Hacker News new | comments | show | ask | jobs | submit login
DuckDuckGo: illusion of privacy? (etherrag.blogspot.jp)
247 points by ziodave 1588 days ago | hide | past | web | 146 comments | favorite



If you are specifically targeted in an investigation [...]

The purpose of services like DDG is to reduce the amount of casually collected, personally-identifiable private data you might be strewing about - data that might potentially be recovered and might potentially be used against you or used in ways that you don't like.

If you are specifically targeted by an investigation, a law-enforcement agency like the FBI, armed with probable cause and warrants can tap your phone, search your house, track your location, log your keystrokes, etc, etc. DDG can't help you there, you'd also be vulnerable even when using a service provider which really doesn't have access to your data, like tarsnap. DDG is not going to magically protect you from targeted (and perfectly legal, civilian, non-NSA-related) surveillance if you happen to have the bad luck of being a subject of such an investigation. It's a silly standard to hold any service provider to.


Were these features of DDG ever it's purpose or merely an incidental feature?


It was supposed to be Google except with privacy.


Purpose.


1. Since the U.S. government has given itself both the power to compel U.S. corporations to spy for them and the power to prevent them from revealing this, we can't take the claims of any U.S. corporation at face-value.

2. DuckDuckGo is a U.S. based company.


Problem is, even if DDG would be hosted in, say, Europe, the NSA would still be able to snoop on the traffic. As has been recently revealed, the German BND may siphon off up to 20% of the traffic at DE-CIX (Internet exchange in Frankfurt) and on average siphons off 5% [1]. The BND closely cooperates with the NSA. As we've seen in the last couple of weeks, Europe is basically a US colony and Germany in particular is not a true sovereign state. [2] What to do? Host in Russia, Latin America?

(Disclosure: I am German and DDG is my default search engine.)

[1] http://h-online.com/-1909989

[2] http://sz.de/1.1717216


A foreign intelligence agency like the NSA actually needs less of a legal framework to spy on a foreign company as opposed to a domestic one. It's sort of the whole point of a foreign intelligence agency, not respecting the laws of other countries.


Well, yes. But let's get back to the point of the original post in this thread.

There are two problems: 1) we can't trust the networks that our data travels over and 2) we can't trust US-based companies with our data. The first problem is fairly easily dealt with (encrypt and authenticate), while the second one is much worse. A company based in a country that does not have laws enabling agencies to snoop on and prevent the disclosure of said snooping would automatically be more trustworthy than any US-based company.


> A company based in a country that does not have laws enabling agencies to snoop on and prevent the disclosure of said snooping would automatically be more trustworthy than any US-based company.

The ultimate irony is that by using providers in a country that spies and is unwilling to admit, over a country that spies and is willing to admit, is that you're forgoing the "trustworthy" spying country in favor of the "untrustworthy" spying country.

You know the US spies. How much do you really know about the ones that are staying nice and quiet right now?

I didn't realize secrecy equated with trustworthiness.


How about a country which doesn't spend trillions on spying and thys probably doesn't have capacities anywhere close to those of the US, secret or not.


Don't fool yourself. Every tech-averse third world middle eastern country can control and tap into the fiber in their infrastructure.

And if they can, anyone can. It's not egregiously expensive or difficult to do.


while the second one is much worse

It may be "worse" in a variety of senses, like political tenability, but the solution is simple: bring data given to third parties under the 4th Amendment, which is the entire underpinning of companies being able to give your packets to the government willy-nilly. Well, not willy-nilly, the government pays for the privilege.

The problems with passing a privacy law that attaches to data given to third parties, like is done in many countries with higher standards of living than the US, are not the citizens' problems. Political tenability is a problem for politicians, but that is of zero consequence. If the populace wants (for some measurable quantity of want) this to happen, politicians will either make it happen or lose their careers or lose their heads to pikes (as has happened throughout history). However, politicians are counting on people having low self-esteem and taking "no" for an answer. It's not the citizen's duty to be cowed by their laziness and bad hearts, though.


If we are not being naive, you can't trust China-based or Russia-based companies with your data...


Or French, or German, or Australian, or... Pretty much everyone?


I do not think (1) is solved with cryptography because you can spy on the traffic flow and the route and timing of the connections give extra information. To overcome this we need extra measures.


> A foreign intelligence agency like the NSA actually needs less of a legal framework to spy on a foreign company as opposed to a domestic one. It's sort of the whole point of a foreign intelligence agency, not respecting the laws of other countries.

That's why the NSA has links to UK and Australian intelligence agencies. They can "share" intelligence (as in, let the other guys spy on their people). I wouldn't be surprised if the NSA didn't have people on sequester to foreign agencies, but still based in the US, doing nothing but spying on US citizens and passing the information to the NSA (plus giving a few tidbits to the foreign agency, to justify the sequester); as a legal loophole.


Actually a company based out of US jurisdiction and using TLS certs should be "safe" to use assuming they don't voluntarily share your info with any governments. It is expo exponentially harder to compel a country to compel a company to give up info.

Or you an use Off The Record Messaging which has perfect forward secrecy.


DDG searches are delivered over HTTPS. It doesn't matter if the NSA can siphon off DDG traffic.


It does matter and the article has reasoning about why it does. "The NSA could get the DuckDuckGo master cert in one of three ways:

1. Be given the cert

2. Physical access to servers or load-balancers

3. Remote access to servers or load-balancers"


If they can get direct access to the DDG servers, then it doesn't matter if they can siphon off traffic at the ISP level. They can just access the data.


But wouldn't that require constant access to the server, whereas the key they could steal once with short access to server and use until it expires without the victim noticing?


My understanding is that if they're using Perfect Forward Security it doesn't matter, because unless you're modifying the traffic in flow (which is much harder to do secretly) then it doesn't matter if someone-else has the private key, they won't be able to decrypt the data in any case.


How do you expect to get the nonce across the network without the NSA getting it?


I'm no expert in PFS in TLS, but there are various key-agreement protocols that allows parties to establish a secure key over an insecure channel.

I believe the way PFS works is that it uses RSA to verify identity and then Diffie-Hellman to establish keys.

If you're only able to passively intercept data (i.e. you can't impersonate the server and MITM) then you're unable to discover what the key established by DH is.

(incidentally nonces are generally only relevant for preventing replay attacks; the nonce doesn't play a part in passive defence)


> I believe the way PFS works is that it uses RSA to verify identity and then Diffie-Hellman to establish keys.

It's the other way around. First you do the DH and then use RSA to authenticate (a hash of) DH parameters.



Well the point raised by the article is that HTTPS doesn't matter much if the certificate is compromised.


Is this true even with perfect forward secrecy, as is used on DDG?


Https doesn't have to terminate at the server doing the work. A feed splitter could be put between the https termination and the engine room. If ddg were compelled to do this, it's entirely possible to do so without giving up the cert.


How unreasonable is it that DDG could have their private key taken by the NSA?


I expect the NSA does this as a matter of course, at least for large enough companies.


comrade1, you are hell-banned.


If, say NSA and BND co-operate, NSA listens all but Americans and BND listens all but Germans and both exchange information. Everything is covered.


And that's really all there is to it. That's why you don't build secret courts, secret orders, and gag orders.


3. It would be almost trivial for the U.S. government to snoop on DuckDuckGo's traffic at the switch or cloud provider level even without informing DuckDuckGo of this. I believe they host at EC2 East, which is in DC and a major U.S. government linked hosting provider (see Amazon FedRamp).

The cloud is not private, period.


Oh, I'm sure they can easily collect the traffic. I think any secure service needs to be made with that in mind now. But the question is if they can get the data unencrypted.


Even if they're getting it encrypted, they can still learn a lot from correlations of addresses and times and such.


Do we have any evidence the US asked any corporations to spy? The only instances I am aware of of the US asking corporations for help was requesting/ordering access to data the the company was already collecting.




I like the blog post, but I think that it is somewhat unfair against DDG since the argument works against any internet company. The argument rests essentially on two points:

1. Client/Server architecture has a single point of failure, namely the server. ( Or the network equipment directly upstream of the server.) So that whatever nasty surprise is embedded directly at the server, or in the jurisdiction the server is in, affects whoever is using the server.

2. We do not have a treat model for the NSA, they are somewhere between a usual state level attacker and Cthulhu. We do not really know, what the NSA can or can not do, can they crack the discrete log or factor large numbers? Or do they 'just' have a assorted 0day collection? Is it realistic that they can coerce anyone into revealing public keys? And if they can actually break TLS, can they also break all TLS or does this require some not insubstantial effort on their part?

So both of these are real problems and the combination is potentially undermining the trust into the entire internet. But it is not really about DDG.


"... it is somewhat unfair against DDG since the argument works against any internet company"

What other search engines are being suggested for use as a safer alternative to the major search engines? Did any of those companies respond by affirming their ability to protect your privacy in a way that is not technically possible?

The author's point is that you can't dodge the NSA's scrutiny, and if you think you can then you are either lying or uneducated about the NSA's capabilities.

UPDATE: What I'm trying to say is that the article doesn't really work when directed at Google or Yahoo because we already know that our privacy is compromised there.


What about startpage? I know they're still dependent on google, but in terms of privacy they seem to be at the same level as DDG. At least they're smaller than DDG, so it's less likely that the NSA will bother with them


We need a definitive answer on whether PFS is truly perfect. If ssl->vpn->https->anon-dns->tor->tls2->no-logging-search is safe then our searches for weird porn might be private.


The post is not against DDG.

It is against the unreasonable expectations for privacy when using DDG.


"We do not have a threat model for the NSA, they are somewhere between a usual state level attacker and Cthulhu" just about made my day! Awesome description.


"Option 2 Many smaller internet companies, including DuckDuckGo, do not operate their own data-center, but instead are “hosted” in another provider’s datacenter. In DuckDuckGo’s case, they are hosted by Verizon Internet Services. We’ve all learned about the cozy relationship between the NSA and Verizon, it is quite imaginable that Verizon would simply give them access to a DuckDuckGo server, or the load-balancer which is likely owned and operated by Verizon and upon which the SSL decryption key is installed. They don’t need continuous access, 30 seconds is all that would be necessary to copy the cert."

And Gabriel's response to that: "There are many additional legal and technical inaccuracies in this article and I will not address all of them in this comment. All our front-end servers are hosted on Amazon not Verizon, for example."

Might as well %s/Verizon/Amazon/g…

I also found what Gabriel said here to be interesting:

"We have not received any request like this, and do not expect to. We have spoken with many lawyers particularly skilled and experienced in this part of US and international law. If we were to receive such a request we believe as do these others it would be highly unconstitutional on many independent grounds, and there is plenty of legal precedent there. With CALEA in particular, search engines are exempt."

So apparently speaking to a couple of lawyers who are probably not upon the FISA court (who apparently pretty much just stamp what has been decided) now have a say in whether such actions can be taken by the NSA and whether they are unconstitutional are not?

Don't get me wrong, I've been using DuckDuckGo for a couple of years now, but that's laughable.


There are plenty of reputable lawyers, especially with the ACLU, who have been fighting in public courts against this secret parallel court structure.

Early on, claims were simply thrown out due to "state secrets," presented in sealed folders only to the judge. Over time, the lawyers and organizations gained experience (a la Minesweeper) and got more substantive rejections from judges. The first win was with Nicholas Merrill, about five years in, though it took another three or four years for the gag order preventing him from talking about it to also be lifted: http://www.aclu.org/national-security/doe-v-holder and http://www.wired.com/threatlevel/2010/08/nsl-gag-order-lifte...

So speaking with those sorts of lawyers? Who have won fights against this secret system through a public court of law? Yep, those exist.

Keep in mind, those we disagree with within the federal government aren't malicious or evil. They think they're protecting us, and they think they're acting lawfully. It's therefore reasonable to me that they see themselves as bound by the legal system because otherwise, how can they think of themselves as acting lawfully? And as much as the legal system has been stacked in their favor, when they lose, they likely abide by those rulings against them. At least, that's my read out of how much effort those folks put into (successfully) updating the law to reauthorize their behavior when we get a rare win.

Now, our take is that the legal system has been grossly abused to carve out all of their current authority on surveillance. But that's where I think they're coming from.


"We have not received any request like this, and do not expect to. We have spoken with many lawyers particularly skilled and experienced in this part of US and international law. If we were to receive such a request we believe as do these others it would be highly unconstitutional on many independent grounds, and there is plenty of legal precedent there. With CALEA in particular, search engines are exempt."

This is a great response, except for the fact that it's completely irrelevant, because it doesn't tell you what would happen. Courts order things that are illegal all the time, and they don't always get stayed.

If they were served with a court order they felt was illegal that had not been stayed, could not get it stayed pending appeal, etc, would they siphon the data (or turn over data), or would they take contempt/jail?

If the answer isn't the latter, than the rest, IMHO, doesn't matter. I'm not saying they should, mind you, i'm saying i don't believe they are really better than anyone else here.

The same question should be raised about other countries.

They will, eventually, be asked to siphon off user data in various countries (and not oddball third world dictatorships, instead, large EU based and other countries). Will they do it, or will they block those countries/risk arrest?


We have not received any request like this, and do not expect to.

I think this answers the important question in the article, which is whether DuckDuckGo have received any of these requests.

now have a say in whether such actions can be taken by the NSA and whether they are unconstitutional are not?

We all have a say to the extent that we cooperate or not with requests like that, I don't find their preparations laughable at all. What do you expect them to do in response to the possibility of FISA requests?


Probably the lawyers are experts in the FISA court.


Contact with lawyers with access to closed hearings and classified proceedings?

I wonder if Google talked with those lawyers too…


Response from DuckDuckGo CEO from the article comments:

"Hi, this is Gabriel Weinberg, CEO and founder of DuckDuckGo. I do not believe we can be compelled to store or siphon off user data to the NSA or anyone else. All the existing US laws are about turning over existing business records and not about compelling you change your business practices. In our case such an order would further force us to lie to consumers, which would put us in trouble with the FTC and irreparably hurt our business.

We have not received any request like this, and do not expect to. We have spoken with many lawyers particularly skilled and experienced in this part of US and international law. If we were to receive such a request we believe as do these others it would be highly unconstitutional on many independent grounds, and there is plenty of legal precedent there. With CALEA in particular, search engines are exempt.

There are many additional legal and technical inaccuracies in this article and I will not address all of them in this comment. All our front-end servers are hosted on Amazon not Verizon, for example."


The beauty of the NSL system and the NSA acting outside the constitution is that no matter what anyone says there is no way to prove any statement made about receiving or not an NSL. In fact it wouldn't surprise me that if the NSA wanted the data they could compel someone lower in the company and the CEO might never know. How do you prove you are NSA-free if you are the CEO of an American based company? Really the only thing statement that people would believe today is actually showing your NSL publicly and telling the NSA to stuff it. If you haven't been targeted (or someone in your organization was) there is no way to prove it.


The key thing about Google et al is that they maintain user accounts and try to get you to stay logged in which means (a) they maintain huge data stores that are (b) tracked by user. While DDG can be required to turn over its records, could theoretically hand its unencrypted traffic over to the NSA, and in any event the NSA could simply pluck the packets off the air en route, it would then have to figure out which packet was from whom and join the dots itself. This is essentially no different from what I assume the NSA can do with any damn website, foreign or domestic, it likes.

As a further wrinkle, if you are logged into Google then it can watch your web surfing activity onto any website with embedded google code (analytics, adwords) which is pretty much most websites.

All of this comes down to Google is an advertising company. If DDG becomes an advertising company, watch out.


How is DDG not an advertising company already? One of the top hit on every search I do on DDG is an ad (actually in my testing I found if I do an informational search like "Barack Obama" I get an ad on DDG and none on Google). If advertising itself is the problem, DDG has already doomed itself.


You're right of course about DDG selling advertising — I assume at much lower cost than Google given their relative inability to gather intelligence about users. The big question is whether they have a non-evil business model on the horizon (sponsored links aren't bad of themselves, but they are the entrance to the rabbit hole Google has long since gone down and expanded into a giant underground complex).


If DDG ever becomes an anything company, watch out.

Seriously, what is the business model they could have that would not result in them collecting some set of info?

Donations?


DDG have a tor hidden service for search [1] and so you can search annonamusly through that, even if someone has access to the ssl privet key.

[1] http://www.gabrielweinberg.com/blog/2010/08/duckduckgo-now-o...


This almost makes no sense. Hidden Services exist to hide the location/identity of the server. You gain the same anonymity by visiting ddg.com via Tor. It's cool that they're running a relay though.


hidden services also exist to hide the location/identity of the client. hence, the user is guaranteed anonymity/privacy in his searches.


Eh, the clients anonymity is protected when they use a Tor exit node via a normal Tor session to ddg.com as well.


I think that connections to hidden services on the Tor network are encrypted end-to-end.


They are not encrypted at all. Tor provides anonymity (nobody can say where the captured traffic comes from), not encryption (nobody can read my trafic). You should use independent encryption inside Tor.

I2P is similar to Tor, but encrypted AFAIK.


Tor absolutely does provide encryption, except for the last link (unless it's a hidden service) just like the parent poster said. More information is available here:

https://ssd.eff.org/tech/tor

https://www.torproject.org/docs/hidden-services.html.en

EDIT: To be clear, I am saying that tor DOES provide end-to-end encryption, but only when you're using a tor hidden service -- which is also what the parent poster said.


The parent said end-to-end encryption, which Tor does not do. Yes, information through a tor circuit is encrypted. No, it's not enough if you need end-to-end encyption, the participants must arrange independent of tor for that.


But with a hidden service, the last unencrypted bit is all within the same server. It's a very different scenario from accessing the general internet: There's no exit server to worry about, except for the service you're connecting to.


Tor traffic is encrypted all the way through the network until the exit node. However, your point still stands: Use end-to-end encryption (SSL/TLS) to prevent someone at the exit from seeing your traffic.


Yes, they are encrypted, but it's not end-to-end. I should have made my post more clear. If you need end-to-end encyption, participants must explicitly arrange for it independent of Tor.


You're right, connections to Tor hidden nodes are encrypted end-to-end ...but so are SSL sessions over Tor e.g. https://ddg.com


> "DuckDuckGo can easily be compelled either under the Communications Assistance for Law Enforcement Act (CALEA), standard court orders, or by secret orders from the Foreign Intelligence Surveillance Court (FISA) to provide tap-on-demand"

Can they actually do that? I mean it's one thing to just "hand over the data" you already have about the user, and maybe even compel the company to decrypt it (although I still think that's BS [1] and companies should fight against it), but can they actually force a company to spy for them, and change their service in such a way that makes it possible? Does FISA and the Patriot Acts actually imply that? Or does he mean it might be yet another one of their "interpretations" of the laws?

Either way, if that's possible, just start using StartPage.com. They're based in Norway.

[1] http://paranoia.dubfire.net/2010/09/calea-and-encryption.htm...


I think that a common misconception of the current discussions is that people still expect NSA to obey some kind of law.

Never been to the US, but I grew up in a country trying to recover from a dictatorship, so I never believe that secret services have any law to obey.


> I think that a common misconception of the current discussions is that people still expect NSA to obey some kind of law.

I realize that, and I know many things they are doing are extra-constitutional, and even extra-legal. But that was precisely my point. How can the companies just stand to being bullied by law enforcement like that just because "they say so", especially when they think that what they're asking them is at least unconstitutional.

And I know there's a difference between how easy this is in theory, and how easy it is in practice, but come on - what are they going to do? Put Ballmer or Larry Page in prison for not obeying them? The companies would have the best 100 lawyers in the world fighting for them.

It just pisses me off that some companies seem to cooperate way too easily with the mass spying, either because they find no problem with it themselves, or they're just too scared to try anything, even as big corporations.


"...what are they going to do? Put Ballmer or Larry Page in prison for not obeying them?"

Sure, why not? It may sound ludicrous but do you really think it's beyond the realm of possibility? You should look up stories about the CEO of Qwest and what he claims happened to him when he said no to the NSA (in 2007) [1].

[1] http://www.businessinsider.com/the-story-of-joseph-nacchio-a...


> And I know there's a difference between how easy this is in theory, and how easy it is in practice, but come on - what are they going to do? Put Ballmer or Larry Page in prison for not obeying them? The companies would have the best 100 lawyers in the world fighting for them.

There are many ways to destroy people's life's besides putting them in prison. Dictatorships teach that quite well.


All they have to do is arrest the and hold them pre-trial. Do you think any billionaire would tolerate the opportunity costs resulting from two or three years in pre-trial detention?


> but can they actually force a company to spy for them, and change their service in such a way that makes it possible?

Hushmail is the standard example here. They provide encrypted email. Criminals used them for communications. Law enforcement went to hushmail with correctly formed legal documents, and Hushmail handed over plain text from users.

There are two ways that plain text is available: using the web client encryption is done on the server. There's a step where plain text is available to Hushmail.

Or if users are using the Java client Hushmail could push a malformed version to the user. This is something that Hushmail has said themselves.

This wasn't under any weird FISA or patriot act law either.

(https://en.wikipedia.org/wiki/Hushmail#Compromises_to_email_...)


How do you think phone taps work?


If what's written in this article is true, that basically means that even hosting a server in the US is basically a breach in privacy.

Do you think this is reliable information?


You might be surprised how many non-US citizens will agree with that statement.


What makes you think that hosting a server in one of the world’s oldest democracies, the country among the first to have a written constitution and a strong bill of rights, the land of the free, would not be a breach of privacy?

Oh wait…


One of the world's oldest democracies? You mean Switzerland? Well, hosting a server there might be a good idea.


‘one’ is still an indefinite, rather than definite, article, and the USA are certainly one of the older, still-existing democracies (even though, of course, there are even older ones).


Iceland does Switzerland even better.


Before drawing any conclusions from this, I recommend reading Gabriel Weinberg's response in the comment section. I felt considerably better after reading it.


I felt considerably worse, because he takes a very naive view of the legal realm.

Let me expand a bit: I don't think Gabriel is lying/dumb/whatever. However, the statement given essentially comes out to "If we had to, we would fight the good fight and we very strongly believe we would win". I'm all in favor of fighting as hard as you can against broad/illegal/user harmful orders/etc.

But at some point, you will lose, even with the law and moral justice on your side. This is a certainty. Google has lost. Yahoo has lost. Twitter has lost. Microsoft has lost. Contrary to the belief that they are cooperative, they don't want anything to do with anything, and fought with more resources and energy than DDG probably can muster (again, no offense to Gabriel).

Let's ignore for a second whether they have any data to give or not. The point is that at some time in the future you will not just lose temporarily, you will lose in a way that you have to make a choice because yourself/your business/your livelihood and your users privacy.

Believing otherwise makes you naive in my eyes.


> Google has lost. Yahoo has lost. Twitter has lost. Microsoft has lost.

Lost in what sense? The question here is whether service providers can be compelled to send data that was never stored on disk to law enforcement. I've seen the news that Skype calls are streamed (in accordance with their privacy policy[1]), and I guess this can be viewed as Microsoft losing, but what about the others?

1. "Skype, Skype's local partner, or the operator or company facilitating your communication may provide personal data, communications content and/or traffic data to an appropriate judicial, law enforcement or government authority lawfully requesting such information. Skype will provide reasonable assistance and information to fulfill this request and you hereby consent to such disclosure."


Yeah, but I still agree with the article.

If the information flows via machines located in the US, NSA can get to the information at several levels.

Then it also depends how much of the law, NSA makes for itself.

Like any HN reader that lived through dictatorship governments can attest, what the law says and the secret services do, doesn't need to be in sync.

And opposing them, well, there are plenty of ways to change people's mind that the right way is to help them.

If this is the direction the government will carry on doing, good luck opposing them just by switching providers, without doing anything more active.


Looks like I'm moving to iceland.


Yeah, his response made me laugh out loud for like 30 seconds straight.

How uninformed and naiv can one CEO be? Did he hear about the secret courts at all?


MegaUpload, LastPass and others are provably not able to access your information. Storing the encryption key yourself is the way to go.

But then the govt can capture you and make you give up the key. A whistleblower can threaten to have more incriminating evidence disseminated encrypted somewhere, and if he doesnt check in every 30 days it gets released ... but then the government can just torture him until it makes him give up the key he uses to check in every 30 days. It wouls take a really stubborn guy to persist and let the information be released. Since you dont have any information like that anyway, just assume that if you can access your own data the govt can compel you to do it for them.


MegaUpload, LastPass and others are provably not able to access your information

Where can I find the proof you're talking about?


If you want to prove it to yourself, fire up Wireshark.


Sorry, I'm too tired to continue this bullshit conversation in a different tone, so here's a somewhat angry rant.

EGreg said "provably not able to access your information", which means that there's a proof of some kind. What the fuck does "prove it to yourself" in your comment mean? That I'm now responsible for writing the security proof? That you acknowledge that no such proof exists, but I can write it myself?

Oh, you probably didn't mean "prove", you meant "ensure", as in I can ensure that the traffic between Mega and my browser is encrypted. What does this say about security? Absolutely fucking nothing!

It's a known fact that Mega is NOT secure. Even if you store your key locally, and they don't know it today, they can do the fuck they want with their web pages: next time you login, they can send you a piece of JavaScript to decrypt everything, or read your key, or... just do anything! If you're looking for an example, this happened with HushMail (http://en.wikipedia.org/wiki/Hushmail).

Anyway, I didn't really mean to ask for a proof, because I know that there's no security proof that "Mega, LastPass and others" are not able to access my information, I was looking for a way to encourage EGreg to do some research and declare that he was wrong, because his claims are fucking dangerous. I certainly didn't expect replies like yours.


Lastpass does encryption client side. The difference is that would require an active attack (pushing new code in an update) with a chance of being spotted by a reverse engineering attempt.


Who says that the backdoor hasn't been shipped since the first release and just sits there idle waiting for a nudge from the server?

A larger point that security is based on trust. Trust is based on assumptions, especially and exclusively when it's a closed source software. Assumptions that what the company says is true. Now we know that they can be forced to lie and any claims of the security just crumble as a house of cards.

Even if LastPass would've been an open-source, it made a little difference as the company could've been forced to distribute binaries made from altered sources. It wasn't easy to build trust before, but it's going to be nearly impossible to build it now. Though it's not to say there isn't plenty of people who are after pseudo-security and who are easily lulled by cross-my-heart promises squirting out of every second company now.


True, they could have shipped a backdoor since day 1 but it's unclear what their incentive would be to do so and they run the risk of it being found with a reverse engineering attempt.

Is there any basis in law under which the government can force a company to distribute altered binaries? If the government can force you to add a backdoor in your own product, in effect they have the power to demand that you perform free labour for them.

That would seem to form a basis for also demanding that a person work as a spy for them etc.


You haven't been paying attention recently at all, have you?


What is that supposed to mean?


There are "incentives" that are shoveled down companies throats and secured in place by gag orders. Perfectly legal too.


You're right, I used the word "prove" way too loosely.



Gibson is about as credible as I am when it comes to security - ie, not very.


Credibility doesn't matter, as I'm not asking for a confirmation from an expert: EGreg claims there is a security proof of some kind.


Sorry, this is the first time I'm seeing a security proof in the form of interview, so I can't find it. Could you point out the relevant part?

Also, what about Mega?


If you use forward secrecy, you shouldn't have any key to give, right? DDG recently announced support for forward secrecy.


Are you sure? And in any case how would you know? Perfect forward secrecy is hard to implement with TLS:

https://www.imperialviolet.org/2013/06/27/botchingpfs.html

"So how do you run forward secrecy with several servers and support session tickets? You need to generate session ticket keys randomly, distribute them to the servers without ever touching persistent storage and rotate them frequently. However, I'm not aware of any open source servers that support anything like that."


Hmm, CALEA is really not the right law to be referencing. CALEA generally applies to wiretaps and specifically derives from telephony surveillance and is more relevant—and worrying—to a Twilio or SendHub, rather then DDG.

It's more likely to be a portion of the PATRIOT Act (Sec. 215 and possibly 217, h/t to Marcy Wheeler for the education here: http://www.aclu.org/free-speech-national-security-technology... and http://cyber.law.harvard.edu/privacy/Introduction%20to%20Mod...) or the specific update to it (Protect America Act of 2007, FISA Amendments Acts of 2008 and most recently 2012) to bring the warrantless wiretapping scandal back into "compliance," and seemingly updating PATRIOT for the current round of surveillance, which was likely reauthorized Dec '12.

Now, the FBI recently floated a trial balloon of what we're calling CALEA II, but that's focused more on compelling the providers of in-browser chat products to create backdoors for surveillance: https://www.cdt.org/files/pdfs/CALEAII-techreport.pdf It's not current law yet, and we're fighting to prevent the proposal from becoming law.

It's a point of precision that doesn't detract from the author's main point.

Just as an update, the legal debate is continuing over both the NSLs themselves and their related gag orders: http://www.networkworld.com/community/blog/fbis-national-sec... I'm not sure how or where this case escalated to, but the last time a court declared the gag order to be unconstitutional, it took an act of Congress to reauthorize it, which will be a difficult sell right now.

For a final note, here's a counter by the DoJ about how I'm wrong, for whatever that's worth: http://www.justice.gov/archive/ll/subs/add_myths.htm

And for full disclosure: I consult with Center for Democracy and Technology (CDT) on reforming Electronic Communications Privacy Act (ECPA) of 1986, which is a similar but not directly related issue.


You don't even need to ask ddg for a private key, go straight to certification authority.


I see this comment in so many stories lately.

Certification authorities do not, in general, have the private keys corresponding to the public keys they sign. Some CAs will generate a key for you and claim not to keep the private half once you download it, but any security-conscious site will opt to upload a signing request for their own public key instead.

So, that rules out the possibility of passive spying on HTTPS traffic.

As for active spying, a CA could certainly produce a certificate for a MITM attack, but many modern browsers or browser extensions will rapidly detect that, so doing it on a large scale will fail and be detected. The same goes for most security exploits: a large scale systematic exploit will not pass silently.

MITM or exploits on a small, targeted scale have some chance of working, depending on the target, but if a government-scale entity targets you personally, you're pretty much screwed anyway. HTTPS still effectively protects against a large, systematic, undetected dragnet of traffic.


This is correct. The easiest path for the NSA is simply a FISA court order. The whole cert thing is an interesting academic exercise, but probably completely unnecessary.


Yeah, but your "I know how SSL works" story is probably an NSA plant so that the NSA can read my secretz. NSA NSA blah blah NSA

NSA


Suspecious username for a plant-critique "blabla". If you had read any of the CA posts you'd both know why that is the case, and also how easy it would be to test.

I can give you a private/public key, certificate, the CA (and password for that) and some traffic I've sniffed while interacting with a webserver, using the forementioned key and certificate.

Good luck decrypting the traffic. The only thing you'd be able to succesfully do is pretend that YOUR server is actually mine (and proxy from your server to mine). That's an undetected breach, and an MITM attack.

OPs point is still entirely valid. You got my private key from ME, not the CA, and even then you're unable to decrypt the traffic (past).


You're really not helping improve the conversation by posting sarcastic responses like this.


Thus article states that the NSA will get the information anyway. Even if this is true it may be a good thing to choose a search engine that makes a point of at least not tracking you itself. Sadly Google has much better search results...


The article is completely missing the point. Of course the NSA can get information from DDG, the point is that there is not much information to be earned there in the first place, and the searches are not associated with your google account, let's say.


Lots of comments here. Not sure if it is already covered or not. So I will be brief.

DDG, hushmail, etc. Doesn't really matter does it if the NSA gets you at your internet connection and reads what you are doing from your service providers trunk?

You can DuckDuck and Go and hush your email. If they are grabbing it at the point of your modem and your internet provider, the illusion is you are secure but really you are not.


Data for such services leave your computer encrypted with SSL.

Bugging your computer (and/or phone) is probably the best way to track your communications clandestinely.


>> Can they refuse to collaborate with the NSA if approached? What I would like to know if they can really refuse when big corps such as Google, Microsoft and others can't?

>> Gabriel Weinberg comment: We have not received any request like this, and do not expect to. But if they receive such request can they just really say NO while other big companies can't?


EDITED: Thanks guys, it seems like I managed to paste over most of my post with the clipboard filled with the last one. Thanks for being so nice pointing it out. Sucks, the on topic one i destroyed was leaps above the banal content that replaced it. Let something here to avoid you guys being orphaned. Sorry for reducing the signal to noise ratio!


You posted this same comment here: https://news.ycombinator.com/item?id=6040733

But added a section on DDG to the bottom...


Also consider the holland based search engine www.startpage.com which has al kinds of certificates.


They also really hate it when people point out their privacy flaws. See http://www.alexanderhanff.com/duckduckgone


Except those aren't privacy flaws. He's wrong about DDG setting cookies by default, the easter egg issue, affiliate revenue, and US law. He got so much wrong that I can't take the post seriously.


He's so pretentious it makes me chuckle.


Really hate it? Gabriel responded quickly and thoroughly on his forum: https://duck.co/topic/we-have-to-talk-about-ddgs-honesty


the main argument of this page is "nsa can hack everything cuz google got hacked by the chinese"

yeah thanks for the tip, that's so insightful.


This "blog" has one post and was specifically started to bash DDG.

I don't use the duck (yet?) but to me it looks like an attempt at black PR.

Even if the duck doesn't give full anonymity, I would still prefer it to Google - the new leaked slides revealed that NSA has direct access to Google, whereas with ddg, they'd have to snoop upstream.


I am the author. I did start that blog just for that post. I have never blogged before in any substantial way, but the naivete of comments from the CEO of DDG and the fact that users reading articles like in The Guardian might be misled into believe they are protected from NSA monitoring by DDG, motivated me to blog. No black PR. I don't work for any other search engine company, I am an American working for a small software company in Tokyo, Japan.


> I am the author. I did start that blog just for that post.

Can you prove that you are not an agent of the NSA trying to dissuade people from using services like DDG? I mean, you are using BlogSpot of all services, so you are directly contributing to the tracking of individuals (heck, you are encouraging it), so forgive me if your motives are suspect.

Frankly, that you cannot prove otherwise, I think you should say as much: that you should not be trusted.


Can you prove that you are not an agent of the NSA trying to dissuade people from using services like Google? I mean, you're using HN of all services, so you're directly contributing to the Silicon Valley culture that arms the NSA with tracking tools (heck, you're encouraging it!), so forgive me if your motives are suspect.

Frankly, that you cannot prove otherwise, I think you should say as much: that you should not be trusted. I say good day, sir.


Yeah that was the message. Not really sure if you got it, or missing the point though.


Why should you be trusted? Most people can't prove anything about themselves that is not subject to falsification - given deep enough cover, anything is possible.

Asking a blog author to prove a negative, which is impossible, is silly. Argue with the message, not with the messenger.


Why should I be trusted? That's the point. Seems you missed it?


No, actually, it's not the point, it's completely tangential to any point.

Either someone has valid points or they don't.

It doesn't matter whether it's a pathological liar saying it, or the most truthful person in the world. Either his criticisms of duckduckgo have merit or they don't.

Motives, while interesting to speculate about, do not change the strength of the argument.


> No, actually, it's not the point,

No, actually, that was my point, and while you can disagree with my point, you can't tell me what my point is.

Listen, I'll make it easy for you.

> Either his criticisms of duckduckgo have merit or they don't.

So let's say they have merit. That means they have merit in all cases. Nothing is 100% proof against surveillance. Nothing is. So once you get over that, the rant against DDG is pointless. Because if at a technical/legal level, nothing can protect you, then everything is equal. What you have left is things like intent. In this case, the intent of DDG is to do what they can to protect you.

And they've taken distinct steps to do that. Steps that make DDG different from Yahoo, Google, Microsoft and others. Heck, comparing those three to DDG is disingenuous at best because they aren't even remotely the same (even if you consider them all search engines). This is especially true when you include the quotes the OP was trying to use. Using the OP's own evidence that he keeps using, it doesn't say what he wants it to say.

So, the only way his criticisms hold water is if nothing can protect you. He wasn't arguing that.

So, maybe we need to trust no one equally.


"No, actually, that was my point, and while you can disagree with my point, you can't tell me what my point is. "

Then your point has no merit, or place, here.

The rest seems like a completely different argument, and your original post, an ad hominen attack for no reason.


> Then your point has no merit, or place, here.

Considering you were wrong in the first place, how the fuck do you know?

> The rest seems like a completely different argument, and your original post, an ad hominen attack for no reason.

What? The rest seems like a completely different argument, and my original post? What? WTF are you trying to say?


Shhh, don't ruin the ongoing circle jerk.


are we still all just forgetting the fact that DDG is just an aggregator of other search engines. Specifically Bing.


How about the article writer test this before writing? Do DDG-searches about:

  - A violent political/religious subgroup.
  - Politician XXXX's opinions about said group
  - The future travel to your locality of XXXX
  - How to build bombs with YYYY.
Just make certain to wear a bullet proof jacket while reading... :-)

But seriously:

Sure, the NSA probably index searches on DDG. Of course. It is fully possible DDG isn't aware of it, too. It is too obvious to be at the top of HN.

I might have followed the subject too shallowly, but it really surprises me that I haven't seen the responsible politicians talk about the real problem here.

You can make a good argument that pervasive monitoring is a good thing in the short perspective (which the supporters do), but over a longer time?

After a long time of military or economic problems you get paranoid tendencies (see McCarthy, Putin, 9/11). I have no idea how likely a 1984 scenario (or a present day Russia!) is -- and neither do anyone else.

The people responsible should have answers to these questions before making the decisions. And now they should discuss that. (Or doesn't a risk exist if it can happen after they are out of office? Or do they really think there will never be any political/economic bad times again?)


   Sure, the NSA probably index searches on DDG. Of course. 
Well the searches are encrypted so the nsa should have access to the servers themselves right? I dont now if DDG provides forward secrecy though..


We are talking about the same (or a sister) organization that created the viruses in Iran and the Middle East. Civilian search companies aren't as high on the agenda as rouge states' nuclear weapon programs, but still.


DuckDuckGo: illusion of privacy?

His point is that if NSA wants they can do this and that. I suppose they can also take you to a Romanian black ops site and beat you bloody till you cough up your passwords. The idea is for average Joes and Janes to have a little bit more privacy. When you search on Google, they try everything possible to have you search while logged on and save your search history. All this is linked to:

your real name, location (Android)

maybe credit cards (Google Play, Adwords)

emails sent

videos watched

books read

sites visited (Google Analytics, sites visited that serve Adsense, Google hosted jQuery)

your private docs (G Drive, Documents)....

This is of course to make more money off you, they can charge more money to advertisers, and all this info is ready to be siphoned by Booz Allen and Hamilton employees and to be added to your file.

What do they get from DDG? Relatively speaking, nothing. The idea is to split your activities to make it harder for them, which is great for an average user. By using everything Google, it's even better than sending them a memo detailing everything you did each night.

If you're a target, long live TOR, which is not really usable on Google.


I'm surprised by how many world class super spy/hacker types there are on HN...who knew that, besides just generally being snarky about shit that you half understand, that you had so many secrets to protect?


I'm surprised you don't recognize the principle of the matter. There was an article posted a while back about "in a world of perfect surveillance, legal change would be impossible". Much of social progress came about because people could communicate in secret.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: