Hey Z,
On 23/08/13 18:21 PM, Zooko Wilcox-OHearn wrote:
Dear Jon: Thank you for your kind words and your detailed response. I am going to focus only on the issue that I think is most relevant and urgent for your customers and mine. That urgent issue is: what's the difference between the now-canceled Silent Mail product and the products that you are still offering, such as Silent Text?
I think this issue is important, and it is good to get all the opinions out in the air. And I especially like that we can debate the merits of an engineering decision with a venture like Secret Circle, and for once not have to deal with the normal corporate mouthpieces out of which stream very fine and pretty streams of bubbles.
That said... ...
This changes the equation, because it means not only can the U.S. federal espionage authorities say "Backdoor all of your customers or close your business.", they can also say "Backdoor all of your customers or go to jail.". As the owner and CEO of a privacy-protecting service (https://LeastAuthority.com) and a U.S. citizen, and as the father of three precious boys who do not want to be separated from me for any length of time, this concerns me greatly.
I'm not convinced that the US feds can at this stage order the backdooring of software, carte blanche. Is there any evidence of that?
(I suspect that all their powers in this area are from pressure and horse trading. E.g., the export of cryptomunitions needs a licence...)
...
Why do you think that this scenario is plausible? I don't think it is plausible. Instead, I think the conversation would go like this: Silent Circle: "… and then wait for all of our customers to automatically upgrade to the new version!" Attacker: "Okay. Do that."
So at this stage, SC can ask for the order from the court that particularises that request.
The point being here that the court can easily order the handover of documents that are kept. It cannot however easily order the business to go and get the documents it doesn't have. The court does not typically interfere in the business of business; rather this is all about an intermediate step of facilitating the 'discovery' of evidence that might be available, for some investigation. Ordering the discovery of evidence that didn't hitherto exist, for a crime that isn't as yet to be discovered raises ... difficulties.
...
The stated reason was that the US federal government could compel Silent Circle to backdoor the Silent Mail service. That same reason applies today to the Silent Text service and the other services that Silent Circle is still operating.
I would be surprised if there was a single stated reason. It makes no sense for any provider of any business to suddenly roll over and say eek when the feds turn up and go boo.
Perhaps this is in part because, as far as I can see, the decision makes perfect sense. The decision is really about the engineering differences between email and chat. I would do the same.
In short, email is practically rather difficult to secure. Because, with a nod to the other thread, amongst many reasons: it is a standards-based monster, it has no limits to who and where, lots and lots of metadata is spilt out, and finally we need *all* the clients to be fixed to win so network economics are against us.
Whereas chat is securable. Chat typically is a closed system, one client, or at least one protocol provider, and the metadata can be limited. The difference is significant.
You can see this in the large with something like OTR which is trying to secure all other chat systems. As we get broader and more inclusive, the security provided starts to look more limited in its utility.
I am assuming that Silent Circle are doing a private chat system. That's easy to secure (I mean, easy in the hand-waving sense in a crypto group). But email ain't that closed system, and any promise that SC makes looks increasingly as tho it isn't worth making, and I commend them for trying, and then realising they are not going to be able to keep it in any meaningful way.
Currently, the US federal espionage agencies can compel Silent Circle to secretly provide access to all of Silent Circle's customers' private communications.
I do not believe that to be the case. As yet. I think they can compel the communications that SC might have, but not their customers' private comms.
That's too bad. But it is fixable! But to fix it starts with admitting what the problem is.
That said, I think that you are right that the distribution of untampered copies is a serious issue, and one that will eventually be something SC will wrestle with.
iang _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
