
Advocating for privacy in Australia - hspak
https://fastmail.blog/2018/12/21/advocating-for-privacy-aabill-australia/
======
Jedi72
Good writeup. Since I can already see not everyone here actually read the
article, here are some highlights.

> Law enforcement has always been able to request information from us through
> the Telecommunications Act with a lawful warrant. Because we have the
> ability to decrypt all data, there is no need to make changes that
> circumvent encryption. ... While FastMail is not directly affected, we don’t
> support this legislation because it carries serious implications for the
> Australian tech industry.

> Of course, should our users choose to end-to-end encrypt their mail via PGP,
> we have no way to access that content, even under the AABill. Our blog
> explains why we have never offered PGP ourselves, and describes third-party
> PGP tools you can use with FastMail if you wish to manage your own
> encryption.

The second one in particular highlights to me the fact that whilst there are
many downsides to the legislation, any serious culprits i.e. state actors or
organised crime have many counter moves, severely limiting the upside -
something all tech people knew anyway.

~~~
InGodsName
I wonder why no one has ever made PGP user-friendly.

Some might argue whatsapp or signal or Telegram E2E is exactly that. I talk
about the email.

~~~
dane-pgp
ProtonMail say that they've made PGP user-friendly, and I'm inclined to agree
with them:

[https://protonmail.com/support/knowledge-base/how-to-use-
pgp...](https://protonmail.com/support/knowledge-base/how-to-use-pgp/)

"This means that with ProtonMail, anybody can use PGP, regardless of their
technical knowledge."

Something like this would make things even more transparent to end users:

[https://autocrypt.org/](https://autocrypt.org/)

~~~
bad_user
Imo ProtoMail is snake oil:

When you’re communicating with email addresses outside of ProtonMail, their
servers will see your emails. Your emails might then be encrypted “at rest”,
but they’ve passed through their servers unencrypted anyway.

To workaround it, for sending to email addresses without a ProtonMail account,
AFAIK they also give the possibility to send a link to a ProtonMail interface
for decryption.

And also web interfaces are inherently insecure for E2E encryption, which
ProtonMail encourages.

This is not how email is supposed to work.

Speaking of email ProtonMail also doesn’t work via standard IMAP and SMTP. You
need an adapter to use classic mail clients and that only works on the
desktop.

In other words ProtonMail is anti-standards.

And for me standards are more important than promises of privacy that an email
service can’t really meet.

Unless you’re doing PGP or similar, independent of the email service being
used, then email is incompatible with encryption.

~~~
Boulth
> When you’re communicating with email addresses outside of ProtonMail, their
> servers will see your emails. Your emails might then be encrypted “at rest”,
> but they’ve passed through their servers unencrypted anyway.

Decryption is done in the browsers so it's not passing through the servers
unencrypted. (ProtonMail is one of the biggest contributors to Openpgpjs).

> To workaround it, for sending to email addresses without a ProtonMail
> account, AFAIK they also give the possibility to send a link to a ProtonMail
> interface for decryption.

And you can add the recipient PGP key in ProtonMail settings so it's pure PGP.
(I've heard that they're working on Web Key Directory support for automatic
contact key retrieval)

> And also web interfaces are inherently insecure for E2E encryption, which
> ProtonMail encourages.

Not strictly true. The problem is web interface hosted on a foreign host. For
a secure web interface see e.g. Mailpile.

There are also other ways of minimizing risk like using Mailvelope that
communicates with GnuPG through Native Messaging.

> In other words ProtonMail is anti-standards.

Not for all standards for example ProtonMail is very active in OpenPGP mailing
list.

For the record I'm not using ProtonMail but I like that they're promoting PGP
by showing that it can be made relatively easy. Too much people think that the
UI complexity in PGP is intrinsic.

~~~
bad_user
>> _Decryption is done in the browsers so it 's not passing through the
servers unencrypted._

That cannot be for unencrypted emails, which is how most communications over
email are going to be, because:

1\. Most people or businesses are not on ProtonMail

2\. Usage of PGP is nice, but very few people have published PGP keys

3\. Opening a link to view a message is a big problem; personally I ignore
such emails, can’t remember the last time that happened

It also doesn’t work for unencrypted emails being sent to you, which are a
majority.

If I were to guess 99%+ of emails sent or received by ProtonMail customers are
seen by ProtonMail’s servers in unencrypted form.

And this is why ProtonMail is snake oil.

~~~
dane-pgp
You're accusing ProtonMail of being snake oil because people can send
unencrypted emails to ProtonMail users? If it didn't allow receiving such
emails, it wouldn't be an email service, so it sounds like "encrypted email
service" is something that you have made impossible by definition.

Perhaps, rather than focusing on "most communications over email" (which don't
involve ProtonMail's users whatsoever), it's more fair to ask whether
ProtonMail enables encrypted communications with non-ProtonMail email users,
and what threat models it is reasonably secure against.

You're right, though, that there are trade-offs to be made when it comes to
using web-delivered JavaScript (although these problems need to be solved at
the web platform layer [0], not unilaterally by a single service provider),
and ProtonMail do not exactly advertise their security limitations (and nor do
any other webmail providers).

[0] [https://tools.ietf.org/html/draft-yasskin-http-origin-
signed...](https://tools.ietf.org/html/draft-yasskin-http-origin-signed-
responses-04)

~~~
bad_user
>> _You 're accusing ProtonMail of being snake oil because people can send
unencrypted emails to ProtonMail users?_

Don't downplay the problem. An overwhelming majority of email that ProtonMail
users get is in fact unencrypted. Not only that, but an overwhelming majority
of email that ProtonMail users send is unencrypted as well.

It might get encrypted after the fact, but that email passes through their
servers, which means ProtonMail can be coerced into doing blanket surveillance
if the law allows it and any claims that ProtonMail protects you from that are
bullshit.

>> _" encrypted email service" is something that you have made impossible by
definition._

It's not my definition, that's just what you get with email.

E2E encrypted email can only work if it's optional (e.g. PGP, when both
parties agree on the keys), which is for secrecy, not privacy, because a
majority of email sent or received will be unencrypted, because that's just
how email was designed, that's how it works.

I don't have a problem btw with ProtonMail's implementation per se. Certainly
it has value in certain contexts ... like if all of your work colleagues or
all of your family is on ProtonMail, then you can have some peace of mind, but
then again for a controlled, small group you can just go with PGP directly,
which would be more trustworthy actually.

The problem is that many of the claims being made are bullshit. No, ProtonMail
is not 100% e2e encrypted, in common use their servers will see most of your
emails sent and received unencrypted and it will not protect your privacy.

So that's why it is snake oil.

~~~
Leace
> An overwhelming majority of email that ProtonMail users get is in fact
> unencrypted. Not only that, but an overwhelming majority of email that
> ProtonMail users send is unencrypted as well.

Could you cite your sources? I'm wondering what are the exact percentages.

------
rswail
[disclaimer: happy fastmail user, 30+ year Aussie programmer]

What I really really like about this blog entry and the Fastmail service in
general is that it is practical and clear.

Fastmail does not and has not ever offered data privacy from properly
constituted legal requests. Within the service they offer of email (and
calendaring and contacts), they protect their user data by having it encrypted
at rest and in transit.

Email protocols are not suited to E2E encryption because of the historical
evolution of those protocols. So if you want E2E, there are appropriate
solutions.

In terms of people who want access to your data, there are two types,
bad/illegal actors and those operating under the judicial system. Under the
judicial system in place in Australia, as has been explained, warrants (and
the equivalent for non-law enforcement security services) are still required
for access to an identified person's information.

Fastmail has always been clear that they would respond to a properly
constitued legal request.

In terms of lobbying, it is up to all Australian tech people to respond to
this legislation and its ill-considered requirements.

I've already written to Mark Dreyfus as Shadow Attorney General and also the
senior ALP person on the PJCIS which is responsible for this legislation.

I intend to engage further in the new year with all those relevant MPs,
ministers and shadow ministers, with the primary goal of clarifying that the
tradeoff between security and privacy is not a zero-sum game, that invading
privacy in such a ham-fisted manner as defined in the legislation is more
damaging to both our industry and our community than the stated objectives of
our security services to avoid bad actors "going dark".

------
kijin
The ability to use standard protocols (IMAP and SMTP) is much more important
to me than end-to-end encryption. I won't even touch an email service that
doesn't support IMAP with a 10-foot pole no matter how secure they claim it
is. I know some people are developing self-hosted gateways that can speak IMAP
on the local side and a more secure protocol on the public side, and I think
it shows promise. But the whole setup still feels way too fragile compared to
good old email.

I've been using FastMail for 11 years now, and I've recommended it to several
other people. I will continue to do so for the foreseeable future.

~~~
stilley2
My work email has disabled imap in the name of security. My understanding is
it's easier to lock down email entirely than to get doctors not to email
patient data around, so I kind of understand, but it's annoying to have to
read my email either using the terrible outlook web all or by giving my
employer a lot of permissions on my personal phone. For context I'm in the US,
where HIPAA fines can be quite high (not that that's a bad thing).

------
Gatsky
The comments here are disappointing. The gulf between cryptopurists and
software that people actually use remains wide.

------
Jerry2
Their "Actions we are taking" section is almost entirely composed of a
political lobbying strategy. Given the outcome of the vote, 44 votes for and
only 12 against, their plan doesn't exude much confidence. I would have
expected plans to move data and key technologists out of Australia at the very
least.

The company I work for uses Fastmail but our CEO has already decided to switch
mail providers sometime in 2019. I don't know what other service they'll
choose.

~~~
brongondwana
The data hasn't ever been stored in Australia. All our data is currently
stored in the USA and Netherlands.

Of course the "people are planning to leave us because of the hamhanded way
you introduced this legislation" is a major part of all our feedback to
legislators.

The AABill happened the way it did in Australia because our politics is
particularly broken right now (seriously, we have a minority government which
has change leaders twice and lost multiple members to scandals). We call it
"wedge politics" and Labor were forced into supporting it because otherwise
they'd look soft on terrorism going into the holiday period, and anything at
all which happened would be blamed on them not supporting the bill.

~~~
neotek
>anything at all which happened would be blamed on them not supporting the
bill.

Which is idiotic, since the LNP would blame Labor either way, as they do for
every single other failure they (the LNP) are responsible for. I wish Labor
had some fucking guts once in a while.

~~~
throwaway12iii
Labor are happy to take this power, and blame the power grab on the others.

~~~
neotek
Labor had a series of sensible amendments that would have diminished the
opportunity for any government to abuse this silly legislation. I think trying
to equate both parties is disingenuous and wilfully ignores a mountain of
context.

~~~
cyphar
> Labor had a series of sensible amendments that would have diminished the
> opportunity for any government to abuse this silly legislation. I think
> trying to equate both parties is disingenuous and wilfully ignores a
> mountain of context.

A series of amendments that were dropped, despite the political reasons for
keeping them (including the Nauru medical bill which didn't pass). Now, there
were a series of useful House of Representatives amendments, but a series of
useful amendments to an awful idea really isn't much of an improvement.

Feel free to put Labor above the Liberals on your next ballot, but please
consider putting a third party (Greens, Science Party, Pirate Party) above
them. We have preferential voting for a reason.

------
bad_user
EDIT: note that I'm probably wrong, see reply below by @brongondwana!

\---

One problem not being addressed is that via #AABill data access requests can
now be submitting without warrants issued by a judge, so it removes the
judicial oversight.

Also this law says that all such requests need to be "reasonable", but it
doesn't define what that means. For example is blanket surveillance
reasonable? AFAIK this law doesn't say. And companies like FastMail cannot
report abuse publicly, or the people responsible risk 10 years in jail.

Couple this with the fact that Australia is part of the "Five Eyes", being the
only country without a "Bill of Rights", it means that agencies like the NSA
could use Australia for their dirty work.

Please correct me if I'm wrong, I haven't read the actual bill, just random
commentary on the net.

I'm a FastMail customer, but reading this blog article is leaving me worried,
because FastMail keeps mentioning " _lawful warrants_ ", but from what I've
read warrants aren't needed anymore.

It's pretty sad. I've seen many Australian software companies doing a good
job, like FastMail here and their reputation is now tarnished due to
incompetent politicians. The wave of populism and stupidity has been
spreading.

~~~
brongondwana
We've never done blanket surveillance, and specifically mention "individual
users" in the blog post. There's been a lot of FUD about warrants not being
needed - I think the ZDNet article we linked covers that very well:

"[a judge doesn't have to sign off on the specific method by which data is
requested] However there must be an underlying warrant to access
communications under the Telecommunications (Interception and Access) Act or
the Surveillance Devices Act or state-level equivalents."

So the request still requires a warrant that specifies which communications
are to be intercepted, but not a warrant that specifies how the interception
is to be performed.

Sadly, random commentary on the net does tarnish reputations every bit as well
as facts :(

~~~
cyphar
> There's been a lot of FUD about warrants not being needed - I think the
> ZDNet article we linked covers that very well

There is definitely a lot of FUD, though I think the ZDNet article is
underplaying several quite reasonable concerns about the legislation.

In addition, I've not seen any concrete explanation of how you could make use
of the Commonwealth Ombudsman to effectively appeal the decision of assessors
for a TCN.

------
randaouser
Im hoping to resolve this using a "searchable encryption" scheme leveraging
homomorphic encryption and elliptic curve based el-gamal. This would allow law
enforcement to search for key words on encrypted data sets. This prevents
leakage for both parties.

THe use case for emails is a tad clunky as the bag of words would require
precomputing, however, it is privacy preserving for both parties.

If you feel this is something interesting that you would like to contribute to
please msg me. I have working code in javascript (so it may soon be a plugin)
and the architecture is decentralized but requires a a single message
interaction between the actor querying and the data source.

~~~
mLuby
1\. Once a user identifies messages containing the search term, what are they
supposed to do then? The message should still be un-decryptable to them.

2\. Can't a user search all common words against a message and then rearrange
those found to roughly match the message length. There are only so many ways
the words "noon begins the tomorrow revolution at" can be arranged and make
sense.

~~~
randaouser
1) Can you clarify which users? The government issuing the search query is
unable to decrypt the messages. If they flag it, they can order a warrant
against the individual to decrypt the message.

2) A random salt is used so only exact keywords will match (I have a fuzzy
matching implementation using jaccard similarity and minhashing but that is an
extension). To answer your question technically yes, but what you describe
would require many interactions with the data source as the content producer
must apply the encrypted queries against their encrypted data.

Again, I am trying to provide a solution that is beyond just giving someone
the ability to read your private messages without your consent. No doubt it
will require work from sidechannel attacks so appreciate any feedback

------
jaimex2
So are you guys going to change or put an asterix on the front pages "Get
private, secure, ad-free email hosting for you or your business" claim? :)

------
dbg31415
> FastMail won’t be making changes to our technology or policies in response
> to this bill. Law enforcement has always been able to request information
> from us through the Telecommunications Act with a lawful warrant. Because we
> have the ability to decrypt all data, there is no need to make changes that
> circumvent encryption.

Isn't this, "No need to force us to install a backdoor, we've already got
one!"

Kind of disappointing. Nothing in this article seems to be promoting privacy,
just ways they comply with the laws -- and have been for as long as they've
been around.

If you care about privacy, shouldn't you move your HQ out of Australia? You
aren't allowed to even tell people you've been served warrants now, correct?
Gag orders mean we have to trust the Australian Government... we can't trust
service providers. Eww.

* Honest Government Ad | Anti Encryption Law - YouTube || [https://www.youtube.com/watch?v=eW-OMR-iWOE](https://www.youtube.com/watch?v=eW-OMR-iWOE)

~~~
cyphar
> Isn't this, "No need to force us to install a backdoor, we've already got
> one!"

Fundamentally there is no need for a backdoor for emails. The entire protocol
results in plaintext being received on the server, and so there is no need to
add a backdoor. Email isn't end-to-end encrypted -- you've always had to use
PGP if you wanted that.

Lavabit had the same problem when the US sent and NSL that asked for the TLS
keys of his server to decrypt the email traffic that Snowden had sent.

------
jammygit
Fastmail should relocate to Canada. Just throwing suggestions out there.

~~~
brongondwana
Damn, I just lost $100. Thanks. We had a bet on how long it would take for
somebody to say "just relocate your entire company and all your staff's lives
to another jurisdiction".

~~~
newscracker
Slightly off topic: you have a broken link in your blog post titled
'Submission regarding “The Assistance And Access Bill 2018”'. The link [2] in
the line "For more information around this submission, see our <blog post>
about the bill" leads to a 404 page not found.

[1]: [https://fastmail.blog/accessbill-
submission/](https://fastmail.blog/accessbill-submission/)

[2]: [https://fastmail.blog/access-and-assistance-
bill/](https://fastmail.blog/access-and-assistance-bill/)

~~~
theOnliest
Hey, thanks! We've updated that to link to both the relevant blog posts.

------
mtgx
So the article's tl;dr is basically: "We're advocating for privacy, but we
aren't going to try to offer you any. We never did, and we certainly won't now
that this law passed. You're on your own."

Is this supposed to be a PR-positive announcement from FastMail, because I
can't quite tell?!

~~~
brongondwana
We never offered, and never claimed to offer, a safe haven for people who have
broken the law in both Australia and their own country to hide from the
police. We don't place ourselves above law enforcement.

We don't have data trading agreements with anybody, and we don't sell or
provide backdoor channels - we only provide data in response to lawful
warrants.

That's the right amount of privacy and the right tradeoff with usability for
just about everyone. Certainly storing your emails super encrypted in a
concrete bunker on an island somewhere is theoretically safer along one axis -
I wrote a whole series about Confidentiality, Availability and Integrity just
over 4 years ago on this very topic:
[https://fastmail.blog/2014/12/02/security-confidentiality-
in...](https://fastmail.blog/2014/12/02/security-confidentiality-integrity-
and-availability/)

And the specific one on confidentiality here:
[https://fastmail.blog/2014/12/15/security-
confidentiality/](https://fastmail.blog/2014/12/15/security-confidentiality/)
(excuse the line wrapping, we moved to a new blog platform a while back and
some of the older posts didn't import perfectly, but I don't want to look
suspicious by editing it today!)

~~~
emptybits
> We don't place ourselves above law enforcement.

Of course this is reasonable, but I'm curious what you think of companies who
_do_ put themselves above law enforcement when it's the _right_ thing to do.

i.e. lawmakers do not always make laws that are right and law enforcement does
not always do the right thing when interpreting and enforcing laws. A case to
cite might be Apple vs. FBI in 2016. The company placed itself above law
enforcement. They disagreed with law enforcement and would not cooperate when
I am certain _many_ companies would have cooperated. It was a gamble. As a
user, I am glad they stood their ground and I was/am glad to give Apple my
money. I've also set my businesses up on FastMail at least twice, which is why
I ask.

Maybe only a company with Apple's resources can take a risk like this?
Thoughts?

~~~
rswail
Apple did not place themselves about the law, they went to a properly
constituted court and asked the judge to rule on whether what the FBI was
asking was lawful.

During those proceedings, they also explained how complying with the FBI's
request would lead to a highly damaging corruption of the privacy of their
users data.

They asked the judge to make a judgement which was that Apple were right in
saying that the FBI had over-reached in their warrant.

The case was headed to appeals when the FBI withdrew after finding another way
to get the information they needed. Notably they did so without Apple having
to compromise security or user data privacy.

~~~
emptybits
> Apple did not place themselves about the law

Exactly. I didn't say they did. The comment was about being above _law
enforcement_. See my other peer response here.

------
mikejulietbravo
This completely erodes the point of end-to-end encryption.

~~~
stephenr
You've got that backwards.

End to End encryption defeats the purpose of the "server-side" component of
any government request/demand to decrypt messages/data.

Any server-side email platform that 'integrates' email encryption (that is,
envelope encryption, not encrypted transports) is effectively not "end to end"
because your computer is not the server, and thus it's decrypted before "the
end".

