
Silent Circle removes warrant canary - n1000
https://techcrunch.com/2016/07/05/silent-circle-silently-snuffs-out-its-warrant-canary-but-claims-its-a-business-decision/
======
StavrosK
I work for silent circle, as a backend developer. I speak for myself, and not
the company.

As far as I know (and, sure, I may not know, although if someone wanted
something from the server I'm one of a few guys that could get it), we haven't
received any letters. What makes me even more confident, though, is the fact
that there really isn't much data to give. All we have is some ciphertexts for
attachments, and messages aren't retained, even encrypted (why would they)?

We don't even log IPs or other personal information, so I'm not sure what
usefulness an NSL would serve.

Anyway, this is not an official company stance, I just wanted to comment about
my personal experience because I see some speculation here.

~~~
mikestew
_I speak for myself, and not the company._

As soon as you said "I work for that company", you speak for them, whether you
like it or not and no amount of disclaiming changes that in the mind of the
reader. Additionally, you went on to explain things that only someone that
works there would know, so you _are_ explicitly speaking for the company. I'd
normally recommend that an employee delete such a post, perhaps explaining the
error. Given that it involves an NSL, I recommend this action more strongly
than I might normally. Ask yourself, "what do I and the company have to gain
from such a post, other than getting to sound like an 'insider' on HN?", and
then ask "what's my worst possible outcome of posting such a thing?" Weigh the
two, choose a winner.

As a warning to others, one should always ask themselves if they are posting
outside their wheelhouse for an ego boost, or if it truly helpful information
to others and to the company. Useful advice in the general case, IMO, but
especially if you're posting in reply to "my company's in the news". I
generally just shut the hell up and let the PR people handle it. Especially
when you're an IC or middle-manager, 'cuz odds are that you don't have the
full story.

~~~
tptacek
I'm not sure what the point of this comment is, but want to chime in to say
I'm always happy when people directly connected to stories on HN take the time
to shed what light they can on them. I'm kind of repelled by the instinct we
have to tear those people down.

~~~
mikestew
_I 'm kind of repelled by the instinct we have to tear those people down._

Sorry you took it that way. Myself, I'd hate to see our desire for gossip
overrule wishing to avoid folks having a difficult conversation with their
manager. Maybe not in this case, but if enough people from various companies
start posting out of turn on public forums when they as individuals don't know
the whole story, someone's going to wake up to a bad day. It's one thing to
comment on "MSFT Announces new, cool widget thingy": "I worked on that, and
what a long road we've travelled!" Quite another when the headline is "Google
writes down $4 billion on stupid acquisition", and "I work Google, but I only
speak for myself, and I think..." Any whiff of controversy and I'd say just
stay out of it.

But it's just advice, do what you like with it, including ignore it.

~~~
pjlegato
Gossip is, by definition, unreliable secondhand (or greater) rumors. If he
actually works there, it's firsthand and therefore not gossip.

Perhaps more people should have difficult conversations with their managers.
Or perhaps his management supports, or at least actively doesn't care about,
these sorts of posts? We have no idea.

Surely as an adult, he can decide that for himself, without being subject to
sermonizy advice meant to take care of his own interests for him because he's
deemed incapable of doing it himself.

------
jakobdabo
Current warrant canaries are useless, it's a one time fuse. We need new,
better, recurring (i.e. monthly) warrant canaries of different types (common
canaries, individual canaries for each user). I want something like this
everywhere:

    
    
        Jan 2016 - we haven't received any NSL
    
        Feb 2016 - we haven't received any NSL concerning your account
    
        Mar 2016 - we haven't received any NSL
    
        Apr 2016 - 
    
        Jun 2016 - we haven't received any NSL

~~~
matthewmarkus
I've always wondered if there is a side-channel that could be used instead of
a warrant canary. More specifically, my understanding is that witnesses have
Miranda Rights. Therefore, couldn't a company promulgate a process whereby
they'll publicly solicit bids for legal counsel should they receive a NSL? If
they start asking for bids, you can assume they've received a NSL. If not,
then no NSL has been received.

Any lawyers in the house?

* Edited slightly for clarity.

~~~
solotronics
What if you told everyone that you would probably retain a specific lawyer if
you were served a warrant such as this. If your company retains that specific
council and makes a post on your website I don't see how that can be
misconstrued as a warrant canary.

~~~
burkaman
The law says you can't disclose that you received a letter, and in this
context making a post on your website would clearly be a disclosure. You would
be required to simply hire the lawyer without making an announcement.

~~~
matthewmarkus
How about company Y declares they may hire law firm X if they receive a NSL
and law firm X subsequently releases a press release stating that they've been
hired by company Y?

~~~
burkaman
It still clearly violates the spirit of the law. I guess in this case the
government could argue that your attorney represents you; you're still
effectively making a disclosure. I think it would be pretty much unheard of
for a law firm to unilaterally announce a new client, so it's not like you
could claim you didn't know it would happen, or it was out of your hands.

I just don't think it makes sense to look for a loophole here. That's not
really how the legal system works, especially in these kinds of national
security cases. If you make some conscious decision at some point that ends up
informing people of a NSL, that's disclosure. There's no way around it.
Setting up a system beforehand probably makes things worse, since you're
proving that you fully understand the purpose of your actions and the spirit
of the law.

~~~
matthewmarkus
Well, I guess at some level, I think NSLs violate the spirit of the law. Thus,
it is worth examining the issue.

I particularly like the above structure because it separates the hiring of the
firm from the disclosure of the NSL to the firm. In fact, you might choose to
never actually disclose the NSL to the hired firm! Since the firm doesn't
necessarily know the reason they're being engaged, they're not making a
disclosure either.

I imagine an organization like the EFF could make it a policy to publicly
disclose when they've been hired or terminated by a client.

I find it all very interesting...

~~~
schoen
> an organization like the EFF could make it a policy to publicly disclose
> when they've been hired or terminated by a client

I've worked at EFF for a long time and I don't believe EFF could adopt such a
policy as a matter of prudence -- or legal ethics. I can tell you that there
are many reasons that lawyers will regard the existence of conversations,
client intake, consultations, and representation relationships as
confidential. In fact, they see that as an important principle of legal
ethics.

You can see some discussions of the confidentiality of the fact of legal
representation as a matter of legal ethics at

[https://www.google.com/#q=legal+ethics+"fact+of+representati...](https://www.google.com/#q=legal+ethics+"fact+of+representation")

Many times, EFF has to talk to clients and prospective clients about matters
that, for a variety of reasons, it's not EFF's place to make public. Just as a
start, it's important that people feel comfortable talking to our lawyers when
they have questions about their rights in a particular situation, whether or
not we end up going to court for that person, and knowing that the matter
won't end up in the press or be revealed to other parties as a result of those
conversations. Lawyers can also become subject to protective orders issued by
courts specifically instructing them not to reveal information about a case.

Legal matters are sometimes embarrassing. Many people who've been sued,
arrested, indicted, investigated, subpoenaed, or who anticipate a possibility
that one of those things may happen, aren't necessarily keen to draw any
further attention to the situation. Often, people involved in legal issues are
quite anxious and distressed about what's happened to them. Sometimes people
ask lawyers for help dealing with other people's improper disclosure of
personal, private information, and naturally don't want their lawyers to draw
more public attention to what's happened.

And people who are considering filing a lawsuit, giving information to a
journalist, launching a new product, introducing or changing a corporate
policy, or responding in some way to a government request, among other things,
may have various acknowledged and alleged duties and responsibilities to other
people. Announcing or implying that a particular legal case, issue, or
situation exists or that a person is taking legal advice on a certain matter
could have significant repercussions. It could lead to claims that someone has
breached a duty of confidentiality, or it could damage personal or business
relationships.

This isn't an exhaustive list of reasons that lawyers will keep confidential
the _fact of representation_ or the fact that a prospective client has sought
legal advice (whether or not the lawyer ends up representing that client on an
ongoing basis), but hopefully it helps to illustrate that this is something
that lawyers take seriously as an ethical matter.

~~~
matthewmarkus
I might go with something like this:

 _" We, corporation X, hereby declare as a matter of public record that our
counsel of choice in any criminal proceeding pertaining to a NSL is the EFF.
This notice constitutes prior informed consent to any advertisement featuring
us as a client of the EFF should we chose to retain them."_

------
swordswinger12
I have an honest, and probably dumb, question: how do warrant canaries
actually avoid the prohibition against disclosing the receipt of a national
security letter? Like, how is taking down a warrant canary legally dissimilar
from just tweeting "we got an NSL"? If it semantically "means" the same thing,
then why is one illegal and one legal?

~~~
joekrill
I think the idea is that a warrant canary is regularly updated. And the fact
that it is NOT updated would be an indicator that a warrant (or whatever) has
been served. So it's the INACTION that triggers it, not an actual action (like
tweeting).

~~~
ocdtrekkie
I suppose for that you would need to say "We have not received a letter as of
$date" and then stop updating that date. The current notion, adding a line
you'd remove if you did receive one, may be still an action, if it's part of
your default reporting.

But I don't believe warrant canaries "actually work" in practice.

~~~
mikeash
Yes, the apparent standard practice of just saying "We haven't received a
letter" and then removing it if one is received makes no sense to me. Much
better to have something you regularly update, and then stop updating it. The
government could nab you for deleting something, but they might have trouble
forcing you to update your declaration with false information.

~~~
dawnerd
Agreed. Although I wonder if removing cron or similar to update the date would
be the same as removing the message legally speaking. I doubt these companies
would have someone go in every day and bump the date. Then again that might be
a good thing to outsource.

~~~
mikeash
I don't think automating it would be a good idea. I'd say update it monthly or
quarterly (so it's not too burdensome) and do it entirely by hand. Then when
you receive a letter, just cease to do that.

------
AdmiralAsshat
Warrant canaries have outlived their usefulness. Did anyone stop using Reddit
when they removed theirs? Or Apple products, when they removed theirs?

~~~
cbsmith
I'm sure some people did. Probably the same number of people who _started_
using them because the canaries were there.

However, that doesn't mean users haven't changed their behaviour in response
to warrant canaries.

It's just not a lot of people, and it isn't clear we want it to be that way
either. We don't want there to be a disincentive for companies creating them.

~~~
knowaveragejoe
To continue this line of thinking, the case can be made that warrant canaries
could be used to flush out a subset of users from a service, among whom are
those that would be considered "interesting" by intelligence agencies.

~~~
cbsmith
I mean... realistically, what is the point of using a service because of a
canary if you didn't think about what your plan would be if the canary
disappeared?

------
zekevermillion
I'm not sure warrant canaries are particularly useful anymore. Yes, it's nice
to know when a company has received a secret order or request for cooperation.
However, _any_ company that stores user information is going to receive such
an order or request at some point, it's practically inevitable. Furthermore,
one can never be assured that a canary is entirely reliable as a signal --
just look at the other comments with conjecture as to why a canary might be
removed. Thus I would conclude that the use of a warrant canary should not be
taken as conveying any useful information about a company, or not any more
useful information that a mere marketing statement that they are sympathetic
with user privacy concerns.

~~~
pavel_lishin
> _Furthermore, one can never be assured that a canary is entirely reliable as
> a signal -- just look at the other comments with conjecture as to why a
> canary might be removed._

I would treat the removal of a canary as I would a fire alarm. Sure, it's
possible that it's a business decision, just like it's possible that the fire
alarm is a false alarm. But I'd rather make the assumption that is most likely
to protect me.

~~~
zekevermillion
Fair point. I would make that assumption from the beginning though, regardless
of whatever the service provider tells me. It's a shame though, as the warrant
canary is such an ingenious legal device that I have to admire it even as I
doubt its usefulness.

~~~
pavel_lishin
But if you make that assumption from the beginning, you can't use any of those
services. It's like assuming that every building you enter is on fire.

~~~
zekevermillion
You can and (probably) do use many such services, and they're all going to
give up your info as soon as any governmental authority asks nicely. It's a
trade-off that many of us who aren't Richard Stallman make everyday, for
example to use gmail. Or even the postal service. I throw out all kinds of
personal mail in my garbage, and if anyone has read it (aside from the
occasional raccoon in search of rotting pizza) I would be surprised but not
terribly alarmed.

------
mirimir
I can't imagine that it costs very much to host a warrant canary. They had
one, and took it down. So arguably they've either been pressured, or have
decided that it was sending the wrong message about them. "Meh, who cares?"
doesn't seem very likely to me, given their history and image.

------
ams6110
_not related to any warrant for user data which we have not received._

Interesting choice of words.

------
anonbanker
Bail.

We need to crash the company in order to give these guys plausible deniability
when they do not cooperate. The company will die, but another will be created.
Their freedom is on the line.

Abandon ship, citizens. Your Bill of Rights commands you.

------
2close4comfort
After the departure of Mr Callas this probably further proof of the decline in
Silent Circle more than anything. Too bad...it showed promise. Probably too
close DC to really affect change.

~~~
nickpsecurity
It had friggin Navy SEALs in it's advertisements. They know what we need
because they were in the field and needed secure comms. Help run the business,
too. All that told me is anyone concerned about Five Eyes surveillance better
run.

~~~
dexterdog
The founder and original CEO was a SEAL.

~~~
nickpsecurity
Didn't know that. Icing on the cake of my claim. Not even me having anything
against SEAL's: two in my family with one decorated. I just have to assume
their loyalty will lead them to side with military or intelligence over
Constitutional principles. It would be different if code was all open,
jurisdiction + servers non-US, and review by mutually-suspicious parties. Then
I could focus on product more than the subversion risk of people or country
involved. Lacking any of these, there's residual risk.

~~~
woodman
Imagine a long hallway segmented with closed doors, where each door represents
a decision made during a mission. As you continue walking down the hallway,
opening doors, the morality of each decision becomes more difficult to square
with your original frame of reference. Finally you encounter a door that you
decide to leave shut.

That is roughly how it works, self selection. The SF groups that, to put it
charitably, operate under legally ambiguous circumstances are people who know
each other really well, and they only invite in those who are a known
quantity. There isn't any kind of laboratory-prisoner-execution/choose-the-
red-pill sort of test, the evaluation occurs continuously in the daily
performance of one's duties.

SEAL teams are, relatively speaking, high profile SF - and therefor much less
likely to be tasked with strictly illegal and morally objectionable missions.
I have a lot more trust in someone who has SEAL team affiliation towards the
end of their military service. They've walked the hall and stopped opening
doors pretty early on, so they're a well measured quantity.

Also, it is my experience that veterans with combat action ribbons are far
less likely to mindlessly appeal to state authority or be swayed by
utilitarian justifications. Of the dozen guys I've kept in touch with, most
are libertarians and a few are anarchists. I guess seeing the ugliest side of
the state will flip a switch :)

~~~
nickpsecurity
Interesting points. Your view on the evaluation process matches my
observations of them and their organizations. The only problem is, with that
background, what happens to average one when Uncle Sam needs them to kick open
another door to protect America or other SEALs? And promises that backdoor
will only be used by our spooks with no damage to American or other users?

I know that some would say no. I don't know how to tell ahead of time. It's a
hard, general problem that's all probabilities and personality. Yet, with
them, it's even harder.

~~~
woodman
The system is designed in such a way that such a scenario doesn't happen,
because once you indicate an unwillingness to open that door - you aren't
expected to ever open that door (and you're unlikely to be offered the
opportunity). You will just continue to operate at the level of your last door
opening. This isn't unique to SF, you see this sort of continuous evaluation
occur in the corporate world as well.

That is how you end up with a spectrum of SF groups, where some are tasked
with difficult but clearly whitehat missions (the bulk of well known SF),
illegal but debatably moral grayhat (some known SF but mostly units operating
under cover designations), and finally the blackhats that rise to Hollywood
level evil (basically Apocalypse Now with no paperwork). So for a late career
SEAL the probabilities are pretty good for someone to land between lawful-good
and neutral-good. Those are infinitely better odds than what you'd get with
some random businessman.

I'd probably share your concern if the military was full of utilitarian
statists, but strangely enough it is the direct opposite... well, except for
flag officers - they can get a little kooky.

~~~
nickpsecurity
"This isn't unique to SF, you see this sort of continuous evaluation occur in
the corporate world as well."

You're implying the Old Boy network effect doesn't exist. Whereas you discuss
it in other posts. This is a concern to me even if I accept the arguments
about what their views are likely to be on average walking out of the SF
community. When the effect applies, they're often working for each other or
previous groups as much as the current one.

~~~
woodman
> You're implying the Old Boy network effect doesn't exist.

Kind of, but not really. One is monolithic and the other is stratified in such
a way that loyalty does not transfer to the superstructure. Consider the
relationship between the US Navy and Red Cell - a perfect, and largely public,
example of the compartmentalization and transferability of loyalty.

> ...or previous groups as much as the current one.

And since the order of potential group membership and level of potential
shadiness is so well defined - that is a pro rather than con when the last
group to which one was a member can be determined.

------
curried_haskell
I love how when a canary goes down, everyone's arguing about what it means. Of
course if the company received an NSL they won't confirm it and will lie about
the canary to protect their business. Why should we take their statements at
face value?

The canary is gone. They have received an NSL. If we don't assume this, then
what the fuck was the point of the canary in the first place?

------
bitxbitxbitcoin
After the last missed warrant canary update, some internal decision was
probably made to scrap the warrant canary altogether. Big mistake.

------
codezero
This is kind of off topic, but afaik, warrant canaries have never been tested
in court.

It seems very unlikely, given the pervasiveness of NSLs that all orgs still
using canaries have never received an NSL. Has anyone collected a list of all
the companies with canaries?

------
hendersoon
National security letters can't compel Silent Circle to actually lie. That's
key. So we are faced with two possible scenarios.

1) They're telling the truth, didn't get any warrants, and (nearly beyond
belief!) decided to retire their warrant canary with a completely silly and
unfounded justification, leading clueful observers to believe they're
incompetent fools.

 _or_

2) They're lying on their own recognizance and are deliberately collaborating
with some three-letter agency to compromise their users' privacy, contrary to
the very justification for their company's existence and betraying their
customers' trust.

So. Fools or traitors. Shall we flip a coin?

Either way, if you care enough about your privacy to buy a Blackphone in the
first place, time to remove the battery and toss it in the bin.

------
cordite
I've been using Silent Circle's black phone 2 for almost a year now, and it is
a rather terrible experience.

They are ahead on app-specific permission denials, but they have hardly any
sense of decent QA for their SilentOS.

Previous updates had power regressions where the phone would be dead from a
full charge within 8 hours. Took 3 months for them to fix that. Most recent
update no longer has a functioning headphone jack, and will forget all
bluetooth paired devices on reboot. It also is crashing after 15 minutes of
map usage as it seems to overheat.

Perhaps they may do better in the future, but I won't be staying with their
product and services for much longer.

That said, it seems like the explicit update-system they run for their own
software and the operating system would lessen the likelihood of an on-demand
compromise from a state agent to an individual's device. Though it's not like
the individual can do anything besides trust that the signed packages are
authentic.

~~~
chrsstrm
>will forget all bluetooth paired devices on reboot

OT but asking because I'm genuinely curious, if your goal is to have a "secure
phone," why would you be pairing it to peripherals via Bluetooth? Or maybe am
I misunderstanding "secure" in this case? The marketing speak on the the
Blackphone 2 site seems more about "privacy" than security.

~~~
cordite
A smart watch for notifications. Having voice reply is useful.

------
bogomipz
Can someone explain how a canary is implemented in software exactly?

~~~
medecau
Did you receive a National Security Letter?

No? Okay, I'll update the date. Canary date is updated.

Yes? Okay, see you in the after-life I guess. Canary update process dies.

~~~
bogomipz
Thanks

------
Sir_Substance
>I think American authorities can tell the difference between what they do and
the Stasi.

Of course they can, they're protecting their nations chosen way of life, while
the Stasi were oppressing citizens who dared resist the status quo. The
difference is clear.

~~~
ghurtado
> The difference is clear.

That's either some fine quality sarcasm, or I'm going to need some help
understanding the difference between the two.

Didn't you just describe the same job from two different points of view
(opressor vs opressed)?

------
fatdog
The naivety of warrant canaries shows a kind of desperate denial, especially
in the wake of Snowden. Warrant canaries are more about preserving the myth of
a principled legal system than a real rebellion against deep state
surveillance.

I think people cling to the fiction because the alternative is too awful for
them to bear. We've gone from denial to a bargaining phase, where we come up
with little technicalities that might preserve our beliefs. Next will be
anger, and then a polarization of how people act on their eventual acceptance.

As someone who has seriously evaluated buying a blackphone and support SC in
principle, I couldn't bring myself to do it. It's not just them, they're just
the most viable and so they catch all the criticism from nerds like me. I
wanted a physical lens cap, hardware switches for all microphones and all
radios, a removable microSD key module, an option to use the 2nd sim slot as a
custom javacard crypto module, a hypervisor for android versions (which I
think they have something like) a key management spec published in BAN logic,
and the moon. The moon would do.

Basically, I wanted the AR-15 platform of smart phones, where the baseband
processor is just the lower receiver. Said nobody who wanted to make money
ever.

i am not against them, but I do think SC, wickr, whatsapp, firechat, and
privacy companies like them need a narrative pivot. The tech will be valuable,
but real market fit depends on popular acceptance of a state level threat
model - or at least a desire to be seen as against it.

Today, it's the electronic equivalent to wearing a motorcycle club patch.
Yeah, lots of military and law enforcement and regular folks are in motorcycle
clubs, but it's a statement. Privacy apps today are a shibboleth with negative
skewed optionality.

One of these companies could become the harley davidson of privacy platforms,
(whatsapp is close) but that's the upside. An aging rebel brand torn between
loyalty and relevance.

The user base for these niche, qualitative difference apps is not unlike the
story of indie record labels back in the 80s. Outsider identities, alternative
social networks with their own shibboleths. If anyone can figure out who ever
got rich off goth, the business model for privacy tech might be within reach.
For now, privacy is just an effects pedal and some shitty makeup for bland
suburban consumer apps.

The warrant canary issue is a romantic misunderstanding of law, markets, and
politics, and the issue is the least important thing about a company like
Silent Circle.

~~~
headShrinker
> The warrant canary issue is a romantic misunderstanding of law, markets, and
> politics, and the issue is the least important thing about a company like
> Silent Circle.

Misunderstanding of...? If it disappears it's either 'a business decision
and/or NSL or just a NSL. What's the misunderstanding? There are some people
who are more relaxed about Trump proclaiming that he "hates protestors'. I am
not. When someone says they hate protestors, I set warrant canaries on all my
websites. This is a scary time and warrant canaries are literally the least we
can do. Furthermore when someone removes a warrant canary then explains it as
"a business decision" whatever the actual reason, they have told you the type
of company they are; a company that removes warrant canaries.

------
dlmetcalf
"not related to any warrant for user data which we have not received"

vs

"not related to any warrant for user data, which we have not received"

~~~
dlmetcalf
Not calling it, just pointing that out.

------
794CD01
Members of the US military swear to support and defend the Constitution of the
United States against all enemies, including domestic ones. Just because your
family members might be oathbreakers doesn't mean everyone in the military is.

~~~
dang
> _Just because your family members might be oathbreakers_

Personal attacks (which attacking someone's family is) are not allowed on
Hacker News. Please don't do this again.

We detached this subthread from
[https://news.ycombinator.com/item?id=12038978](https://news.ycombinator.com/item?id=12038978)
and marked it off-topic.

~~~
794CD01
Are personal defenses, like mentioning your own family similarly not allowed?
Or do the rules just make that an irrefutable argument?

~~~
dang
Not sure I understand your question, but sharing personal experience
(including family experience) in good faith is more than fine.

~~~
794CD01
That's okay. It was primarily a rhetorical question anyway.

