

What Exactly Did The US Government Ask Lavabit to Do? - m8urn
http://xato.net/privacy/lavabit-shutdown/

======
radley
It seems pretty clear to me (Occam's razor):

1) he was told he had to use the same monitoring process all the other
providers were using

2) as a state secret, he couldn't reveal he was doing it ever to his users

3) if he complied he would totally undermine the nature of his service

Anything else is superfluous.

------
jauer
So long as uninformed speculation is running loose... Lavabit's comment that
"If you knew what I know about e-mail, you might not use it either." points in
a email specific direction as opposed to simple sniffing of traffic.

Perhaps he is referring to the Stored Communications Act (
[http://en.wikipedia.org/wiki/Stored_Communications_Act](http://en.wikipedia.org/wiki/Stored_Communications_Act)
). I haven't seen it referenced in coverage of this but the gist is under the
right circumstances email that is older than six months and stored on a server
that you don't own can be accessed without a warrant. Lavabit's encryption
process as described would interfere with that. Not being able to comply AND
being unwilling to take steps to comply in the future is the sort of thing
that feds don't like.

This wasn't a big deal when it was passed in 1986 and small mail quotas were
the norm but now with IMAP, multiple devices, and archiving it becomes a
pretty big issue as you are talking about someone's electronic life instead of
abandoned mailboxes.

AFAIK the issue of Fourth Amendment issues and SCA hasn't made it to the
Supreme Court yet so interpretations vary depending on circuit.

~~~
Buttons840
Had it been because of the Stored Communications Act, would that explain why
he couldn't talk about it?

~~~
mpyne
The concept of a gag order is orthogonal to specific laws. But I believe it
was the Patriot Act that gave the Executive the power to make NSLs with a
similar effect.

------
martin_
"In reality all it would take is a few lines of code code to log the user’s
original password which allows you to decrypt the private key which in turn
allows you to receive and send mail as that user as well as access any stored
messages."

Is this any different to writing a few lines of code to sniff the
PreMasterSecret or even just a plain ol' MitM attack?

------
sudocw
Are there currently any alternatives, in terms of secure email providers? I
never even knew it was a thing before the lavabit fiasco.

~~~
backprojection
Could you trust any that remain operating, after the Lavabit fiasco?

~~~
karon
Many people seem to forget that there are still countries where US laws are
not in effect.

Even more interesting is the fact that even Lavabit's founder seemed to have
overlooked this fact, and instead of relocating his servers and all the user
data to Iceland, Norway or New Zealand, he chose to shut it down for good.

Why?

~~~
zokier
Because if he got a NSL requesting a backdoor on his servers, then it doesn't
matter where the servers are located. What matters where he personally and his
company are located. And you can ask Snowden how fun it is to be persona non
grata.

------
dangero
Hypothetical question:

What if the founder of Lavabit took the documents that the US government sent
him and gagged him with and put them somewhere where they could be stolen or
illegally accessed? For example, what if he put them on a computer with a
public facing ip address, or even left them on his desk in his office? If he
could have plausible deniability couldn't they get stolen and leaked without
him really getting in trouble?

This may seem like a stretch, but when you consider the government is using
secret interpretations of laws how is it any different than what they are
doing?

~~~
FedRegister
>This may seem like a stretch, but when you consider the government is using
secret interpretations of laws how is it any different than what they are
doing?

The difference is that they have the guns, the tanks, and the full weight of
the Department of Justice behind them.

------
frank_boyd
As long as we don't have a statement from either the government or Lavabit, we
can only speculate. The most reasonable thing is then of course to assume the
worst - complete surveillance of all customers. The rest is pretty much
details.

~~~
coldcode
Until we get someone to risk going open with this we won't ever know. You
can't fight a secret law in secret very well. But only people served with a
secret demand has standing to challenge it. The barriers are too high as long
as the Government can keep the secret. Once it's out of the bag you have more
options in court. But you also risk everything they can do to you in secret.

Secrets have no place in a "democracy".

------
justanother
Kickstarter idea: $xxx,xxx for the network operator who sniffs network traffic
that discloses the basis for the Secret TSA ID law. Goose, gander, etc. I'd
happily kick in 1%.

~~~
nwh
Accepting the money would be a death sentence, essentially. Nobody would do
it.

------
kordless
A device or piece of software designed to sniff the mail server to mail server
connections would also be an option for broad based surveillance. Only a
handful of mail providers (like Google) have the option to encrypt traffic
server to server. Most mail servers transmit messages in the clear to each
other and only encrypt the server to client side.

~~~
zokier
> Only a handful of mail providers (like Google) have the option to encrypt
> traffic server to server.

SSL/TLS is available for everyone.

> Most mail servers transmit messages in the clear to each other and only
> encrypt the server to client side.

I hear this again and again, but I can't really find any data that confirms
this claim one way or another. Anyone on HN running their own mailserver
wanting to comment on how large portion of connections get encrypted?

~~~
danrik
The entire email transation between a sender and a recipient usually looks
like this:

Sending Client [--A---> Sender SMTP Server [--B---> Recipient SMTP Server
[--C--> Recipient IMAP/POP server <\---D----] Recipient Client

Connections A and D are easily possible to encrypt, provided your provider
provides SSL/TLS on their SMTP and IMAP/POP servers. Most usually do.
Connection C is usually local to a single machine, or for large email
providers will go over an intranet of some kind.

What is at issue is connection B, which goes over the public internet. That is
almost always in clear text, as most of this infrastructure was designed 30
years ago and hasn't evolved much since then. If you are sending email within
a single provider (e.g. sender@gmail.com to recipient@gmail.com), such
delivery can be trivially encrypted.

~~~
zokier
> That is almost always in clear text, as most of this infrastructure was
> designed 30 years ago and hasn't evolved much since then

Email has definitely evolved since it's inception. STARTTLS (RFC3207) is the
relevant standard here.

~~~
bigiain
I don't suppose anyone has any stats (or even educated guesses) about how many
mail servers you'd not be able to connect/send to if you enforced TLS
connections from your outgoing SMTP server (as in, refused to send data to
servers that didn't respond appropriately to a STARTTLS command)?

~~~
tedunangst
Having run a mail server that used to have a self-signed cert and that now
doesn't offer starttls at all, I can tell you I experienced zero failed
deliveries (well, nobody has ever complained, and I still get all the mail I
expect to get). Maybe incoming mail will use starttls if available, but if
it's not (mitm, fake mx record, etc.) the remote server isn't going to stop.
It just delivers in plaintext.

I mean, it's trival to see this is true. Open up your mail server's
configuration file. Where's the line that specifies trusted root CAs for
relaying to remote servers? Oh, there isn't one? So how does it verify the
chain of trust?

(I realize I didn't quite address your question. Solid answer: at least one.
But I'm fairly confident the number of server configured as you suggest is
extremely close to zero.)

------
callesgg
This article gives no new information, it is stupid.

Now i will speculate:

As long as he does not know his customers passwords he can't retroactively
view the customers mails, once the mails have been encrypted and the plain-
text thrown away the stuff is unreachable.

So the US gov probably wanted him to save his customers passwords when they
logged in.

~~~
m8urn
Right and the important point being that this isn't just about sniffing his
network, it is the most invasive surveillance possible that would make his
whole business a lie. The point of the article was to go through the logic to
show that this would have been the only possibility for what they requested
him to do.

------
mankyd
This article seems to speculate on things that are not necessarily true. It's
possible that the government simply told him that he had to be able to supply
information arbitrarily on demand without an explicit warrant. This does not
mean that they required him to install their own software on his machines.

Of course, one certainly still argue that this a line that the Government
should not cross - I'd wholeheartedly agree with that. However, statements
such as “We’ve had a couple of dozen court orders served to us over the past
10 years, but they’ve never crossed the line,” do not imply that the
government required him to install software or otherwise compromise his
security in a way that he was not already able to do.

~~~
m8urn
That's actually the whole point, in the past he complied with warrants because
there wasn't much he could supply in the first place. Yes there is a lot of
reading between the lines here, but there was a clear line they crossed. In
other words, he would no longer be able to just turn over a bunch of encrypted
emails, this was a full compromise of the security he had in place.

If you look at the quotes he made, he strongly hints that this affects all his
users, that they want to collect data for later review, and that they would
have the ability to decrypt any emails they wanted. Yes, there is a lot of
speculation going on here, but it is based on facts--what they technically
would be able to do based on how Lavabit worked.

Edit: this wasn't just some casual speculation, I did quite a bit of research
on this and carefully reviewed every statement he has given to the press. I
carefully analyzed their infrastructure and encryption techniques. I'm fairly
confident with my conclusions.

~~~
mankyd
What I don't see is these three statements:

1\. Force Lavabit to provide their private SSL keys and route all their
traffic through a government machine that performed a man-in-the-middle style
data collection; 2\. Change their software to subvert Lavabit’s own security
measures and log emails after SSL decryption but before encrypting with the
users’ public keys; or 3\. Require Lavabit to install malicious code to infect
their own customers with government-supplied malware.

It sounds like he already has the ability to comply with demands for
information. I don't see where this new stipulation by them requires any
meaningful change to his existing infrastructure.

~~~
m8urn
Again, that's the whole point. He _wasn 't_ able to provide them with what
they wanted, and doing so meant that he either had to allow them to intercept
messages (or passwords) on Lavabit's application servers, which is the only
place they could be intercepted. Doing so would require either impersonating
their servers through a MitM or code changes on their server.

I do acknowledge in the article that this could simple be an overhyped
reaction to placing a black box on his network, but the statements Levison
made seem to indicate otherwise. And hey I could be wrong about this whole
thing, it still is largely speculation based on circumstantial evidence.

