
to manually input all 2560 characters, and one incorrect keystroke in this
laborious process would render the FBI collection system incapable of
collecting decrypted data."

~~~
Terretta
> _To make use of these keys, the FBI would have to manually input all 2560
> characters..._

My reaction to that was "oh boo hoo".

When people my age were kids (get off my lawn) we used to type pages of raw
hexadecimal from the back of magazines into a machine prompt. We didn't cry
about it, we were just careful.

I can't find a hexadecimal example at the moment, but look at some of these
TRS-80 programs (pp. 110-111, 143) which have multiple pages of data/digits to
transcribe:

[http://archive.org/stream/80-programs-for-the-
trs-80-1979jim...](http://archive.org/stream/80-programs-for-the-
trs-80-1979jim-
perrypdf/80programsforthetrs-801979jimperrypdf#page/n81/mode/2up)

Btw, the originals were often bad photocopies. So maybe not 4 point font, but
certainly ambiguity in some bits.

~~~
16s
And also... C64 programs. They were manually typed in by 10 year old kids. The
programs were printed in the computer magazines (early 80s) that dealt
specifically with C64's. These programs were far more than 2560 characters (in
some cases).

If young, interested kids can do it, I'd hope that a nation state could figure
it out.

Link:
[http://upload.wikimedia.org/wikipedia/en/a/a5/ComputesGazett...](http://upload.wikimedia.org/wikipedia/en/a/a5/ComputesGazetteProgramPage.jpg)

~~~
Bill_Dimm
Yep, I did that when I was a teenager -- entered the machine code for an
entire word processor for the C64 called SpeedScript. The good old days ;-)

~~~
bsenftner
Yep, I remember doing that with an Apple II back in '79 to get a simple lunar
lander game. The process took more than a day, with two friends to help double
check the values as we copied everything over. When it ran, and worked, we
thought we were gods!

------
mseebach
This is what happens when you try to "hack" the legal system as if it was a
simple, deterministic computer program (it comes up here frequently as the
"FBI wasn't here"-sign-in-library hack).

When a judge orders you to do something, you have to comply with the substance
of the order, not evade it by sort-of _technically_ complying while actually
avoiding it.

I have all the respect in the world for Levison, he did the right thing and it
takes guts. But trying to "hack" a judge's order is just silly.

~~~
rjknight
I disagree. If the judge wanted an electronic copy then he or she could ask
for that, which is indeed what the judge later did. Levison would have known
that his initial 'compliance' wouldn't make the problem go away, but it did
buy him some time while the judge figured out what to do next (or the FBI
figured out that they needed to be more precise in what they were asking for).
He didn't refuse to comply at any point - he complied with the original
request, at which point the judge gave him fresh instructions and ordered him
to comply with those or face a fine.

Consider it from another perspective - people often request data from
governments or large corporations and, when ordered or pressured into
providing it they often do so in the least helpful format available. They are
rarely punished for this because the law doesn't really have a position on
whether CSV is a better document format than PDFs of scanned printouts, or
whether a 50-page printout is more useful than a CD-ROM or USB stick. Why
should the rules be any different for someone like Levison?

~~~
gedrap
>>He didn't refuse to comply at any point - he complied with the original
request

Just like the parent said, while he kind of technically complied. But, again,
it's more than obvious to everyone that it's not what was expected/demanded
from him.

>>Why should the rules be any different for someone like Levison?

Because it's related to Snowden. Again, it's quite obvious to everyone, that
it's a hot issue and the government might go far to solve it.

Like it was said above, while I really support and respect Levison, it's not
something you should be trying to fool - it's not a computer program...

~~~
rjknight
_Just like the parent said, while he kind of technically complied. But, again,
it 's more than obvious to everyone that it's not what was expected/demanded
from him._

No, it really isn't. This is precisely why interactions between the law and
technology are often quite confusing, because there's a mismatch between what
the law says and the technological reality. It wasn't obvious what the law was
demanding of him because such demands are rare and judges haven't figured out
a boilerplate form of words to ask for the surrender of PGP keys or SSL
certificates in particular file formats yet, and so they ask in general terms
for 'encryption keys', leaving much open to interpretation. The existence of
such ambiguities is why lawyers earn as much money as they do.

Levison wasn't 'fooling' the law at any point - he complied with the request
as presented to him. The FBI wasn't happy with that response and went back to
the judge for a more tightly-worded request, backed up by a threat of fines.
At no point was the legal process subverted, 'hacked' or 'fooled'.

My point is that _this is how the law works_. If a judge wants you to do
something then it is incumbent upon the judge to specify clearly what that is.
You can't _refuse_ without facing legal sanctions, but if the judge is vague
or imprecise then you have at least some freedom to interpret the judge's
instructions yourself. As I said earlier, corporate and government lawyers are
experts in finding the most favourable interpretation of judicial rulings for
their clients, and many legal cases revolve around reaching an interpretation
of the law that is unambiguous enough to be enforceable.

 _Because it 's related to Snowden. Again, it's quite obvious to everyone,
that it's a hot issue and the government might go far to solve it.

Like it was said above, while I really support and respect Levison, it's not
something you should be trying to fool - it's not a computer program..._

What are you trying to say here? Sure, the government cares a lot about this
case. But the judiciary and the government are not the same thing, and the
law, as a matter of principle, is meant to apply equally in all cases. There
are no special cases where the law should be applied differently because the
case has the attention of senior government officials. You might say that I am
being somewhat naive in that belief, but I think that most judges would agree
that their role is as neutral arbiters of the law, not agents of the
government of the day.

There is absolutely no sense in which it's possible to describe Levison's
actions as incorrect. You can believe that he should have surrendered the keys
in electronic format immediately, despite not being asked to do so, or you
believe that he should have refused point blank to disclose them and thus
disobey the judicial order, but those options are variously immoral or
illegal, and the action of providing the printed copies of the keys was
neither.

------
jloughry
THE POLICE HAVE REQUESTED ALL FILES UNDER DIRECTORY TITLE RAND.

"Dump it for them at 300 baud."

"Art! Are you sure?"

"We cleaned Rand's directory first thing. Took out everything not routine,
then we added a few files. Old engineering catalogs. Maintenance schedules.
Ratings of TV shows. Makes a pretty big file---" MILLIE, what is the total
stored in Rand's directory?

23,567,892 BYTES

"Good Lord. Art, that will take hours to print out---"

"Yeah, that gives the cops a hobby." [1]

[1] Larry Niven and Jerry Pournelle. Oath of Fealty. New York: Pocket Books,
1981. ISBN 0-671-82802-9, pp. 287--8.

------
rdl
The irony would be using the same software/format for this as was used to
export the PGP Source Code legally in the 1900s.

~~~
Osmium
What format was that? Edit: Thanks!

~~~
rdl
[http://www.amazon.com/PGP-Internals-Philip-R-
Zimmermann/dp/0...](http://www.amazon.com/PGP-Internals-Philip-R-
Zimmermann/dp/0262240394)

[http://www.pgpi.org/pgpi/project/scanning/](http://www.pgpi.org/pgpi/project/scanning/)

------
rdl
I really don't get why dude didn't respond to the requests for information
with a totally straightfaced, and factual, "we do not have the technical
capability to recover messages for a user using the encryption software". Not
"we could possibly defeat our own system, but we don't want to." Just the "we
do not have the technical capability to do that, but we're happy to turn over
any other information which we can provide, pursuant to lawful order or
warrant." Be polite, totally responsive, completely honest, but don't go into
the "yes, we could possibly build something which would possibly do what you
want, but we don't want to."

~~~
jasonkeene
You don't get it. Emails were encrypted at rest with the user's password. This
was publicly disclosed by lavabit on their site. With the SSL key material the
state could decrypt the user's password from network traffic. The encrypted
emails and SSL key material are obtained through the courts, SSL encrypted
passwords via surveillance, bob's your uncle they can read a user's email.
Lavabit wouldn't need to "build" anything and couldn't argue they didn't have
the technical capability to turn over SSL keys and encrypted email data. This
is why he shut down, so that user's wouldn't continue to submit their
passwords over the wire using a compromised SSL key.

~~~
rdl
The only reason they got the SSL key search warrant was his aggressive
noncompliance with the pen register/pen trap. I didn't realize pen register
applied to non-CALEA entities (this is a PATRIOT 216 thing); if it didn't,
there would have been no justification for 1) forcing his cooperation and 2)
getting SSL keys from him.

With Patriot 216 pen trap, they can compel full cooperation to the same
standard as a CALEA covered entity, which they knew he couldn't provide as
well as their own pen trap device (at least without work; they found $2k
unreasonable to implement it!), so they can get a warrant for SSL keys for
their pen trap. With that they can do whatever.

There may be a solution in SSL keys which can't be exported (HSMs) into the
pen trap; you'd potentially be able to require a secret compatriot offshore
(or via a cutout) to assist in adding a new load balancer or front end, so
you'd be technically unable to comply. They could require you generate and use
new keys, but users could detect that, and you could warn of this when you
first set up the system.

~~~
darkarmani
> The only reason they got the SSL key search warrant was his aggressive
> noncompliance with the pen register/pen trap.

What does this mean? Don't they have a the legal ability to force compliance?

~~~
rdl
Yes, but it's not instant. He was asked for pen register, he wasn't 100%
helpful (partially due to how the system was set up), so they went back in
various ways to get what they wanted (threatening criminal or civil contempt
charges, fines, and a warrant for ssl keys).

Then Ladar delayed on the warrant in a variety of ways (trying to quash a
warrant, which I didn't know could be done before executing it; trying to
claim it was invalid until after the pen trap was set up without it to
actually observe it failing, the "little 4 points" trick.)

------
stedaniels
Should have put a typo in there. Can you imagine the double/tripple/etc
checking going on!?

~~~
velik_m
Or use one of those Xerox copiers that randomly change numbers...

~~~
fnordfnordfnord
and a funky font that is difficult to OCR.

------
ig1
Don't do this. If it's a clean print-out it's trivial to OCR at a five nines
accuracy rate.

~~~
tomaac
Depending on font he used, I believe for OCR some characters might be
difficult:

o01|IO

And even one wrong character makes SSL key wrong.

~~~
ig1
There's OCR systems which work on the basis of internal font consistency. They
break the page into a series of single character images, and because the same
character repeated is close to identical it's trivial to match them up, so you
can easily build a map of characters.

You then just need a human to label each character once. With a pixel image
comparison 0 looks completely different from o.

If they're using a standard font then a regular OCR (you'd only need four
nines accuracy to get it 100% correct) would be fine, even with a weird font
it still be easy to get that level of accuracy.

~~~
shabble
The obvious solution to this would be to cycle randomly between fonts every
few characters (or keep a running total of the font used for each particular
symbol, and ensure it stays below some threshold). For bonus points you could
convert the key from base64/ascii to unicode or similar.

~~~
jloughry
_The obvious solution to this would be to cycle randomly between fonts every
few characters (or keep a running total of the font used for each particular
symbol, and ensure it stays below some threshold)._

This sounds like a useful defence in general against OCR re-use of particular
things you might publish. I wonder if it could be done in a manner unobtrusive
to the eye, but progressively more expensive to algorithms, either in terms of
memory or time. This is really a neat idea you have.

------
ballard
Passive aggressive ftw. I would have used an excessively decorative script
font and not number the pages or identify which keys. Perhaps even a typo or
two, that'd buy some time.

On the size, 4 pt is generous. I remember printing an allowed note index card
for high school final exams in 1 pt Times New Roman on a laser printer @ 600
dpi. At arm's length, it looked like a series of lines, but up-close the text
was quite readable. Under magnification, the print quality was amazing.

~~~
jlgreco
He should have used "wingdings".

~~~
ballard
I like your thinking.

------
debacle
This man is a hero. I don't know if he's a saint (he's probably not - no one
is), but he's definitely a hero.

------
ikusalic
Even if futile, beautiful example of civil disobedience. If only there were
more people that at least tried as he did. I'm supporting his rally[1] and
hope more people will.

[1] [https://rally.org/lavabit](https://rally.org/lavabit)

------
drucken
Isn't the key this sentence: _" Wired reported the government as complaining
that a Lavabit representative indicated that Lavabit had the technical
capability to decrypt the information, but that Lavabit did not want to
‘defeat [its] own system."_?

If they used something like Perfect Forward Secrecy, could they not
legitimately have claimed to be unable to defeat their own system (as it is
currently configured)?

------
xuhu
offtopic: scrolling through the printout by dragging the scrollbar handle
slowly (~3 pages per sec) crashes the chrome renderer (tried on 2 win7-32
boxes)

~~~
kevin-brown
On Ubuntu x64, it's sluggish (as it's loading) but doesn't crash. It took up a
solid 1GB of memory though, according to Chrome.

------
bhauer
FYI, I would guess that Attachment A starting on page 144 is a reproduction of
the keys in a very small font. If that is correct, they are indeed illegible.

------
joelrunyon
The worst part about this is that it's not even that hard to fix. If you
wanted to - you could hire a VA for $5/hour to digitize it (and hire another
to QA). Total cost probably less than $100.

So intrusive AND lazy :).

------
Fuxy
Technically speaking he did comply with the order. They never specified what
format it should be in.

Plus companies shouldn't be required to beautify data for the government. They
got what they asked for it-s up to them to figure out how to use it.

I know this is a bit sneaky this time but if they allow this to stand then
soon companies will have to employ full time staff to beatify data for the
government with pretty graphs and such because a database dump is
incomprehensible.

It's like a kid asking you how to make a website and then complaining that
HTML, CSS, JavaScript,etc is incomprehensible.

------
throwwit
lol... remember this?:
[http://www.theguardian.com/technology/blog/2012/aug/29/apple...](http://www.theguardian.com/technology/blog/2012/aug/29/apple-
samsung-trucks-nickels-fake)

------
zenocon
He should have printed one character per page, and put it in a 2,560 page
3-ring binder.

~~~
aw3c2
* unnumbered

------
lectrick
Smarter would have been to copyright the keys so that giving them a copy would
violate DMCA.

Take THAT!

------
jonahx
"In an attempt at dry humor"

I think that is a little better than an "attempt"...

------
wglb
Sounds like an act of malicious obedience.

------
jlebrech
shoulda put it on floppy disks, or minidisks

------
wellboy
But you can simply scan 11 pages in and run a software over it that reads all
characters. There´s lots of software like that.

This would have taken the FBI 20 mins...

------
Daniel_Newby
Perfect forward secrecy, bitches.

~~~
lucian1900
That does nothing for future intercepts.

~~~
jlgreco
That is what killing your business is for.

------
eli
Sorry, but I'm not a fan. Either comply with the order or don't, but don't
play games.

This is the same nonsense the government pulls when they want to "technically"
comply with a FOIA request, but want to make life as hard as possible for the
requester.

~~~
mpyne
Apparently double standards are wrong when the government does it, but are OK
when "we" do it.

What _I 'm_ not a fan of, however, is that Levison had claimed that he's be
willing to comply with (indeed, _has_ complied with) specific warrants. He
left the impression that the FBI was asking him to ruin his security _in
general_.

However the court filings show that the request for the SSL priv keys came
only after Levison failed to comply with... a specific warrant relating to
Snowden and Snowden alone. So if Levison wasn't lying, he was definitely
leaving something major out of his story.

~~~
anaphor
He was probably still working on a way to compromise Snowden while leaving all
of the users still secure, and the FBI was probably just impatient. But that's
pure speculation on my part.

~~~
mpyne
From what I can gather in the released order, the FBI didn't actually ask for
Snowden's communications to be compromised anyways, they wanted the
"connection information" (i.e. IP addresses, any metadata). I don't understand
why Levison didn't think he could comply with that, unless it was completely
impossible for him to implement.

But he never told the FBI it was technically impossible, he told them that he
_would_ not (as opposed to "could not") do it.

------
mbq
So he did surrender the keys -- this makes his business shutdown move
substantially less heroic that everyone thought.

~~~
faceplanter
It was ordered by a judge. What do you suggest he would do otherwise?

~~~
markeganfuller
Delete them before he was ordered to hand them over?

~~~
eterm
He deleted his entire business before handing them over. That's even more
drastic, don't you think?

