
Judges Poised to Hand U.S. Spies the Keys to the Internet - Libertatea
http://www.wired.com/threatlevel/2014/02/courtint/
======
mikevm
By the way, Ladar, Phil Zimmermann and others are working on a new secure end-
to-end Email protocol: [http://darkmail.info/](http://darkmail.info/)

There's also some information on the Kickstarter page:
[https://www.kickstarter.com/projects/ladar/lavabits-dark-
mai...](https://www.kickstarter.com/projects/ladar/lavabits-dark-mail-
initiative)

------
higherpurpose
If this happens, I hope more US companies or start-ups move their
headquarters/servers abroad. Maybe then Congress will do something serious
about it. This, perhaps more than anything revealed so far, would make me
switch to a non-US based service as soon as possible.

~~~
roywiggins
The NSA can just crack into your servers abroad, if they want to; no warrants
required. Admittedly they'd have to work a bit harder if it's not in a
jurisdiction friendly to them, but breaking into foreign servers is basically
their job.

If people running the company in question still hold US citizenship or keep
money in the US, the US legal system can still reach them unless they never
want to go home.

~~~
GVIrish
Yes if companies move off shore then the NSA doesn't even have to give a
second thought to the legality of their actions(not that they're giving it
much thought now). But if enough big US businesses move elsewhere and take
their jobs and tax revenue with them, that will probably serve as a strong
motivator for Congress critters.

~~~
alexeisadeski3
I wish!

Reality is far from that I am afraid.

------
zmanian
We need to assume a threat model today where Advanced Persistent Threats can
seize private keys from hosting providers and US companies. Both secret court
orders and hypervizor exploits are part of this threat profile. This threat is
greater from smaller companies. Large companies will be better able to resist
secret court orders.

~~~
sedev
I'm not sure that the current track record supports "Large companies will be
better able to resist secret court orders." They have more resources that they
_could_ use for that, but they also have more to lose. I don't think we've
seen evidence that they _are_ resisting those orders - and certainly have seen
evidence that, for example, Verizon and AT&T are just handing eavesdroppers
everything they want and then some.

~~~
zmanian
Based on the conversations, I've had with various internet companies lawyers.
They consider their private keys to be their crown jewels and they believe the
US government would be not be able to keep it secret in the long run if they
turned them over.

------
sneak
The real questions:

a) Why does Wired, a tech pub who should know better, seem entirely ignorant
of the existence of PFS cipher suites?

b) Why wasn't Lavabit using PFS? Then key compromise is mostly irrelevant as
long as you're not incarcerated and can scream bloody murder.

~~~
wmeredith
Wired is pretty bad when it comes to actual journalism. I've noted this
elsewhere on HN in the past (and have seen others echo my sentiments) but any
time I read one of their stories covering a field where i have a lot of
knowledge, they always get basic concepts as well as things like simple domain
vernacular wrong. I can only assume this also applies to areas where I have
little expertise. The more knowledgeable about tech I become, the more I view
Wired as a tabloid/click bait farm.

~~~
rsingel
Really, Kevin Poulsen is the Wired writer you are going to pick on?

He co-created Secure Drop with Aaron Swartz. If your memory doesn't go back
that far, there was that cool article the other day about how a hacker
reverse-engineered OKCupid. He's written stories that have put pedophiles in
jail and exposed the FBI's use of malware on criminal suspects.

Someone else can defend Wired in toto these days, but, I will say it'd be hard
to choose a less appropriate writer as proof for your first sentence.

And, yes, Poulsen was my _former_ boss and editor.

~~~
BlackDeath3
Interestingly, the post to which you're replying never actually refers to
Kevin Poulsen, neither explicitly nor (as far as I'm concerned) implicitly.

~~~
krakensden
Kevin Poulsen's name is on TFA.

~~~
BlackDeath3
I understand that. Where does the poster ever specifically mention "the
fucking article" as the target of their discontent? It's directed at Wired as
a whole, is it not?

------
orthecreedence
Yay for client-side crypto. I think aside from making it hard(er) to steal
CC#s and making online banking a bit safer, SSL is fairly useless and has been
for a while.

I think a new crop of services that generate keys completely on the client and
use servers as dumb, data-ignorant conduits between clients are going to be a
lot more pervasive in the next 10 years. At least, that's what I'm betting on
=].

------
ballard
The meta goal is getting rid of these judges that don't take privacy
seriously.

------
xcyu
"Levison turned over the keys as a nearly illegible computer printout in
4-point type. In early August, Hilton – who once served on the top-secret FISA
court – ordered Levison again to provide them in the industry-standard
electronic format, and began fining him $5,000 a day for noncompliance. After
two days, Levison complied, but then immediately shuttered Lavabit altogether.
Levison is appealing the contempt order."

Nice.

------
RMacy
Wow, that judge would not stop interrupting the lawyer. Is that typical?

~~~
CWuestefeld
It seems that judges can be jerks sometimes.

I was once a witness to a traffic accident, and had to go to court. The judge
asked the defendant (whose inattention caused the accident) what happened, and
his story wound up "and so the other guy was shaken up but not injured". The
judge then gave a several minute harangue over his presumption in knowing what
happened to the other guy.

Finally he asks the guy "how do you KNOW that he wasn't injured?". The guy
replies, "I went to see him to apologize, and he TOLD ME that he wasn't
injured."

Of course, the "told me" what second-hand so probably not admissible, but it
sure didn't warrant the rant that the judge gave him.

~~~
ItendToDisagree
Anecdotal, but every Judge I've met (outside of their working environment) was
a pretty self-important asshole, and I've met a number...

Not always the case I'm sure but it has always made me rethink the idea of a
Judge as an 'impartial' adjucator

~~~
diydsp
wow lol. When I went to court years ago to defend a traffic ticket, I took the
elevator up to the 3rd floor. At the second floor, the doors opened to reveal
a group of people waiting to hop in.

The judge in the elevator with me quickly reached over me and pressed the
"Door Close" button. This closed the doors, preventing the waiting people from
getting on and the car continued to the next floor where he and I got off.

------
EGreg
Why can't SSL be used to secure a symmetric key exchange that clients then
save on their own computers or USB dongles?

Of course, privacy obsessed clients can simply run their own email client off
a USB stick with their own private keys.

But anyway, if the servers simply store keys which the clients themselves
unlock via their passwords, and the server stores nothing, the NSA would have
to either sabotage the hardware the clients use or else do rubberhose
cryptanalysis.

~~~
leeoniya
the only solution is if the client (open source so it cannot be compromised)
did all the encryption and decryption. that way you can store your keys and
the server can store your encrypted data. otherwise you trust a compromisable
third party to authenticate the server as legit.

~~~
dllthomas
_" (open source so it cannot be compromised)"_

Open source is necessary (or nearly so) but not sufficient.

~~~
EGreg
Why is it necessary?

~~~
dredmorbius
Unless you provide sources, and, really, a viable build environment -- see
RMS's discussions on this, and such counterexamples as Red Hat's rather
difficult-to-reverse-engineer build environment (the real value-added of
CentOS and other RHEL free forks), as well as Microsoft's long-standing source
licenses to academics (build environment not included AFAIR) -- it's possible
to hide either failures or backdoors in your products. True crypto is _well-
tested_ crypto. That doesn't mean "verified" (can't prove a negative), but it
_does_ mean very thoroughly vetted.

Even proprietary security companies have long practiced _source provided_
(different from "open source") code for their key crypto engines. PGP comes to
mind in this regard (the company, not the protocol).

But fully open source means you've got _vastly_ more exposure of your crypto
guts to examination.

------
fredgrott
It seems to me that the number of computer programmers in the world contrasted
against the number of judges and politicians who still do not get privacy,
security, and technology provides the perfect mix for WWIII via not armed
combat but by attacks against spying powers, no matter which country it might
be.

------
okasaki
Wouldn't it be easier to just gain access to the datacenters where the data is
stored, presumably unencrypted?

~~~
acqq
Imagine that the old mails aren't stored anymore on the servers in the data
centers, but that you have all the encrypted traffic saved and you can unlock
and read all the old mails. The same keys unlock the old mails and all the
mails that are going to be made. Why wouldn't you want such keys?

------
negativity
I expect the militarization of space to follow the same approximate trajectory
as all this internet skulduggery.

~~~
rdl
Only nation-states can easily weaponize space. I don't know if a treaty could
restrain individuals from writing exploits.

~~~
dllthomas
_" Only nation-states can easily weaponize space."_

For now.

~~~
ChuckMcM
Interesting question to which I do not know the answer, can I, as an
individual, give SpaceX a satellite to launch into a polar orbit without
disclosing the function of that satellite?

~~~
voltagex_
I don't think so. I think even ArduSat ran into ITAR problems.

------
iterable
we are f*d

