Hacker News new | past | comments | ask | show | jobs | submit login
Reddit removed NSL canary from 2015 Transparency Report (reddit.com)
941 points by yk on Mar 31, 2016 | hide | past | web | favorite | 284 comments



This reminds me ... the rsync.net warrant canary[1][2] is ten years old this month.

I was hoping that it would be irrelevant after all of these years...

[1] https://www.rsync.net/resources/notices/canary.txt

[2] https://en.wikipedia.org/wiki/Warrant_canary#Usage


I didn't know Australia outlawed warrant canaries. Luckily, it looks like that actually only outlawed journalist warrant canaries (so a company couldn't use a warrant canary to say that a journalist was investigating one of their customers).


I gather from stuff like the quote on Wikipedia pasted below that there is doubt about the protection from prosecution that canaries give you. But I'm finding that hard to believe. What about if it's literally a picture of a canary you remove, rather than any actual sentences, and you don't say anything about it? Or you change it to a cardinal (red) one day? Or you give a string of 1s and 0s with the understanding that the proportion of 1s should be interpreted as the probability that you've been subpoenad? Would the court's decision depend on the belief in the general population about the semantics of the page decorations?

  Bruce Schneier wrote in a blog post that "[p]ersonally,
  I have never believed [warrant canaries] would work. It
  relies on the fact that a prohibition against speaking
  doesn't prevent someone from not speaking. But courts
  generally aren't impressed by this sort of thing


I'm not sure about the actual protection but your explanation sounds more like how a programmer thinks than how a law person thinks:

What matters, ultimately, is not just the thing itself but the context in which it is used and presented. If I announce that "picture present" means "no" and "picture removed" means "yes", the presence or removal of the picture still acts as a communication system and its use is likely considered a form of communication by the law.

However what makes canaries special is that mere removal or absence is ambiguous in that it can be unintentional. The question then is whether this is more akin to changing your response from "No" to "No comment" and whether this change itself when you have previously announced you will always answer "No" as long as it is truthful already indicates "Yes" (thus violating the gag order).


It's hard to swallow that the courts could force someone to lie.


They wouldn't force you to lie, they'd punish you for communicating something you've been ordered not to. 'You' didn't have to set up the canary in the first place.


Well...

It's really icky to punish someone for doing something that wasn't a crime at the time and place it was done. If you create a law that prohibits visiting a park at night, you shouldn't retroactively punish half the population for having visited a park at night. This stuff is UN human rights stuff, and often the norm in sensible justice systems.

Drawing on this, it's not currently illegal to publish a warrant canary. If it's not illegal, you can't be punished for it now. If you can't be punished for it now, in a sensible justice system, you can't be punished for it down the road either, as long as you stop doing it before it becomes illegal.

What they could argue is that by ceasing to publish the canary, you're committing the crime of communicating something you're not allowed to communicate. That, however, skirts dangerously close to forcing someone to lie.


> What they could argue is that by ceasing to publish the canary, you're committing the crime of communicating something you're not allowed to communicate. That, however, skirts dangerously close to forcing someone to lie.

This was my point, but the issue seems to me not about them forcing you to lie but rather about you setting up a system that you know will either force you to lie, or to break a court order by communicating something you were ordered not to. The only point of a warrant canary is to try to bypass the intention of a potential future court order.


> you setting up a system that you know will either force you to lie, or to break a court order by communicating something you were ordered not to.

Which is not illegal, and therefore cannot be punished. I wouldn't be surprised if they make warrant canaries illegal (they are already in Australia?) for this reason, and it sorta kinda makes sense, but it also sucks.

Edit: though I guess you could argue that "preparing to break a court order" is some sort of crime, but

1. It's in this case equivalent to making warrant canaries illegal, and

2. Laws that are punished only occasionally are the scariest thing.


This is called ex post facto law, and is in fact unconstitutional in the US (https://en.wikipedia.org/wiki/Ex_post_facto_law#United_State...). The interesting thing is that the whole forcing someone to lie thing could be used to create a legal catch-22 where if one tells the truth they are punished AND if they lie they are punished.IANAL, but it would seem to be a logical possibility.


By establishing the canary, you are intentionally putting yourself in a position such that in the future you will be forced to lie or commit a crime.

That said, meta-censorship is pretty icky regardless.


"...skirts dangerously close to forcing someone to lie..."

Which opens a whole other can of worms. Telling a lie is not illegal. However the impact of that lie might result in loss to a third party - and that would need to be reconciled.


Depends on the person to whom the lie was told.


Fine let's assume the actual transparency report is in and of itself a warrant canary. My hypothetical company releases transparency reports every month and stops as soon as I receive an NSL. A company who has not received an NSL may also choose to stop or never start in the first place. Where does this fall?


Exactly. Imagine if Reddit's transparency report included a fat canary. Something like:

The data for the following users (as of December 31 2015) has not been subpoenaed:

  /u/mike_pants
  /u/the_starship
  /u/SlimJones123
  /u/n3rdopolis
  /u/mrbabyman
  /u/GreedE
  ...
Individual users could determine if they've been the subject of a subpoena and I suspect that kind of cleverness wouldn't impress a judge.


Take it a step further and you could say "since date 20xx-xx-xx until now" for each user and really piss off a judge with your cleverness. After all, youre not saying when a user's info was subpoenaed, but the range of dates when it wasnt.


They don't have to force you to lie, they can perhaps compel you to cooperate with law enforcement by either handing out the signing keys or by signing a message prepared by law enforcement.

Law enforcement doesn't have to tell the truth all the time, and deception is constantly used through out the legal system.


Then as a similar tactic, include a sentence at the bottom like "this report was written entirely by employees of X Corp, without the influence of any government entity". Unless the law can then force you to take on the government agent, that should make your first problem go away, right?


The SEC doesn't mind if you cancel a planned stock sale as an insider - 'no insider trading without a trade'. It's an entirely plausible that there's "no speaking about a gag order without speaking".


Courts (especially in the US) have been known to equate all kinds of things with speech, so it's not unthinkable to equate the symbolic act of NOT doing something with a form of speech. Not standing for the the national anthem or Pledge of Allegiance, for example. So in THEORY a court could rule that the act of not doing something you might be expected to do, such as include a warrant canary, is still a form of speech, and in doing so you are violating your gag order.

Still, all theoretical and purely speculation, because as far as I know this has never been tested in court.


Part of the Apple all writs defense was the government can't force you to speak as it is a violation of the first amendment.

I do agree with the quotation though. I have a hard time believing government wouldn't somehow figure out a secret way to violate your first amendment such that you have no legal recourse.


> The SEC doesn't mind if you cancel a planned stock sale as an insider

Actually, they do tend to mind, and they will scrutinize you much more intensely if you engage in insider not-trading... it's just there's not much they can do about the non-sale in and of itself.


It's the whole positive and negative proof thing again. But the way it was dealt with in Australia is that you cannot even set up a canary (it's against the law to make any statement about whether or not a journalist warrant exists -- regardless of whether or not you told the truth). Is that a bit messed up? Yes. Do we have even more messed up laws than that? Definitely, the most chilling of which is the anti-whistleblowing laws (journalists and readers can be held accountable for disclosures of ASIO [Australian NSA] internal workings).


Yishan just posted this a followup that I think is quite interesting[1].

Excerpt: "If you get an NSL, you're gagged. You can't talk about it. I can say that during my time we did not receive any National Security Letters. /r/ekjp was able to say in her Transparency Report for 2014 that they never got any. Apparently in this 2015 report they are not saying that."

[1] https://www.reddit.com/r/yishan/comments/4cub02/transparency...


I am interested in what Yishan has to say about Amazon AWS

https://www.reddit.com/r/yishan/comments/4cub02/transparency...

Does that inform anyone's choice of cloud infrastructure?


Until we get workable homomorphic encryption, the bit about encrypted machine images is (charitably) optimistic. I wrote about this a year ago: http://blackkettle.org/blog/2015/02/19/youve-got-to-trust-yo...


Unless you're willing to trust the hardware manufacturer, at which point something like Intel SGX could be a runner.


You also have to trust your VM host not to provide an emulated SGX (which is what https://github.com/sslab-gatech/opensgx is, unless I'm very much mistaken).


I think you're mistaken. Intel provides infrastructure to ensure you're talking to an enclave running on an actual Intel machine, and you can then do a remote attestation to verify the contents of that enclave.


I thought this was well known already? if you send your data to someone else's server (even if you are renting it), there is no way you can be reasonably sure it will remain untouched.


Based on spez's language, is it safe to assume that a NSL has indeed been received? That's my interpretation (and it seems that of other reddit commentors too).


CEO of Reddit Steve Huffman, username "spez", writes:

"I've been advised not to say anything one way or the other." [1]

when asked whether he withdrew the canary voluntarily. The comment directly beneath sums it up:

"In case anyone is still confused or in disbelief, this is where he confirmed it. He really can't say it any more clearly without teasing the law to go after him."

[1] https://www.reddit.com/r/announcements/comments/4cqyia/for_y...


I do not believe that a canary can be a reasonable defense for "Oh I didn't say anything"

There's two situations here: Either the gov't doesn't care that you say you got an NSL (without specifics on time/subject), or they do care.

If they do care, discussion with judge:

- Did you say you got an NSL, despite there being a gag order?

- Well I didn't not say anything

- You had previously had a communication strategy set up to communicate when you would get an NSL

- ...

- So you did say it.

Case where the gov't doesn't care that you mention you got one (given you hide the time/subject through delays):

- Why did you do all the crazy stuff to tell people instead of just telling people?

- It was funner this way

Is the canary really a legal defence? I can only imagine that no, it isn't. At best it lets you imply that you got an NSL even if you didn't (oops we removed it from the template). At worst you're facing the same legal issues as before


So why not publish positive canaries with an explicit expiry date that requires manual republishing? If you set in place a scheme, long before any agency contacts you, whereby you manually publish a statement saying you have not received an NSL, and that statement disappears on its own, how could they prosecute you for failing to publish that statement?

Better yet, make each canary in the form of an original haiku.

  Month 1:

    reddit.com  
    has not to date received  
    an NS letter

  Month 2:

    This, our company
    As of the time this appears
    Has not been silenced

  Month 3:

    Our routine remains
    A haiku for you from us
    On the month's first day
Is the USG going to claim that reddit must, in perpetuity, write a new haiku each month? That seems like a burden designed to be defeated in court.


I think the argument is that this a scheme clearly setup to flout the law. If those haikus kept going by a business exec until an associate should sell the company's stock, would that be an acceptable way of insider trading?


After some contemplation I must say I agree with you. Using technicalities like "well I didn't ACTIVELY say anything!" to get around the law shouldn't work in any situation - your example makes this very apparent.

At the same time, companies should not be forced to try and circumvent the law with cute tricks. Preventing companies from informing their users/customers that their privacy has been breached by a 3-letter-agency should be illegal.

We shouldn't be arguing about the legality of canaries, we should be arguing about the legality of gag orders. Arguing pro canaries is fighting a losing battle; it's fighting the symptoms instead of the cause.


The difference is in the timing. Prior to receiving an NSL, it's legal for you to say you didn't get one.

In the example of insider trading, it was NEVER legal for you to give inside information. So stopping your Haiku is legal, but the discussion when you agreed "sell your stock when my Haiku ends" was not.


This is, in fact, how rsync.net's canary works: https://www.rsync.net/resources/notices/canary.txt


I totally agree!

In fact, when I first heard of warrant canaries, that's how I expected that they would work.


at what point does it stop becoming "not publishing a statement" and becomes "publishing a coded statement"?

"No NSL Letter has been given for data to users with the 1st letter being P" "No NSL Letter has been given for data to users with the 2nd letter G" etc etc. Publishing 200 haikus a month like this would surely go against the gag order (since you could reveal the username like this).

I think at one point common sense comes int play


The law and common sense only partially intersect


  There's two situations here: Either the gov't doesn't care
  that you say you got an NSL (without specifics on
  time/subject), or they do care.
There's a third option: The government might want to get rid of canaries without litigating their legality, so they concoct a reason to send NSLs to major parties with canaries and turn a blind eye to the removal of the canary.

If 100% of canaries were removed a month later, canaries would be pretty information-free, because the removal of a canary would just mean a canary was added a month earlier.

And it would be a simple matter to send a spy to use coffee shop wifi to post some bomb making instructions or something similar. Hypothetically.


Right.

One reason canaries are likely to be legal is that the government can work around them.


Can the government compel you to lie? (I don't know). If they can't, then the canary is a legal defense, unless of course the gov't prohibits those of us who haven't got an NSL from confirming that we haven't got one. But even that could not be retroactive.


It's not about compelling you to lie. Nobody compelled you to start the canary in the first place. The gov't gives you a gag order, and a priori gag orders are constitutional, so... you're going to have a hard time finding a judge who will accept the "Oh I was going to follow the gag order but my duty to my redditors to not write my haiku was so big!" argument.

The government has no responsibility to assist you in self-perpetuating logic puzzles.


To say "you weren't compelled to lie about X because you weren't compelled to say X in the first place" is unreasonable. It involves two actions taken by parties with opposing intentions. The latter party is exclusively responsible for the consequence of the latter action. A similar line of logic would be "you weren't compelled to give me your wallet because you weren't compelled to carry one in the first place".

That being as it is, the distinction is between compelling someone to nondisclosure and compelling someone to active deception. I imagine that's a tough battle in court, particularly if it's part of a service agreement between a company and its customers. Compelling continued publication of the canary would extend well beyond 'gagging' the company and would force it to commit what is essentially contract fraud.


No, but at the point where you set up the canary, you aren't violating a gag order. You can't violate a gag order that doesn't exist yet.

And by the point where the gag order comes into force, it's too late; you can't comply with it in a way where you aren't compelled to lie, a power that the gag order does not possess. That's the point of the canary; you have preemptively removed from yourself the ability to fully comply. Which is entirely legal.

Gag orders aren't retrocausal. Either it's fundamentally illegal to say that you haven't received a gag order, or gag orders can force you to lie, or canaries work. One of those three options must hold.


What would happen if I hadn't set up the communication strategy voluntarily, but instead was asked the question "Have you received any gag order" by an outsider (which I do not know and I didn't ask them to do this or plan it with them)? Can I be forced to lie by law? Or can you just not answer that question in general, even before you've received a gag order, just so that you don't have to answer it differently once you've got a gag order? (If I always said " I can't answer this", my answer wouldn't have to change if I get a gag order).


This seems nice. A network of agents could agree to regularly ask each other (or others outside the network) this question. They could even publish the results.

Of course, agreeing ahead of time to participate in this network could be interpreted as "communicating" (see other discussions here).


You wouldn't even have to agree. I could just start myself going around and asking various companies the question, without the companies themselves knowing about my plan. But perhaps then I am myself acting against the law, because I do this with the intent of circumverting gag orders?


Canaries are vague enough that I doubt it's of much concern to the government, especially if they're site wide and once a year like this. That combined with the fact that it's harder for the government to compel speech vs a simple gag means they're fairly safe probably. Really until it's tested in court they're always going to be a little dangerous.


Yeah, my guess is that they don't care if it's once a year like this.


And, given that massive lack of specificity, should anyone care?

I mean, yes, in a general sense, it's notable, but it doesn't tell me how often it has happened or who the target is, so there's no personal value nor any substantial value from a civil liberties perspective because it doesn't tell us all that much.


> it doesn't tell me how often it has happened or who the target is, so there's no personal value nor any substantial value from a civil liberties perspective because it doesn't tell us all that much.

They never will be able to tell down to the person level. Those would definitely violate the gag order, which if you're willing to violate why go through the mess of a canary. Similarly the government is very particular about reporting just how often they're received. Testing that is a huge gamble on the lawsuit that would be filed when you get too precise for the government's tastes.


> So you did say it.

There is a legal difference: compelled speech is especially and obviously unconstitutional in the US, in contrast to a restriction on what you can say.

You do still, as you point out, need to be willing to put the law to the test. Presumably Reddit has received legal advice that it's okay to take that risk in this case.


Can a government compel you to lie? Is omission the same as a lie?

It's an incredibly complex issue that your screenplay doesn't quite capture.


https://www.reddit.com/r/announcements/comments/4cqyia/for_y...

Makes it a bit easier to see what's going on.


Any other interpretation would call into serious question the entire concept of canaries.


I agree. One commentor suggested that they could have voluntarily removed it for some other unrelated reason, but then they would have no reason to not say exactly that - which they aren't. Seems to leave only one reason why they did.


Which spez responds to and says: "I've been advised not to say anything". Only explanation I can see is NSL.


Which leaves open the possibility of the nefarious catch-22 of the pre-emptive NSL: the NSL that threatens you to take down the canary before they have to issue you a substantive NSL!


This is not how an NSL works.


But if you knew how an NSL worked, how could you say?


N.ot to S.ay A.nything.


People see NSA everywhere they want to. Yet, domesric authority here is FBI which compels SIGINT-enabling for NSA per leaks. Court order, NSL, or backdoor are all FBI if coerced.


So, one disadvantage of these loophole canaries is that they only work once. What happens when another NSL is issued at a later date?


Moreover. The state, as an actor, should simply generate constant stream of NSL requests to trip as many canaries as possible. They have the time and resources. This would basically nullify the effectiveness of canaries as a concept.

"Hey George, did you hear Reddit has a canary now too. Ok, add it to the list. Pick a user there and issue an NSL. And don't forget about Google and FB this month as well, they are about to reset theirs".

Putting oneself in the shoes of such an actor this is a rational approach to take.


In theory, a NSL still requires a good faith belief by the issuing agency that the recipient possesses information relevant to a national security matter. That's not to say agencies couldn't use them maliciously, but it would require implying deliberate malice or deception on the part of the human agent who decided to issue the fraudulent NSL. Then again, any organization over a certain size is likely to have some conversation in their records that could be deemed nominally relevant.


> would require implying deliberate malice or deception on the part of the human agent who decided to issue the fraudulent NSL

Can be done by re-interpreting what is happening -- "we are not issuing bogus NSLs to troll them, we are fighting terrorism and these sites deliberately shelter and protect terrorists and other criminals. We want to periodically issue NSLs to establish protocols and methods so we can more effectively protect our country and do our work".

So it has to be story which will look good on paper and workers will tell themselves without feeling like they are doing something illegal.

Another way is to do it as a side-effect of something else -- say "we decided to double our efforts to track down drug dealers on these sites, therefore we'll put 2x more people on it and they will conduct research and open new cases and so on". So simply by allocating more resources to the "problem" they'll ensure any of these large sites will simply get a constant stream of NSLs without explictly writing that down as "we are busting the canaries" as a goal anywhere.


I thought the reason for NSL was to get the entire site, not just a single user.


Either way even better, don't have to pick a particular one.


It doesn't matter.

Once is all it takes, from that point forward you can't fully trust anything they say about their privacy / security.

The only real questions are: is this an april fools? And does it matter?


I suspect you were being tongue in cheek about it, but I don't think this would be an April Fools' matter for Reddit.


They could bring it back but with a catch: "between 1 April 2016 and (today) we have not received any NSLs, etc." But if you're gonna do that, you could do: "Yesterday, (date), we did not revive any NSLs, etc."


THAT would definitely draw the ire of the law. They're even limited in how many regular orders they received to ranges of 500.


But as has been said before, it's undecided if warrent canaries are even legal. So until we get a ruling on wether they are legal or not, we really have no way of knowing what we can and can't do.


"maybe they just got bored of it". Haha.


Or Twitter sent then a C&D. All your birds are belong to us.



Better link with context: https://www.reddit.com/r/announcements/comments/4cqyia/for_y...

edit: There appears to be a bug in the reddit context code, here's the original root comment that sparked the discussion: https://www.reddit.com/r/announcements/comments/4cqyia/for_y...


Incidentally, it's not a bug per se, reddit only supports contexts between 0 and 8, presumably for performance reasons. It's documented in the API docs: https://www.reddit.com/dev/api#GET_comments_{article}


If you decide to put in a canary and then at any time after remove the canary, the only way to interpret that is that the canary died. There's no point in debating any nuance in his comment. The canary died.


No; it's just pining for the fjords.

... What? A canary? Oh, right ...

No; it's just pining for the volcanoes.


The more important part is that in a country that supposedly has very strong free speech laws, the government can issue a gag order, for any reason they deem, without using normal courts.

Surely that's a very, very bad thing.


It's the ONLY safe assumption.


I think there are basically two plausible scenarios, either they received a NSL or they do no longer believe that a canary is necessary and misjudged the interpretation. (In the second case, they could of course clarify in the comments.)


It's a dead man's switch. If it's gone, they've been served with an NSL and the site has been compromised. There's no room for interpretation and no other scenario can be considered plausible.


That's precisely what I said, if you read my comment again. (But since this is the internet, I should have been more explicit.)


Sorry.

I really was capable of seeing nuance, once.


Why does it matter? Are you really going to change your behavior based on this assumption?


Is this the first warrant canary that we have a reasonably high degree of certainty was actually tripped? I remember a couple of other warrant canary cases that could be more parsimoniously attributed to user error but none this clearcut.

Any other warrant canaries trip before?


According to Wikipedia, Apple's warrant canary was removed in the July-December 2013 transparency report (and remained absent in the following transparency report in 2014).


They now report on the number of such requests they receive using a banding system, right? They can say they received between 0-249 such requests this year, something (essentially useless) like that?


If you don't assume compromise when a canary is tripped, then it defeats the entire purpose of a canary. At the very least, someone could ask the site owners about it, and they could deny it. If thu don't respond at all then they definitely have been ordered not to talk about it. Either way you can get the truth with certainty.



- Have you been served an NSL? - No, I have not. - Have you been served an NSL? - No, I have not. - Have you been served an NSL? - On the advice of counsel, I decline to answer.


This sounds like the most logical explanation and basic legal standing of the situation. Not saying what has been said in the past is as clear an indicator as possible, given the circumstances.


I have never understood what value I personally would derive from a warrant canary. For the sake of discussion let's assume that reddit's warrant canary was intentionally removed and but for an NSL it would have continued to appear on reddit. How do my actions differ in this universe compared to one where the canary was present in the report?


Here's an example.

Let's say you frequent lots of subreddits that might be considered outside societal norms. Right now that data is ONLY available internally at Reddit.

If the NSA hoovered up this data, suddenly they might learn a lot about you that they didn't know before (although there's probably a fair argument that people probably leave enough other clues scattered across other data sources they likely have access to that make this redundant).

Maybe you aren't looking at things that would set off their alerts for today's hot media topics. But what about the future? What if we end up with a President with a radical discriminatory agenda (a scarily likely possibility at this point unfortunately)? What if suddenly things that may have been frowned upon before by the general public are suddenly made illegal by Executive order or some other horrible twisting of our laws? This provides the government with a great way to narrow down the list and identify targets that have become "inconvenient" for them.

Think it can't happen or that this is an off-the-wall conspiracy theory? Germany and Russia would like to have a chat with you.

Sure, the mainstream users probably won't have any noticeable impact on their lives. For now at least. But this can still have a chilling effect on free speech today, without the nightmare scenario I outlined above occurring.

Case in point from a couple days ago: https://news.ycombinator.com/item?id=11374839


Firstly, I completely agree with you regarding why this is bad news. However, I don't understand one thing: let's say our hypothetical user has been posting in a private subreddit for carrot fetishists, which Trump will make illegal in 2018. If, today, a NSL was received by Reddit, isn't it potentially already too late for our carrot fetishist, even if they immediately stop visiting the subreddit or delete their account? Now, the carrot lover knows there was a NSL, but there isn't anything they can do except wait and see what happens when the new legislation rolls around in 2018. Emigrate, maybe? Serious question; I don't know how these things work. Asking for a friend.


They can at least stop posting about carrots. If they haven't posted anything personally identifiable that could link their 'carrotlover314' account to their real identity, then they can discard that account. At worst, if it is indeed a case of past lewd carrot-related acts being punishable by death, they'd have a head start to get out of the country before the Carrotstasi get there.

It's not much but it's something.


You are right, the only benefit to the carrot lover is that they know, within a reasonable level of certainty, that their carrot loving activities may be called into question in the future.

Which, in my mind, is preferable to the alternative.


It wouldn't matter. The US constitution prohibits laws that criminalize earlier actions that were legal when committed.

[1] https://en.wikipedia.org/wiki/Ex_post_facto_law


Recall the Communist witch-hunt in the cold war. That was done without retroactive policing and parallel construction. Just because they cannot imprison you for actions taken before the action was illegal doesn't mean they can't fuck you over in other ways. It's the thought police all over again.


Perhaps they won't get you for stuff you did today that is legal today.

But if you are still a carrot fetishist in the future, they can use the knowledge that you used to be a carrot fetishist to set up a sting operation. A little parallel reconstruction, they seize your phone and laptop, and next thing you know you're in prison in the future, thanks to the data they hoovered up today and will be in their database forever.


That doesn't protect you from targeted enforcement of other laws.


The US constitution prohibits unreasonable search and seizure on its face.


> Germany and Russia would like to have a chat with you.

So would J Edgar Hoover.


I apologize in advance if this sounds pedantic or like I am just trying to be difficult to be difficult. I am genuinely interested in this subject and appreciate your response. You never really stated what I am doing differently in the canary-removed universe (C0) than I would be doing in the universe where the canary is still present(C1). Respectfully it seems you gave reasons why surveillance is bad, but its not clear what utility I derive from the canary and what I would do differently in C0 vs C1.

I probably should have been more explicit about two of my big problems/uncertainties with warrant canaries in my initial comment. The biggest issue is that they only really seem to matter in circumstances where I assumed the service provided was a secure and private communication platform. My personal threat model does not treat the reddit platform as a secure and private communication platform and Reddit Inc. is just slightly less of an adversary than Eve's Agency. (sidenote: You are Threat Model Shostack correct?)

My other issue is that the canaries seem to be backward looking and do not do much for my future outlook. It seems that the knowledge that an NSL was served just tells me about the past, but very little about the future. Should I assume that since an NSL was served once that I should expect that they will continue to be served repeatedly and regularly going forward? I am having trouble expressing the latter adequately and clearly, hopefully it is teased out below.

For the sake of argument I am assuming/ignoring that Eve does not do global surveillance and cannot easily associate requests from my IP to reddit with submissions/comment timestamps, vote changes, etc.

  > If the NSA hoovered up this data, suddenly they might learn a lot
  > about you that they didn't know before
In C0, I am screwed, Eve's organization knows I frequent /r/BDSM, /r/guns, /r/earthliberationfront, etc. Am I to assume that further NSLs will be served in the future and therefore I stop visiting my favorite subreddits? If I was concerned about the privacy of my actions what was I doing using a public insecure communication platform?

In C1, I continue to visit /r/BDSM, /r/guns, /r/earthliberationfront, etc and the record of my sensitive activities on reddit is even larger if they are served an NSL in the future.

  > suddenly things that may have been frowned upon before by
  > the general public are suddenly made illegal by Executive order
  > or some other horrible twisting of our laws? This provides the
  > government with a great way to narrow down the list and identify
  > targets that have become "inconvenient" for them.
In C0 I have a greater reason to believe that I am on the "inconvenient list". In C1 I am still doing all the things its just I have less certainty if I am on the list.

  > Think it can't happen or that this is an off-the-wall conspiracy
  > theory? Germany and Russia would like to have a chat with you.
I don't think this sounds crazy. I just do not understand what the difference is between C0 and C1. As far as I am concerned the only difference between C0 and C1 is that I know my activities may have been reviewed by Eve in C0.

  > Case in point from a couple days ago:
  > https://news.ycombinator.com/item?id=11374839
As far as that study is concerned the difference between C0 and C1 is that in C0 I am more aware or "subtly reminded" of the existence of mass surveilance and therefore self-censor. There are fewer subtler reminders of mass surveillance in C1 therefore I self-censor less in C1 than in C0. That makes canaries seem bad?


If I'm understanding you, you're wondering what to do with the information, and comparing it to an identical situation where you don't have the information.

You're right that an early-warning system hasn't been developed. We have no way of knowing what the NSA will decide to analyse after the fact. Indeed, we do not know if an asteroid will hit the earth tomorrow. At one level, there is a limit to our ability to predict the future.

So it's up to the individual. We self-censor, or don't. The chilling effect of the knowledge of surveillance is well documented. Are you making a point that thinking you're being spied upon is more damaging than any fallout of the actual spying?


I agree. The safe bet is that everyone will give you up, and will lie about it. So you plan from there ;)

Edit: spelling


> Right now that data is ONLY available internally at Reddit

Or anybody monitoring their traffic. coughNSAcough


Anybody monitoring their traffic who is also capable of breaking TLS.


Traffic flow analysis would probably work quite well on reddit. They could confirm/deny with high confidence whether certain subreddits/posts are accessed without any need to decrypt, just by how big the responses are.


I was initially sceptical that traffic analysis would be enough, but it appears that mainstream TLS does indeed leak a lot of metadata, especially with the typical structure of splitting resources across distinct servers (eg: static.example.com for images). I wonder if the security of something the size of Reddit might not be improved by simply having a large fleet of dns round-robin app servers that all deliver all content from one domain.

I found:

"Identifying Website Users by TLS Traffic Analysis: New Attacks and Effective Countermeasures"

https://hal.inria.fr/hal-00732449/

Does anyone know of other, recent research in this area? It's been a long time since I last looked at opaque data captures of TLS/SSL traffic.

I also found: https://tools.ietf.org/html/draft-ietf-tls-chacha20-poly1305... which states in part:

"It should be noted that AEADs, such as ChaCha20-Poly1305, are not intended to hide the lengths of plaintexts. When this document speaks of side-channel attacks, it is not considering traffic analysis, but rather timing and cache side-channels. Traffic analysis, while a valid concern, is outside the scope of the AEAD and is being addressed elsewhere in future versions of TLS."

On a skim of https://tools.ietf.org/html/draft-ietf-tls-tls13-11 I couldn't find anything new wrt. recommendations on padding with the goal of thwarting traffic analysis?

Anyone have any pointers on this?


Since all the posts on Reddit are timestamped, someone sniffing traffic could probably do a decent job tying HTTPS requests (and the IP addresses they came from) to new posts that show up, and the users who posted them.


Or somebody who has access to their servers, which are AWS.

I would be shocked if NSA didn't get a secret court order to get AWS access.


Who needs to break encryption when you can break 99% of deployed OS kernels across all platforms?


So, the NSA.


> what value

1) While it isn't a perfect mapping, this is similar to a "I have nothing to hide" argument. The value of anything security or intelligence will vary with the situation. The same counter-arguments apply; you probably don't want to get to the point where you cannot learn about a NSL.

2) In general, information that allows you to make informed, up-to-date decisions is valuable. The sudden disappearance of a warrant canary gives you data about the current state of the world. The canary gives you information about the actions of the growing surveillance state. This information might be used to make preparations or as a political tool. You can decide for yourself if you would take different actions with this information, but even if it doesn't change anything for you, at least you had the opportunity to make that choice.

3) Warrant canaries also serve as an indicator of the politics of the canary publisher. Someone who publishes a canary is sending a message that they care about keeping everyone informed.


> 1) While it isn't a perfect mapping, this is similar to a "I have nothing to hide" argument.

I think you missed the point. The real question is, "So a canary died on a service I use, now what?" Well I have that question too. The damage is done. Should I toss my phone in the nearest trash can, burn off my fingerprints, cut and bleach my hair in the at the nearest connivence store bathroom, and shed a single tear as I will never return home to my family again as I am now hitchhiking to Mexico or what? Because, honestly, I don't know what to do besides that. If you're the target of an NSL, then you need to worry.

> 3) Warrant canaries also serve as an indicator of the politics of the canary publisher. Someone who publishes a canary is sending a message that they care about keeping everyone informed.

Yeah, but the set of those that don't publish canaries doesn't indicate the opposite. Organization X might not publish a canary, because the canary is already dead.


> The real question is, "So a canary died on a service I use, now what?"

Actually, I think you do the same as when an actual canary dies in the mine - you get out. If we look back at what we know about Lavabit, basically a compromised Reddit (or any other web service) might be doing who-knows-what with targeted javascript and what-not. Of course, "Evil Reddit" could already be doing that as a private entity -- but I think it does shift the degree of trust a lot, from a) "probably mining personal data for financial gain through advertising etc", to b) "certainly mining all data at the behest of a mad anti-terror juggernaut that's been out of control for decades".

I might choose not to use the service a) for a lot of things, but I certainly wouldn't want to use service b) for anything.

Now, if I was the NSA/CIA I'd of course try to fund social media and messaging startups through shell corporations, and I'd be surprised if they don't do that. In that respect we go down the "you can't defend against a nation state actor" line of reasoning. But if warrant canaries became enough of a problem, something that could lead to a real exodus of users for something like Reddit -- that might give these corporations enough incentive and reason to challenge the practice in the legal system (The government is forcing us out of business).

Another aspect of the canary, is that while people might not now stop using reddit (or logging in to a reddit persona that's associated with animal cruelty, native American rights activism or other terrorist activities) - it still serves as interesting indicator on continued government overreach, and encroachment on civil liberties and free speech.

As evidence that more and more "town squares" and cafes are fitted with microphones and cameras "for security reasons" surface, the fight against illegal surveillance (can) gain(s) momentum.

So maybe what you should do is not just step away from reddit, but take to the streets.


> more and more "town squares" and cafes are fitted with microphones and cameras "for security reasons"

I'd be really interested in hearing more about this.


I meant that if the Internet is a "global village", then places like Reddit are "town squares". Sorry if that wasn't clear.


> I think you missed the point.

I'm pretty sure I didn't.

> "So a canary died on a service I use, now what?"

Yes, that's what I was addressing.

> Should I [stereotypically run like a fugitive]

Probably not, but I don't much about your specific situation.

> I don't know what to do

THAT was my point; you don't know know, because you cannot predict the future. The social or political situation might change in a way that makes NSL searches much more threatening. You might be in a situation where knowing that your activities have been discovered by an a NSL does suggest some type of action.

It's easy to consider the set of possible futures that you can enumerate. That set is rarely complete.

> If you're the target of an NSL, then you need to worry.

And that's the "nothing to hide" argument.

> Yeah, but the set of those that don't publish canaries doesn't indicate the opposite.

Obviously. The canary is still useful information.


Canaries are primarily a form of protest, drawing attention to the surveillance, the conscription, and the gag order all at once.


In a world without canaries, all providers could have received NSLs forcing them to cooperate with wide ranging surreptitious surveillance, and we'd be none the wiser.

Instead, we live in a world where we know that many of them either are not being forced to secretly cooperate; or in one where canaries don't work, and they're being forced to lie about it.

And of course, there are ways of implementing internal surveillance without the cooperation of providers: by trespassing on their infrastructure, by analysing and recording traffic at their border, etc.


Maybe they are now able to get posts from private subreddits and private messages, without warrants...


Maybe they are? The question is, what am I doing differently in this universe compared to the universe where the canary is still present? It seems like your answer is "In this universe (canary removed) I no longer treat reddit as a secure and private communication platform." My personal threat model assumes that reddit is not a secure and private communication platform so the status of the canary does not change my behavior, utility schedules, outlook, etc.


I personally would not be doing anything differently but that is besides the point... they should not be able to get that data without a warrant. So I guess the value of it would be that you are now aware of something else that the government is doing that they should not be doing...


I apologize if I am missing something in your answer but "NSLs are bad, mmkay?" does not seem to be very responsive. We knew about NSLs before warrant canaries. If that is the only utility they provide it seems like they are not very useful to me.


I wish that they would be more specific in their canary and perhaps have multiple ones... for examples:

1. we were not asked to provide private post

2. we were not asked to provide metadata like IP addresses

3. we were not asked to backdoor our website

4. we were not asked to shadowban users

5. maybe even one canary per user, to know exactly who is affected


I entirely agree. It's foolish to believe that "private subreddits" and "private messages" are private, in any meaningful sense.


I don't think information needs to be immediately actionable to be useful.


It's a good point - I'm not sure who really thinks of reddit as a secure and private platform. Warrant canaries certainly make more sense for gmail or dropbox or something.

That said, while your behavior regarding reddit might not change, it could inform your political behavior. Since organizations can't say they've received NSLs, it's really hard to survey and see how common it is. I'm glad reddit's case here is gaining interest, and hopefully other companies will take part in this program and also get attention when it happens. It would be good to know just how prevalent this practice is.


In this universe, a thread like this is created to give privacy zealots another opportunity to rant about their pet issues.


It's equal opportunity, it's a platform for anti-privacy zealots and apathetic people as well!


Apathetic people don't comment in the first place.


Someday someone will get an NSL, say screw it, publish it on the internet (with mirrors) and tell the government screw you I now have standing.


Apparently the Internet Archive got one ( and can speak about it)[0] and a few years ago there was a talk at the 27c3 [1], about getting one.

[0] http://www.newyorker.com/tech/elements/what-its-like-to-get-...

[1] https://events.ccc.de/congress/2010/Fahrplan/speakers/3156.e...


Also:

‘John Doe’ Who Fought FBI Spying Freed From Gag Order After 6 Years

http://www.wired.com/2010/08/nsl-gag-order-lifted/


IANAL, but I think given Lavabit's experience it's best to get a lawyer before saying screw it. The ACLU and EFF are probably at the forefront of expertise and curiosity when it comes to NSLs. https://www.aclu.org/national-security-letters

I mean honestly what's so difficult about "Congress shall make no law"? We're not talking about someone yelling "fire" in a theater. NSLs are facts, the searches they authorize are facts, and the gag is also a fact. And it's also not like this even remotely resembles treason or sedition.


  I mean honestly what's so difficult about "Congress 
  shall make no law"?
The exceptions are numerous: https://en.wikipedia.org/wiki/United_States_free_speech_exce...

Disagree with the restriction on free speech on its actual merits, not by saying "there's very few restrictions on free speech" when in fact this is not the case.


The "yelling fire" case was about a Jewish anti-war socialist who distributed pamphlets urging men to resist the WWI draft as a violation of the 13th amendment.

The idea that a National Security Letter can serve as a secret warrant against a 21st century Charles Schenck like Edward Snowden is interesting.

Neither falsely claimed there's a fire; they are/were men speaking out against war and unconstitutional acts. Anti-war speech should be especially protected.

Publishing a NSL is a defensive act against an immoral and oppressive government. The idea that they are using the NSLs to suppress freedom of speech and fight advocates of freedom of speech should only embolden the opposition.


And that'll be the day the butterfly is broken upon the wheel. I'm skeptical that NSL gag orders are constitutionally valid, but there's no way I'd breach one while on US soil.


Eventually I guess we'll have persistent Twitch-like lifecasting services using glass-type wearables and someone will open their correspondence while using the service and open an NSA with people watching. It will probably be the CTO of that company, since always on recordings would be something the anti-terrorism guys would go nuts for.


Uhh, what? The NSL is going to be given to the legal department of a corporation, which, for obvious reasons, cannot live-stream private legal issues.

Then the corporate lawyer talks to the CTO, and tells them that for legal reasons they must shut down their livestreaming stuff.


Lavabit had 2 employees in 2013[1], how many of those comprised the legal department?

[1] http://readersupportednews.org/opinion2/275-42/19860-us-vs-l...


Surprised it hasn't happened yet, not sure what the penalty would be but I'd guess months rather than years.


The government would very much want to make an example of anyone who did that. The punishment would be as severe as they could get away with.


Wait till they're sending so many of these out one day a person with nothing to lose receives one.


Its happened a times IIRC. The government always drops the NSL, then throws the book at the person.


That is either incredibly naive or an underhanded joke.

This isn't exactly the kind of thing US law treats as a minor offence, especially if it involves computers. Get the right prosecutor involved and this is a national security concern, an act of treason and a cybercrime all at once.


Are you nuts? It doesn't matter if it's reasonable or not, as an issue of national security I would imagine treason would be on the table due to the "aiding enemies" clause in the law.

Treason is _minimum_ 5 years, capital punishment at worst.


no one is willing to go to jail over their users' data


I would argue that Snowden was.


That's clever... but a totally different situation.


Then you must have missed the part where he fled the country to avoid going to jail.


"Willing to go to jail if necessary" != "actively wants to become a negative example to other potential wistleblowers"


Why are you adding "if necessary" out of nowhere?


It makes the implication of "willing" explicit. Perhaps it should be in parenthesis or brackets.


It makes the implication different. Ask Nelson Mandela.


Snowden has given that explicit rationale.


He says a lot of dumb shit. That's forgivable, he's in a stressful situation.


Do you expect he will get a fair trial?

You can be a hero without being an idiot.


You can try, but as Snowden has shown, it's not nearly as effective.


just because he tried to escape it doesn't mean he didn't make that decision...


Doesn't it? He's not in jail right now.


This really needs to happen...



What terrifies me is not the potential data leak, but that the NSA may be obtaining their TLS certificates, bypassing the threat (to them) of "https everywhere".


Certificates are public, the NSA can just download them.

You mean private keys. Reddit uses forward secure TLS, so obtaining the private keys does not allow the NSA to decrypt the traffic, as fresh keys are negotiated on each connection. The long term private key is used only for identification, so they allow you to impersonate the server but as far as I'm aware, nobody has yet seen evidence of a large, popular website having all of its traffic hijacked by state actors with stolen SSL keys. I can only imagine that such an attack would be quite visible (unless the taps were done internally inside a big CDN).


According to the Snowden documents, traffic is hijacked in a targeted manner. So, for example, only on pages served to the designated user, IP address or IP blocks etc. We would not see all it's traffic altered, we would only see traffic being altered if we were being directly targeted. It would be incredibly hard to see by others.

Also, the SSL keys are not stolen, we have to assume that they have been given to them based on the letter. The gag order and canary indicated that everything has been compromised.


Doing that requires you to be able to see through at least some connections in the first place, in order to figure out which connections are from your target victim. That's why QUANTUM is a combination of packet sniffing and packet injection. If everything is SSLd then it's much harder to deal with cases where a users connection moves around.


I'm not familiar with reddit's set up. But given that a NSL means that anything and everything can be given over to the NSA by reddit, does this mean that it's not hard for them to do this now?


Only if they were able to get a direct tap of all traffic entering Reddit's servers inside AWS. Then SSL is irrelevant of course. Doesn't matter what keys or crypto you use.

If it's not a direct real-time feed then, no, doesn't really change much.


It's amazing that it lasted this long. Given how I assumed the government was handing these things out like candy I would have thought just about every major tech organisation was getting dozens at least every year. In a weird way, it almost increases my faith in the system. Or it decreases my faith even further in the competence of the security agencies .. I'm not sure which. (after Facebook and Google, Reddit is probably one of the most obvious and valuable places to hit they could go to ... how did it take them this long?).


Keep in mind that canaries do not preclude false negatives, especially in larger organizations.


The only plausible NSL served on Reddit is for subscriber information related to a national security investigation. Reddit was compelled to provide the records they already had on some username's real name, billing details, and similar---and maybe a list of who they exchanged messages with.


There are a number of English-speaking, self-identifying ISIS members who post regularly in /r/JihadInFocus. /u/thelord4444 is one and /u/AnsarAlKhilafah is another. I wouldn't be the least surprised to find out it was about them.


If I was a national security agency with the ability to perform man in the middle attacks, I'd ask for their keys / certificates and crack encrypted communication, and insert my own targeted payload.


This reminds me of when people asked Linus Torvalds if the NSA had approached him about putting in backdoors. To which he answered "No" while shaking his head yes...

Red Hat and Systemd anyone?


This is incredibly disheartening to hear, but I have to say I'm glad to see the currently top-voted comment is about this, and most of the thread has turned to focus on this.

I wonder how big of an issue this NSL will become for Reddit, or whether it will be forgotten about in a week.

I also wonder what it means for me as a Redditor. "If you have nothing to hide" arguments aside, does this mean it is safe to assume that the NSA got full access to all of Reddit's data and hoovered it all up? Or are these NSLs only able to target individuals? Not sure you can really make that distinction from a data mining standpoint I guess.


No matter what the extent is, I have to assume that everything is compromised and reddit is now totally untrustworthy.


I was slowly letting the idea of going back to Reddit something worth doing (after the blackout). Now, I have it DNS filtered. I won't be going back.


Turns out this was intended to be a April Fools joke; not by Reddit, but the FBI. Pretty sick taste in jokes; FBI already had all of Reddit's data because they're hosted on AWS; Amazon already gives all AWS data to the FBI.


Serious question, what's to stop the NSL including language along the lines: 'Any warrant canaries need to remain in place'?


There's a significant legal difference between compelled speech and compelled silence. The latter is easier than the former.


An NSL can't just make stuff up. Everything in it must be specifically authorized by congress or a court.


The All Writs Act means that's not much of a bar.


Technically, they remained in place here too. Warrant canary is still in 2014 report. What they did is they did not repeat it in 2015 report.


I was just about to ask if Hacker News has an NSL canary, when I saw this: < https://news.ycombinator.com/item?id=11402439 >.


Isn't all communication on HN public? (I thought the only additional info on the servers was the votes. Or are IP addresses and timestamps stored for visitors?)


I found myself just now wondering whether a court case has been fought over whether the government can force someone to keep up a canary. It's sad that we can't even know this kind of information.


It's a pity they can only use such a canary once.


Couldn't they just update a timestamp? "As of april 3rd 2016, we haven't received an NSL"


IANAL, but based on the EFF's page on warrant canaries, it seems like they can, in a way. They can state any legal processes they have not been involved in, for basically any period of time, though EFF recommends several months between any such kind of report. The easiest thing is for them to issue, say, quarterly transparency reports and saying "For this past quarter we have received no XYZ".


Some services have a daily canary (like https://proxy.sh/canary), but we don't know whether they could be forced to sign a new canary even after they've been served an NSL.



I don't see why not. It would be funnier if they said "Until March 1st and starting with March 3rd we haven't received any NSL."


Unfortunately I don't think any judges would laugh...


can't they bring it back next year? (assuming they don't receive a new letter)


I don't think so, that would be tantamount to saying "we did recieve a NSL in the year of 2015" which would be breaking the gag order and would not have as strong an argument about compelled speech.


Really? Why can't you craft the canary so that the message every year to say "[Company] has not received a gag order for the year of 201X", and just not write it down for the year they receive it?


Exactly for the reason gpm spelled out in the parent comment. Judges are smarter than that.


Why are you all arguing about fucking canaries? I grew up with this idea that there was a right to freedom of speech and expression. You're all playing their little games when you should be standing up for your right.


In the case of violating the gag provisions of an NSL, that's a 'Fast Track' to an 8x10 cell in an institution not necessarily of your choosing.

Do feel free to write your representatives and complain, but don't try and sweep this all away under "right to freedom of speech and expression". National security is far more nuanced.


Great. Freedom of speech in fucking quotes. National security is nuanced. You've got to be kidding me. America has disappointed me.


So do something about it. You can't complain in the preposterous way that you're complaining and not actively do something about it. And I'm not talking about voting, it's decades too late for that, and you'd never get the rest of the country to agree with your views.

Do something. You're sitting here bitching us out for how the US government works like it's our fault and we should have done something different. Well what are you doing? Because if the answer is "nothing", then maybe you should sit down and reevaluate your tone.


That's a bullshit response. You can't disagree with policy or people's attitudes unless you're "doing something about it"?


If you disagree that strongly with his attitude but aren't doing anything different than he is, you're a hypocrite. What makes you better than him? What puts you in a position to judge him?


That is not how hypocrisy works.


Free Speech is limited. In the US, free speech doesn't include "obscenity." We tolerate that because no one wants to advocate for free speech covering child porn (except Ricard Stallman and that girl who got fired from Nintendo).

In Germany, they have "Free speech," except when it comes to anything relating to the Nazis (unless it's in a history book talking about how horrible they were).

In China, their constitution guarantees free speech.

Laws are like debt, they are only useful to the point they can be enforced through violence.


Company creates "Government request officer" position in company.

Company policy states each month a polygraph must be taken by "Government request officer" covering "certain" topics, and the results are posted online.

This month the "Government request division" officer failed his poly.

The wording of poly test could be done to never even speak of nsl etc or even what poly was designed to do, and no company document/policy or spoken word ever says anything about the nsl etc.


So as an average netizen what can I do about it? Is anyone actually going to boycott Reddit, and lose access to all of the communities that are there because of this?


Assuming reddit received a national security letter (NSL), what does it mean? What are the implications?


Reddit should take one for the team and shut the website down. Redirect it to nsa.gov or a pastebin and provide 223MM monthly uniques with the impetus to fix this fucked up country. Maybe a multi-billion dollar company disappearing overnight would be enough to convince our lawmakers that this isn't compatible with being a part of the new global economy. Maybe it would be enough to get people in the streets.

As an aside, I'd like to see more sites put something like, "if we are ever served a NSL, our website will stop operating", in their privacy policy.

The government can't force you to keep operating a business. If they want to abuse NSL's, so be it. I want the John McCains in our government to realize what they're doing.


At the risk of sounding cynical, I think this whole ordeal indicates the opposite. If "people in the streets" is to be evidence that surveillance "isn't compatible with being part of the new global economy," then we should also take a hint from the lack of "people in the streets."


That's fair.

It's also incredibly depressing.


Could this be an elaborate April's fool practical joke?


Honestly the reddit admins lie so much and have so little respect for their users that I don't think we can conclude anything about this.


We'll never know, but I have to wonder if it was bitcoin related. And I don't mean like dark web, but like Mt Gox or other.


As a reddit users, might this give us standing to make a class action suit to see the letter?


Erm, can't edit thanks to noprocrast -- "As Reddit users" would be more correct.


Does a reddit thread constitute an email? How does the authorization define what an email is?


For those who aren't familiar, a NSL Canary is like a Warrant Canary, but for National Security Letters.

https://en.wikipedia.org/wiki/Warrant_canary

Australia just outlawed warrant canaries. Scary times.


> Australia just outlawed warrant canaries. Scary times.

Assuming you accept the need for the non-disclosure requirements in some court orders and administrative subpoenas, wouldn't the decision to allow canaries be a legal mistake in the first place? (Albeit AFAIK one also made by the US Department of Justice)

The argument for the legality of canaries would have to rely on the distinction between the affirmative and negative disclosure. But it is very easy to imagine a service that scrapes sites with canaries and publishes an affirmative list of those which took theirs down recently (or in a given time interval). This completely subverts the argument.

Is it perhaps yet another case where the legal minds failed to account for the current (actually... two decades old) state of technology? Am I missing something?


But it is very easy to imagine a service that scrapes sites with canaries and publishes an affirmative list of those which took theirs down recently (or in a given time interval).

https://canarywatch.org/


Shouldn't that Reddit canary be dead, though?

https://canarywatch.org/reddit/


I see this language at that location:

Reddit released its transparency report for 2015 and the warrant canary language was missing.

Maybe that's an edit after your post. I agree that a silhouette of an expired canary lying on its back, wings spread awkwardly, tongue sticking out, eyes crossed, would make this communication more effective.


Yeah, that's odd. It's timestamped March 31st - perhaps it was serving a stale application level cache (I've not been to the site in a while, or so I thought). Now the canary-logo is taken down from the reddit listing on the front-page too.


Practically there's no difference, the consequences of a canary or blowing the whistle is the same. But the interesting thing is canaries require the government to order someone to lie, whereas the other just compels them to not tell the truth.


I don't see how such a service would invalidate the argument; you could prevent that service from affirming it, but that shouldn't impact the original canary issuer.

And I don't think canaries are really a feature of current technology; seems like one could have simply posted a weekly newspaper ad with the same content.


There's a better approach that depends on third-party scraping. You publish the canary on a schedule, but take it down as soon as it's been scraped. So there's nothing to take down when you get the warrant, NSL, etc.

Edit: And then you don't publish the canary as scheduled. Before you got the warrant, NSL or whatever, you were subject to no court order. So you were free to speak. After getting it, can you be compelled to speak falsely?


> After getting it, can you be compelled to speak falsely?

Why not? Given that secret warrants arguably already circumvent your right to face your accuser, this seems like a very small stretch.


My understanding is that, no, the government cannot compel you to speak falsely or, generally, to do other things you don't want to do.

As I understand it, this is related to the argument that Apple was using vs the FBI recently, that while the FBI could compel Apple to produce things in its possession (like Farook's iCloud backups) it could not compel Apple to do things like produce a custom version of iOS.

IANAL, but, this is mostly based on what I remember reading last year when the whole warrant canary idea first started getting publicized.


IANAL: I don't believe that secret warrants 'trip' one's right to face their accuser, as that is a right for courtroom proceedings, which are significantly different from the warrants about which you speak.


They have more guns than you do. They can compel you to do pretty much whatever.


Well, canaries ought to be signed with GnuPG or whatever. But then, we're back to https://xkcd.com/538/ ;) But that would be harder against a corporation.


Hypothetically, what would happen if somebody made them use their force in a very public, visible way (that is, refuse to comply, and post live video on multiple video sites)? How big of an operation can be kept secret by physical violence?


There wouldn't be some sort of black-ops, Bruce Willis style operation. You'd simply be someone being arrested by some FBI agents for violating federal law, and they could do that at noon on a Tuesday smiling to TV cameras if they wanted to.


But that would nullify the canary, no?


> Assuming you accept the need for the non-disclosure requirements in some court orders and administrative subpoenas

You could distinguish between temporarily keeping particular orders a secret, permanently keeping them a secret, and permanently keeping secret even summary information about the number, kind, and scope of the orders (or what kind of matters they related to).


To be fair, I've always thought that warrant canaries were extremely questionable legally. If the government can legally say "You're not allowed to spill the beans about this", then using a warrant canary is directly subverting that order.

As a result, I always assumed that anyone that had a warrant canary in place would get a court order to keep it up regardless.

I would be shocked if they stood up in court, and I don't find the outlawing of it any more disturbing than allowing secret warrants in the first place. (Although secret warrants are pretty damn disturbing.)


Theoretically an order compelling speech, especially false speech, scares courts more than prohibiting speech in certain circumstances, which happens frequently.


Is it merely theoretical? I read a bunch of opinions on the subject last year that definitely left the impression that there was some precedent here.


I may be wrong but in the Australian case it seems journalists are forbidden from creating a canary in the first place, they cannot say they did or did not receive a gag order. That's what I got from what I've read but not sure.

If the issue was being forced to continue with the canary then there is a solution for that just use as a canary, before you received any order: We have received a gag order!

And when you do receive a gag order what are they going to do? Make you remove that? Keeping it seems as a direct violation of that order.


Sure, they can force you to keep the old one up.

But can they force you to put up a new one?


I like the section from Moxie in that article. Did anyone check if this is lawful to begin with? I mean, if you can't tell that you were asked for private data, can you 'tell' by now saying that you weren't asked for private data?

Just to be safe: Any NSL is crap. Braindead. I'm not trying to support that BS. This is among the worst possible ideas a government can come up with and belongs in the realm of (referring to recent posts) Turkey at the moment.

But IF they exist for some reason, is a canary really working? Isn't this just another 'The government cannot crack my password' argument, missing the lead pipe way..?


If you follow the source there's a section stating that according to EFF having a warrant canary should not be a problem:

https://github.com/WhisperSystems/whispersystems.org/issues/...

What EFF wrote says more to me than Moxie saying 'every lawyer I've spoken to'. Which lawyers? In what context? What was said?


> Which lawyers? In what context? What was said?

Sounds like we need a lawyer canary.

/s


This seems like one of those better to ask for forgiveness than permission kind of things. What NSLs thrive on the most is lack of attention. Anything that brings more high profile is something the NSA would prefer to avoid, lest case law gets more clarified around them.


> Australia just outlawed warrant canaries. Scary times.

Outlawing warrant canaries per se is not scary at all. They're a method of communicating information that has been deemed to be forbidden, so it's just a way of preventing the rules-lawyering method of still conveying that info. The overreach of such things in the first place is the scary part, not the stuff around canaries themselves.

The focus should be on getting rid of the overreach of these things, not on preserving a loophole.


Agree 100%: "You mean I can't circumvent the plain meaning of a court order through information-theoretic trickery? Truly, fascism is upon us."


There is no "court order". That's the whole point of a warrant canary. A fact is asserted when there is absolutely nothing preventing you from asserting that fact.

Do you want to restrict everyone's speech just in case, or force them to lie? Those are the choices.


The warrant comes with an order prohibiting you from communicating its presence. That prohibits any means, no matter how cleverly informed by information theory, from communicating that information.

It only forces them to lie if they deliberately take means to force themselves into a lie. "I have not received any warrants that I'm legally allowed to discuss with you."


It doesn't need to "trickery". It could be as simple as someone asking if you've received any warrants, and just not answering.

The government shouldn't have the ability to compel people to lie, that's the issue. As far as I know they don't have that ability, and there is nothing illegal about this.


They can compel people to lie already with the NSL - it just depends on how the question is phrased. "Removing a warrant canary" is no different to staging a question from someone that is "Say 'no comment' if you've received an NSL". In both cases, the absence of a response has been set up to convey the forbidden information.


It's not illegal to answer "no" if asked whether you have received a national security letter, and neither is it illegal to answer "no comment" if asked whether you have received a national security letter. Nor, further, is it illegal to respond with silence.

Having once given a legal, true answer to the question "have you received a national security letter", a person can later give a different legal, true answer to the same question, or can later choose to respond with silence.

Otherwise, you are asserting that the feds may do more than merely forbid the recipient of an NSL from talking about it, and actually have the authority to force the recipient of an NSL to lie about it.

I sure hope that isn't true. If it is, I'm not sure any of this matters, because we're all fucked already. I cannot conceive of any legitimate justification for allowing any government to have such a power.


Forcing people to lie is bad.


How deep is the rabbit hole?


Reddit should remove the π symbol on their website, as if Pi itself disappeared.

"We can't talk about Pi."



I remember several mods of r/darknetmarkets posting that they received NSL's forwarded from actual reddit admins.. Not sure if that post is still available though.


Are you referring to https://www.reddit.com/r/DarkNetMarkets/comments/30tudk/psa_... ? That was a normal subpoena (without a gag order), not a NSL.


Yes, but they still could have been accompanied by gag orders despite not being a NSL. There are several categories of administrative subpoenas which can have them, and which could have been plausibly used in my case - the financial ones, for example, due to the Bitcoin/money laundering nexus.


> Australia just outlawed warrant canaries. Scary times.

Australia outlawed warrant canaries for journalism warrants (warrants for journalists when they investigate someone). I'm fairly sure that law doesn't apply to all other kinds of warrants.


Ridiculous times too, when all of this gathering of data is predicated on a flawed assumption that it won't just be creating more noise in the attempts to predict terrorism. We've switched from one wasteful, illegal, and noisy method (kidnapping and torture) to invading privacy.

I'd love to see efficacy proven, just once.


Isn't an NSL by definition a non-noisy, targeted method? I'm going off of the widely known methodology for getting data from a U.S. company, FAA 702, popularly known as "PRISM".

Do you have any links describing NSLs being part of a noisy, dragnet operation?


No, I'm working under the assumption that the NSL was a first step in mass collection.


Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: